General

How to Secure Magento 2 Admin [Updated 2024]

Hello Magento Folks?,

What are you all doing? Hopefully, all are safe and healthy. In today’s article, I will illustrate Magento 2 Secure Your Admin. Also, check our previously placed article How To Cancel A Shipment In Magento 2. Let’s Get Started with today’s topic?

Introduction:

All the E-commerce running stores, especially Magento should always be sure in upgrading the security of the administration. It is mandatory to manage your admin system to prevent your store from the hackers who are trying to attack your store. For securing your Magento 2 store I will help you to configure your admin security. Follow the below-illustrated steps for securing your Magento 2 Admin.

Steps to Secure Your Magento 2 Admin:

Step 1: Firstly, navigate to Stores > Settings > Configuration>Advanced > Admin and explore the Security section.

Step 2: Fill out the details accordingly.

Admin Account Sharing: “YES” if want to use in multiple computers else “NO”

Password Reset Protection Type: Select your desired type for protecting the Reset Password option of your Magento 2 store.

Recovery Link Expiration Period (Hours): Enter your desired time for Recovery Link Expiration Period

Max Number of Password Reset Requests: Enter your desired number for requesting for password reset per hour.

Min Time Between Password Reset Requests: Enter your desired number for the minimum time to request for password reset per hour.

Add Secret Key to URL’s: Select YES to enable and NO to disable it is recommended to Enable it as it prevents all the CSRF(Cross-site request forgery) attacks

Login is Case Sensitive: Choose “YES” to identify differences between lower and upper case characters for disabling choose “NO”.

Admin Session Lifetime (seconds): Add the time period for admin session lifetime in seconds.

Maximum Login Failures to Lockout Account: Add the number for deciding how many times users can enter wrong passwords.

Lockout Time (minutes): Enter the lockout time for your Magento 2 store.

Password Lifetime (Days): Add number as per your desire for password lifetime that the user can log in before it expires.

Password Change: Choose “forced” force the users to change the password before it expires else you can select “Recommended”

Step 3: Save the configuration

That’s It.

Over to You:

Therefore, with the help of the above steps, you will be able to Secure Your Admin in Magento 2. If you find any problems in implementing the above illustration then do comment down in the comment box I will be happy to help. Be yourself helpful by sharing the article with your Magento friends. Till then Stay safe and Stay Helpful.

Happy Reading?

Click to rate this post!
[Total: 6 Average: 4.3]
Gaurav Jain

Gaurav Jain is Co-Founder and Adobe Certified Expert-Magento Commerce Business Practitioner. Being Computer Engineer?‍? and possessing Extensive Marketing skills he handles all kinds of customer Queries and his Happy? & Helping? Nature makes customer's day Delightful. When he isn’t working, you’ll find Gaurav Reading on Books? or Traveling?. Also, he is Speaker at Magento Meetups.

Recent Posts

NodeJS | Callback Function

In NodeJS, callbacks empower developers to execute asynchronous operations like reading files, handling requests, and…

7 hours ago

How to Show SKU in Order Summary in Magento 2?

Hello Magento Friends, In today’s blog, we will learn How to Show SKU in Order…

2 days ago

Best Colors to Use for CTA Buttons

The "Buy Now" and "Add to Cart" buttons serve as the primary call-to-action (CTA) elements…

4 days ago

Magento 2: How to Save Custom Field Value to quote_address for Multi-Shipping Orders

Hello Magento Friends, In Magento 2, the checkout process allows customers to choose multiple shipping…

5 days ago

Best Beginners Guide to Shopify Balance Account

If you are a Shopify admin, using a Shopify Balance Account for your business revenue…

5 days ago

8 Best Social Login Apps for Shopify Store in 2024

Running an eCommerce business can be incredibly demanding, leaving entrepreneurs little time to focus on…

5 days ago