ESZAntiBrute is a powerful OpenCart security extension that defends your store against brute force login and password reset attacks. Unlike OpenCart's default behavior, which only limits login attempts based on email addresses, ESZAntiBrute tracks failed attempts by IP and blocks access once configurable thresholds are exceeded.

With version 1.1, ESZAntiBrute now extends its protection to the "Forgot Password" flows on both customer and admin login pages. This helps prevent abuse of password recovery features by limiting the number of requests from a single IP.

Key Features:

IP-based monitoring of login attempts (customer & admin)
IP-based limitation of "Forgot Password" requests
Separate configurations for login and password reset limits
Adjustable time windows and attempt limits per section
Real-time blocking of offending IPs
Optional logging and listing of blocked attempts
Lightweight and highly efficient security solution

Take full control over who can access your login and recovery endpoints — prevent unauthorized access attempts before they become a problem.

Visit product page