• INR
  • USD
Cart 0
  • You have no items in your shopping cart.
    Cart 0
    • You have no items in your shopping cart.


      Show More

      Hire a Developer

      Now You can Hire Webkul Developer and get Webkul Modules Customized as per your needs.
      Contact Us!
      Send Again

      Please Login to Write Your Review

      Product Image
      OpenCart, 2.x.x.x, 3.x.x.x

      OpenCart Security Suite

      OpenCart Web Application Firewall: This module offers an extremely interesting 2factor Authentication feature for admin, customers, and affiliate user login, which requires a QR code scan using a Google authenticator application installed on the smartphones. Also, the admin has the leverage to disable/ enable one or more IP/ countries, restricting/allowing specific users.


      * Required Fields

      Add To Cart$49.00 Buy Now
      Request Customization Hire Us
      Configure and Buy
      • Description
      • Reviews
      • FAQ
      • Customers ()
      • Specifications
      • Cloud Hosting
      • Customization
      • Changelog

      OpenCart Web Application Firewall: With so much data that is present online nowadays, it has become necessary to manage and safeguard the integrity of the data. For that, online business entrepreneurs are striving to integrate effective measures to ensure the security of the website and the customer's data. It is an essential step as well to develop customer's trust because it is one of the necessary steps to retain a customer which in turn is the key to a flourishing online business.

      Therefore, Opencart’s Web Application Firewall (WAF) Security is one such module that offers high-class security against data theft and unauthorized user access by providing the 2factor Authentication feature which allows login only after a QR code is scanned using a Google authenticator. It also offers features such as IP/ Country ban, restricting/ allowing specific users to log in to a website.

      Please Note -

      • This module supports all templates and themes including the Journal theme.
      • Opencart Web Application Firewall (WAF) Security supports the Multi-Store feature of default Opencart.

      Highlighted Features

      2-Factor Authentication

      To provide additional security, the store owner may allow 2-Factor Authentication for admin, customers, and affiliate users which requires a QR code scan while logging in.

      The Recaptcha feature

      The store owner may allow the Recaptcha feature as well for the admin login purpose.

      Restricting Data Access through IP/ Country Ban

      The store owner may disable one or more IP(s) and country(s). It restricts any user trying to login bearing the disabled IP or country.

      Brute Force Log

      It maintains the logs of the users who tend to make login attempts.

      Why is there a need for Opencart WAF Security?

      Data Security is one of the major concerns for any website if one takes ongoing cybercrimes into account. Had a giant marketplace like Amazon been exposed to data theft or any such malicious activity, it would not have retained such a never-ending list of customers.

      Having said that, OpenCart’s Web Application Firewall (WAF) Security module, ensures that a website or application does not encounter any unauthorized data or activity as it provides 2factor Authentication for admin customer and affiliate users and they can only login after scanning the QR code.

      The store owner has the leverage to ban one or more IPs or Countries so as to restrict or allow specific users to log in to a website. This way one can secure and safeguard the website’s data without having to lose any crucial data of a website.

      Web Application Firewall

      Gathering reCAPTCHA API Keys

      reCAPTCHA API keys are essential to configure the basic configurations of the WAF Security module.

      • Initially, the user needs to navigate to the Google reCAPTCHA page.
      • Clicking the admin console will redirect to the reCAPTCHA details page.
      • The user needs to add a label for the reCAPTCHA.
      • A reCAPTCHA type must be chosen.
      • Add a domain where the user wishes to display the reCAPTCHA.
      • The user must accept the terms and services and register in order to retrieve the keys.
      Gathering Recaptcha API Keys

      Admin Permissions

      Secure data is the key to real sales and revenue generation and it’s essential as well to ensure the integrity of any online data. The admin allows a 2-Factor Authentication for securing even the login process.

      • As the store owners log in to the website, they will encounter a WAF pop-up.
      • This pop-up consists of a QR code, which on scanning, provides a 6 digit code.
      • The QR code is scanned using a Google Authenticator app installed on a smart-phone.
      • This code is to be entered against the Google 2Factor Authentication Code tab.
      • As the code matches, the admin can click on the authenticate button.
      • If the code does not match, the admin needs to logout and follow the same procedure and scan a new QR code again.
      Admin Permissions

      WAF Security IP and Country Ban

      Nowadays it is quite easy for hackers to attack online data through SQL injections, DDoS, spam, etc. Therefore, when any suspicious activity is encountered, the store owner may ban one or more IP(s) and Country(s) to avoid any malicious activity.

