Total Verteidiger
Total Verteidiger images
30 Tage Rückgaberecht
Einfache Rückgabe – keine Fragen
Plug & Play Module
Installieren, einrichten und profitieren
Support an erster Stelle
Priorität für Hilfe & Zufriedenheit
Total Verteidiger
Komplette Sicherheits-Suite - WAF-Firewall + Malware-Scanner + 2FA + Backups + Datei-Monitor
Price:
199,00 €
Umfassender Sicherheits- & Anti-Spam-Schutz für PrestaShop
Total Defender ist eine Rundum-Sicherheitslösung, die Ihren PrestaShop-Shop vor Spam, Bots, Brute-Force-Angriffen, Malware und Sicherheitslücken schützt. Es kombiniert Rate Limiting, IP-Verwaltung, Dateiintegritätsüberwachung, eine Web Application Firewall, E-Mail-Sicherheit, Backup-Management und Admin-2FA in einem einzigen Modul — keine externen Dienste erforderlich.
- Anti-Spam-Schutz — Honeypot-Felder, CAPTCHA-Integration, Nachrichtenfilterung und Link-Validierung zum Blockieren von Spam
- Rate Limiting — aktionsbezogene Drosselung für Warenkorb, Registrierung, Kontaktformulare und Kommentare mit automatischer IP-Sperrung
- Bot- & Crawler-Management — Verhaltenserkennung, JS-Challenges und Crawler-Whitelisting zur Unterscheidung guter von schlechten Bots
- IP-Verwaltung — Whitelist, Blacklist, Strafpunktesystem, TOR-Exit-Node-Erkennung und GeoIP-basierte Regeln
- Dateiintegritätsüberwachung — Basis-Snapshots mit Warnungen, wenn Core- oder Modul-Dateien unerwartet geändert werden
- Web Application Firewall — benutzerdefinierte Regeln zum Blockieren von XSS, SQL Injection und anderen eingabebasierten Angriffen
- Schwachstellen-Scanner — prüft PrestaShop-Core, Module und PHP-Version gegen bekannte CVEs
- Security Headers — CSP-Generierung und Verletzungsprotokollierung zur browserseitigen Absicherung
- E-Mail-Sicherheit — Rate Limiting für ausgehende E-Mails, Blockierung von Wegwerf-Domains und Erkennung von Missbrauchsmustern
- Backup-System — vollständige und inkrementelle Backups mit Zeitplanung, mehreren Speicheradaptern und Wiederherstellungspunkten
- Admin-2FA — TOTP-basierte Zwei-Faktor-Authentifizierung für Back-Office-Mitarbeiterkonten
- Session-Tracking — überwachen Sie Besuchersitzungen mit Attribution, Seitenaufrufen, UTM-Parametern und Geräteerkennung
- Audit-Protokollierung — vollständige Admin-Aktionshistorie mit IP-Adressen, User Agents und Zeitstempeln
Kompatibel mit PrestaShop 1.7 bis 9.x. Eine Lizenz, lebenslange Updates, 90 Tage dedizierter Support.
Complete Security — From Spam to Sophisticated Attacks
E-commerce stores face a constant barrage of threats. Automated bots submit hundreds of spam registrations per day. Credential-stuffing attacks target admin and customer logins around the clock. Malicious scripts probe for known vulnerabilities in PrestaShop core and modules. A single breach can expose customer payment data, destroy trust, and trigger regulatory penalties under GDPR.
Total Defender is a full-spectrum security suite that protects your store at every layer. Anti-spam stops form abuse. Rate limiting prevents brute-force attacks. A web application firewall blocks injection attacks. File integrity monitoring catches unauthorized code changes. Vulnerability scanning alerts you to known CVEs. Admin two-factor authentication ensures that stolen passwords alone cannot compromise your back office. And a comprehensive audit log gives you forensic visibility into every action.
Anti-Spam Protection
Spam is the most common and most visible attack vector. Fake registrations pollute your customer database, spam contact form messages waste support time, and fake reviews damage your store's credibility. Total Defender blocks spam at the source.
