Sentinel Admin Security - Advanced Protection

Preview: Sentinel Admin Security - Advanced Protection

Self-hosted

Support

Support by: enno.digital
Support languages:

This Extension Partner responds very quickly to support requests

Details

Order number: Enno845829913627m
Extension Partner: enno.digital
Version: 2.0.0
Last update: 14 May 2024
Language support:
Self-hosted compatibility:

6.5.0.0

6.5.1.0 – 6.5.1.1

6.5.2.0 – 6.5.2.1

6.5.3.0 – 6.5.3.3

6.5.4.0 – 6.5.4.1

6.5.5.0 – 6.5.5.2

6.5.6.0 – 6.5.6.1

6.5.7.0 – 6.5.7.4

6.5.8.0 – 6.5.8.10

6.6.0.0

6.6.0.2 – 6.6.0.3

6.6.1.0 – 6.6.1.2

6.6.2.0

You want to secure the admin area of Shopware 6 even further or see which IP a certain... more

Close menu

Product information

Highlights

IP lock on unsuccessful logins in admin (brute force protection)
IP whitelist for company networks with fixed IP
Change the URL of the admin area

Features

Log for logins and login attempts in the admin
Mime type control for media upload
Easily read the admin log using the free “Tools” plugin from “Friends of Shopware” via the log viewer

Description

You want to secure the admin area of Shopware 6 even further or see which IP a certain administrator has used to log in? Our plugin supports you to improve the security of your store.

IP lock:
If the IP lock is active, then after a defined number of incorrect login attempts (e.g. 3 attempts) the IP address is locked for 30 minutes. With this function you can allow a limited number of login attempts before the IP address is automatically locked to prevent unauthorized access by intruders (brute force protection). The attempts are reset as soon as there is a successful login.

IP Whitelist:
This means that even if general IP blocking is activated after repeated failed login attempts, networks and users whose IP addresses are on this whitelist will still retain unrestricted access. This is particularly important for corporate networks to ensure that they are not accidentally locked out despite the high security measures.

Admin Log:
In addition, the plugin ensures a comprehensive log for logins and login attempts in the admin area. This detailed log allows you to monitor suspicious activity and detect potential security threats at an early stage. You always keep track of who logs in or attempts to log in to your admin area.

Mime type control:
Another powerful feature is the mime type control on media uploads. Sentinel protection closely monitors and controls the uploaded file types to ensure that only allowed file formats make it to your website. This significantly minimizes the risk of malware infections from malicious files, while maintaining the integrity of your website and the security of your user data. Thus, it is no longer possible to upload a script disguised as an image file.

Frequently Asked Questions

What is IP blocking good for? IP blocking is a protective measure that is activated in the event of repeated incorrect login attempts from the same IP address. It prevents brute force attacks, where hackers try to gain unauthorized access by repeatedly trying passwords. The lockdown protects against such attacks, detects suspicious activity and slows down the attack process, which increases the security of online accounts and systems.
How does IP blocking work? The IP lock acts as a shield against brute force attacks. In case of repeated unsuccessful login attempts, the system stores the IP address and the number of attempts. Once a predefined limit (typically 3 attempts) is reached, the lock blocks the IP address for about 30 minutes. This block prevents unauthorized access. The setting, for the maximum number of attempts, can be adjusted via the plugin. After a successful login, the counter is reset. This increases security, while legitimate users are still granted access.
Help, I have locked myself out. What should I do? The spear is automatically removed after 30 minutes. If they want or need to access again faster, they need a database access. In the database table of the plugin you can unblock it.
What is the mime type control? Mime-type control is a security measure used to check uploaded files for potentially malicious content. Before we dive into the details, here is a brief explanation of what a mime type is: A mime type is an identifier that indicates the content type of a file. It helps software applications find the right way to handle a particular file. When uploading files to the Media section, our plugin performs a mime-type check. Not only the file extension, but also the mime-type of the file is analyzed. This double check is important because file extensions could be manipulated to disguise malicious code. An example illustrates this: If someone wants to upload a file with the extension ".png", it is now not only checked whether the file extension "png" is allowed but also whether the mime type matches "image/png". If not, the file will be rejected to protect the system from possible attacks.
Why was my media upload blocked? It may happen that a safe-looking file upload is rejected. If this happens through our plugin, the reason is that the mime type of the file does not match its extension. For example, a ".png" file could have the mime type "image/jpg" before uploading due to incorrect creation or conversions. Unfortunately, we cannot automatically detect such cases. To solve the problem, it is necessary to adjust the file to ensure that the extension and mime type are correct. This is important to ensure system security. Note that the list of allowed mime types comes from the Shopware underlying Symfony modules and was not created by us. This helps to ensure security and minimize risk.
How or where can the logs be viewed? The log files are located in the default log directory of Shopware under var/logs/. In the admin they can be viewed with the free "Tools" plugin from "Friends of Shopware".
How do I find out my IP address? On the Internet there are several online tools to find out your public IP address. However, if you want to be sure that you have the correct IP address or if the Shopware is connected to your local network, you can use the maintenance mode field of Shopware to find the correct IP.

Show all questions and answers Show fewer questions and answers

Read, write and discuss reviews... more

Close menu

Customer reviews

As the owner of this app you can rate it in the Shopware account

Rate now in your account

Average customer rating from 2 reviews:

Total

Functionality

Usability

Documentation

Support

Das Plugin ist ein absolutes Muss für jeden Shopware 6 Nutzer, der Wert auf Sicherheit legt

From: Benny Gränitz

20 Nov 2023

Die IP-Sperre und Whitelist-Funktionen bieten einen robusten Schutz gegen Brute-Force-Angriffe, ohne dabei die Zugänglichkeit für vertrauenswürdige Netzwerke zu beeinträchtigen. Das Admin-Log zusammen mit dem 'Tools'-Plugin von 'Friends of Shopware' macht die Analyse zum Kinderspiel. Ein unverzichtbares Sicherheitsupgrade!

Total

Functionality

Usability

Documentation

Support

Schon kurz nach der Installation wurden erste unautorisierte Login-Versuche erfolgreich blockiert

From: Jan Deutsch

22 Sep 2023

Dieses Plugin bietet vielfältige Sicherheitsfunktionen wie IP-Filterung und die detaillierten Admin-Logs. Der Support von enno.digital ist erstklassig und immer schnell erreichbar. Ein absolutes Muss für jeden Onlineshop, definitiv die Investition wert!

Total

Functionality

Usability

Documentation

Support

Close menu

Configuration manual

Install and activate.

About the "Enable IP blocking for incorrect logins" setting:

If you use a proxy in front of your store that redirects all requests to the same IP, you should disable this option or add an IP exception, otherwise you may lock the entire store for all users.
If you disable this option, then perform some failed logins from the same IP address in an incognito tab or another browser, and then re-enable the setting without performing a successful login, they will also be automatically locked out for 30 minutes.

Close menu