      • From the list of IP’s or Countries, the admin can enable or disable any IP or Country at any point in time.
      • The admin may choose the disabled IP(s) or Country(s) to enable and allow data access.
      • Likewise, the admin can disable the enabled IP(s) or Country(s) to restrict the data access.
      • If any user, bearing the disabled IP/ Country tries to log in, it restricts the data access for the same.
      • If any user, bearing the enabled IP/ Country tries to log in, it allows the data access for the same.
      • This safeguards the data and protects it from data theft.
      WAF Security IP and Country Ban

      2-Factor Authentication for Customers

      It is the prime responsibility of the store owner to ensure the safety of the customer's data, which may be extremely crucial at times such as card details.

      This module assures to retain the integrity of the customer's data as well by providing the 2-Factor Authentication, Email Verification and Recaptcha at various levels for additional security.

      • This module offers security at various levels for both the registered and new customers.
      • The registered customers will find the 2factor authentication before logging in to their accounts.
      • To login, the registered customers need to scan the QR code and add the code and authenticate.
      • The new customers will find the verify email button for email verification while filling in the personal details for registration purposes.
      • In the contact us form, the customers will find the Recaptcha option.
      2-Factor Authentication for Customers


      • The store owner can enable 2-factor authentication for the admin, customer, and affiliate user login.
      • Thus, for 2-factor authentication, the login users must scan the QR code using Google authenticator.
      • The Recaptcha feature is allowed for the admin's login purpose.
      • This module allows pre-sign up email validation.
      • This module also integrates the AbuseIPDB to block and report IP.
      • The admin may choose to allow or disallow specific file types that can be uploaded.
      • Notifications for resetting passwords are sent to the admin users and customers if need be.
      • The admin can create custom email templates.
      • For additional security, the admin may choose to restrict an IP or given a set of IPs to access the website's data.
      • Also, the admin may restrict a country or set of countries to access the website's data.
      • A Brute Force log consists of a list of users who tend to have made login attempts.
      • It also displays a list of secure/ insecure directory content of the website.
      • The overall security of the website's data is taken care of by WAF and it protects data from malicious attacks.


      For any query or issue, please create a support ticket here

      Write a review

      Frequently Asked Questions

      Which module offers the best security for OpenCart’s Website?
      Opencart Web Application Firewall (WAF) Security module offers secure login and prevention from data theft.
      Does the Opencart Web Application Firewall (WAF) Security module require any authentication while login process?
      Opencart Web Application Firewall (WAF) Security module offers 2factor authentication for admin, customers and affiliate users to log in to the website.
      What is the feature of the 2factor authentication?
      To login, the admin needs to scan the QR code using the Google Authenticator, installed on the cellphone. The code received is to be added on the Webkul WAF Security 2factor Authentication pop-up, if matched, it authenticates the admin and redirects to the admin’s website.
      What is the major add-on of the Opencart Web Application Firewall (WAF) Security module?
      As this module offers IP and Country ban features, any user who tries to access data bearing the disabled IP or Country, will not be able to login or access the data.
      Is there any log maintained for users who login to the website?
      The Brute Force Log helps in maintaining a log for the users who make login attempts on the website.

      Move to Cloud Today

      AWS Free tier hosting for one year by amazon web services, for more details please visit AWS Free Tier.

      GCP Free tier hosting for one year with 300 credit points by google cloud platform, for more details please visit GCP Free Tier.

      In our default configuration we will provide tremendous configuration for your eCommerce Website which is fast to load and response.

      Default Configuration Details of Server

      • 1 GB RAM
      • 1 Core Processor
      • 30 GB Hard Disk
      • DB with 1 GB RAM and 1 Core Processor

      * Server Configuration may vary as per application requirements.

      Want to know more how exactly we are going to power up your eCommerce Website with Cloud to fasten up your store. Please visit the Cloudkul Services.

      Get Started with Cloud

      Module code is completely open that means anyone can customize the code as per his / her need , as the developer of the module we also provide customisation and development of the module please contact us for module customisation Paid Service

      Request Customization

      • + Features
      • - Bugs
      • * Update library file in both the Version.
      • * add important links, installation guide etc
      • * fixed all issues
      • * add module in version 2.3.x.x with journal theme patch
      • * fixed error index issue and zero value issue
      • * add and change language text
      • * change less than sign issue
      • * extend mail description limit and variable conflict issue
      • * implement suggestion
      • * fixed PHPCS issues
      • * fixed the grammer errros in other language files
      • * fixed the grammer erros
      • * fixed all the git issues and implement suggestion
      • * fixed all the git issues and implement suggestion
      • + Add journal theme patch for Version 3.x.x.x and resolved GIT issues
      • * fixed wrong string issue in Version 3.x.x.x
      • + add module for Version 3.x.x.x