Although Adobe does its best to improve Magento security with each release, it's hard to avoid brute force attacks and other malicious actions entirely. However, there's something you can still do.
Since a majority of attacks are focused on the admin panel, you need to track the login activity very thoroughly. So, you can identify where and whom the login attempt comes from. That's what the
helps with.To track login attempts in Magento 2:
1. Install the Magento 2 Admin Action Log extension and navigate to the Admin Action Log configuration through Stores > Configuration > Admin Activity Log > Admin Login.
2. Enable the login log and navigate to System > Admin Activity Log > Login Log to find all login attempts for a certain period.
Additionally, you can filter through the login attempts using filters:
- Date — date and time when the login attempt occurred
- Adin User — the login ID of the admin user
- IP address and Location — the computer and country admin user logged in from
- User Agent — browser the login attempt was made from
- Status — status of the login attempts — success, failed, logout.
All these details allow you to maintain a safer environment in your store and always be aware of who logs into your admin. But that's not it.
To monitor all admin activities, you also need to track changes admin users make in your admin panel.