Support Login

How can I stop brute force attacks on my Magento installation? Print

  • 1

By default, accessing a Magento store backend is as simple as navigating to in your browser. Unfortuantely, because the default Magento backend URL is common knowledge for brute-force attackers, it makes brute forcing it an easy task, but by using a custom admin path, you can make it a little less easy for them.

Changing the admin path can be done in three steps:

  1. Open the /app/etc/local.xml configuration file
  2. Find <![CDATA[admin]]> and change “admin” to the path you would like to use. For example, if you change it to youradmin, the admin path will now
  3. After you have changed this URL, refresh the Magento caches.

Was this answer helpful?

« Back