Data Security is one of the major concerns for any website if one takes ongoing cybercrimes into account. Had a giant marketplace like Amazon been exposed to data theft or any such malicious activity, it would not have retained such a never-ending list of customers.

Having said that, OpenCart’s Web Application Firewall (WAF) Security module, ensures that a website or application does not encounter any unauthorized data or activity as it provides 2factor Authentication for admin customer and affiliate users and they can only login after scanning the QR code.

The store owner has the leverage to ban one or more IPs or Countries so as to restrict or allow specific users to log in to a website. This way one can secure and safeguard the website’s data without having to lose any crucial data of a website.

reCAPTCHA API keys are essential to configure the basic configurations of the WAF Security module.

• Initially, the user needs to navigate to the Google reCAPTCHA page.
• Clicking the admin console will redirect to the reCAPTCHA details page.
• The user needs to add a label for the reCAPTCHA.
• A reCAPTCHA type must be chosen.
• Add a domain where the user wishes to display the reCAPTCHA.
• The user must accept the terms and services and register in order to retrieve the keys.

Secure data is the key to real sales and revenue generation and it’s essential as well to ensure the integrity of any online data. The admin allows a 2-Factor Authentication for securing even the login process.

• As the store owners log in to the website, they will encounter a WAF pop-up.
• This pop-up consists of a QR code, which on scanning, provides a 6 digit code.
• The QR code is scanned using a Google Authenticator app installed on a smart-phone.
• This code is to be entered against the Google 2Factor Authentication Code tab.
• As the code matches, the admin can click on the authenticate button.
• If the code does not match, the admin needs to logout and follow the same procedure and scan a new QR code again.

Nowadays it is quite easy for hackers to attack online data. Therefore, when any suspicious activity is encountered, the store owner may ban one or more IP(s) and Country(s) to avoid any malicious activity.

• From the list of IP’s or Countries, the admin can enable or disable any IP or Country at any point in time.
• The admin may choose the disabled IP(s) or Country(s) to enable and allow data access.
• Likewise, the admin can disable the enabled IP(s) or Country(s) to restrict the data access.
• If any user, bearing the disabled IP/ Country tries to log in, it restricts the data access for the same.
• If any user, bearing the enabled IP/ Country tries to log in, it allows the data access for the same.
• This safeguards the data and protects it from data theft.

It is the prime responsibility of the store owner to ensure the safety of the customer's data, which may be extremely crucial at times such as card details.

This module assures to retain the integrity of the customer's data as well by providing the 2-Factor Authentication, Email Verification and Recaptcha at various levels for additional security.

• This module offers security at various levels for both the registered and new customers.
• The registered customers will find the 2factor authentication before logging in to their accounts.
• To login, the registered customers need to scan the QR code and add the code and authenticate.
• The new customers will find the verify email button for email verification while filling in the personal details for registration purposes.
• In the contact us form, the customers will find the Recaptcha option.