Magento releases a hotfix to remove failed login attempts from the database patch for Magento 2.3.0 – 2.3.2p1.
For the earlier versions of Magento 2, i.e., 2.2.10+ and 2.3.3+, it was only required to run a script to remove pre-existing failed login credentials from the Magento Commerce and Magento Commerce Cloud database.
However, for Magento 2.3.0-2.3.2-p2, this hotfix released does the task.
The issue was reported to Magento that allowed failed login attempts to be logged in a database in Magento 2.3.x and 2.2.x. To resolve it, Magento released a fixed in October 2019. However, a new issue arose that information collected prior to updating to these current versions may still exist.
We know that any Magento 1 versions are not affected by this issue but only Magento 2.x Open Source and Magento Community versions.
To resolve this new issue, you can download the database patch for Magento 2.3.0 – 2.3.2p1.
Firstly, determine your Magento version, and decide if you need to install the patch or run the script.
For previous Magento 2 versions such as 2.3.3 and above, you simply need to run the below scripts in order to clean the old logs:
Now run the script to clean the database of the pre-existing failed login attempts. The script is attached to the article:
Method to install “Remove Failed Login Attempts From the Database Patch for Magento 2.3.0 – 2.3.2p1:
Only run the below script to clear old logs. This script is attached to the article. To download it, click the following link:
How to run the script
Follow the below instructions to run the script:
- Place the DB_CLEANUP_SCRIPT.php in the root directory of the Magento installation (in the same directory as app which contains app/bootstrap.php).
- Run the below command in the terminal to begin the database clean up process:
That’s it. You can read more here.
Any doubts in the process? Please feel free to mention them in the Comments section below. I’d be happy to help.
Do share the post with the Magento community via social media.