- Honeypot fields — invisible form fields that catch automated bots without affecting real customers
- CAPTCHA integration — support for reCAPTCHA v2, v3, and hCaptcha on registration, contact, and comment forms
- Message filtering — keyword-based filtering to block messages containing spam patterns, excessive links, or prohibited terms
- Link validation — detect and block form submissions containing suspicious URLs or redirect chains
- Disposable email blocking — reject registrations from known disposable email providers
Rate Limiting & Brute-Force Protection
- Per-action throttling — separate rate limits for cart additions, registration, contact form submissions, login attempts, and comments
- Automatic IP blocking — IPs that exceed rate limits are automatically blocked for a configurable duration
- Progressive lockout — repeat offenders face escalating block durations (1 hour → 24 hours → permanent)
- Admin login protection — separate, stricter rate limits for back-office login attempts
- API rate limiting — throttle webservice API reqüsts to prevent abuse and resource exhaustion
Bot & Crawler Management
- Behavioral detection — identify bots by browsing patterns (speed, mouse movement, JavaScript execution) rather than just user-agent strings
- JavaScript challenges — serve lightweight JS challenges to suspicious visitors that real browsers pass instantly but headless bots fail
- Crawler whitelisting — ensure Google, Bing, and other legitimate crawlers are never accidentally blocked
- TOR exit node detection — identify and optionally block connections from TOR exit nodes
- User-agent filtering — block known malicious bot user-agents and tools
IP Management & GeoIP
- IP whitelist — ensure your own IPs and trusted partners are never blocked
- IP blacklist — permanently block specific IPs or CIDR ranges
- Penalty scoring — accumulate risk scores based on suspicious behavior before triggering a block
- GeoIP-based rules — allow or block access from specific countries or regions
- Admin panel restriction — limit back-office access to specific IP addresses or ranges
File Integrity Monitoring
- Baseline snapshots — SHA-256 hash of every monitored file stored as a reference point
- Change detection — identify files that have been added, modified, or removed since the last baseline
- Scheduled scans — automatic integrity checks via cron (hourly, daily, or weekly)
- Exclusion rules — exclude cache, log, and other expected-change directories
- Email alerts — immediate notification when unauthorized modifications are detected
- Diff viewer — side-by-side comparison showing exactly what changed in modified files
Web Application Firewall & Security Headers
- XSS protection — detect and block cross-site scripting attempts in form inputs and URL parameters
- SQL injection blocking — pattern-based detection of SQL injection payloads in reqüsts
- Custom firewall rules — define your own rules to block specific reqüst patterns
- Content Security Policy (CSP) — visual builder for CSP headers with violation logging
- HSTS, X-Frame-Options, Referrer-Policy — configure all security headers from the admin panel
- Permissions-Policy — restrict browser API access (camera, microphone, geolocation) on your pages
Vulnerability Scanner
- PrestaShop core CVE check — compare your installed version against known vulnerabilities
- Module vulnerability scanning — check installed modules against known CVE databases
- PHP version check — verify your PHP version is not end-of-life or known-vulnerable
- Severity ratings — each finding includes a severity level (critical, high, medium, low) and remediation advice
- Scheduled scanning — run vulnerability checks on a regular schedule with email alerts for new findings
Admin 2FA, Backup & Audit
- TOTP two-factor authentication — compatible with Google Authenticator, Authy, and any TOTP app
- Per-employee enforcement — require 2FA for all employees or specific profiles
- Recovery codes — single-use backup codes for employees who lose their 2FA device
- Backup system — full and incremental backups with scheduling and multiple storage adapters
- Session tracking — monitor active visitor sessions with device, IP, and UTM attribution
- Complete audit log — every admin action recorded with IP, user agent, and timestamp
- Email rate limiting — prevent outbound email abuse from compromised forms
Why is this module unique?
- The most comprehensive PrestaShop security module available — combines anti-spam, rate limiting, WAF, file integrity, vulnerability scanning, 2FA, backups, and audit logging in a single package
- No external services required — everything runs on your own server with no monthly fees, API dependencies, or data leaving your infrastructure
- Behavioral bot detection with JavaScript challenges catches sophisticated bots that user-agent filtering misses
- Penalty scoring system reduces false positives by accumulating risk before blocking, rather than blocking on a single suspicious action
- CSP header visual builder eliminates the notoriously difficult process of writing Content Security Policy rules by hand
Use Cases
- Stores processing payments — PCI DSS compliance requires file integrity monitoring, access controls, and strong authentication
- Stores handling personal data — GDPR requires audit trails of data access and modification
- Stores targeted by spam — anti-spam and rate limiting eliminate automated form abuse
- Stores with multiple admin users — 2FA and audit logging ensure accountability across the team
- Stores previously compromised — file integrity monitoring and vulnerability scanning provide ongoing assurance after a breach cleanup
- High-traffic stores — rate limiting and bot management prevent resource exhaustion from automated traffic
Related Resources
-
Referencemprtotaldefender
-
PrestaShop-KompatibilitätPS 1.7 – 9.x
-
PreismodellEinmalkauf
-
ModultypFront & Back-office
-
DSGVO-relevantJa
-
GeschäftszielAbläufe optimieren
-
Externes Konto erforderlichNein
-
Modul-KomplexitätKomplettlösung
-
Phase der Customer JourneyShop verwalten
-
Funktioniert mit PlattformKeine externe Plattform
What customers say about us
5.0
★
★
★
★
★
(1 Bewertung)
Great work and support
Great work and support
5.0
★
★
★
★
★
(3 Bewertungen)
Niesamowite doświadczenie i znajomość Prestashop. Każdy minimalny błąd analizowany i poprawiany. Bardzo dobry kontakt podczas realizacji zlecenia
Jest to najlepszy informatyk / programista jakiego znam. Gość jest geniuszem do wszystkich spraw związanych z prowadzeniem strony internetowej oraz sklepu internetowego. Usługi warte każdych pieniędzy, polecam!
Very professional service. The store staff has a customer-focused approach. They effectively helped us select the most optimal solution for our store, then efficiently guided us through the technical aspects of the implementation process. They also provide ongoing support in managing and promoting our website. We highly recommend them!
1
In Bearbeitung
2
Umgesetzt
3
Anfragen
Real-time file integrity monitoring
Umgesetzt
Alert when core or module files are modified unexpectedly. Detect compromised files within minutes, not days.
Antwort:
Core feature since v1.0.0! File hash monitoring with configurable scan intervals. Instant email/Slack alerts on unauthorized changes.
Two-factor authentication for admin
Umgesetzt
Add TOTP-based 2FA for back office login. With the rise of credential stuffing attacks, passwords alone are not enough.
Antwort:
Shipped in v1.1.0! TOTP 2FA with QR code setup, backup codes, and optional enforcement per employee profile.
Web Application Firewall (WAF) rules
In Bearbeitung
Built-in WAF rules to block SQL injection, XSS, path traversal, and other OWASP Top 10 attacks before they reach PrestaShop.
Antwort:
In active development! ModSecurity-compatible rule engine with PrestaShop-specific ruleset. Beta testing with selected stores.
Keine bekannten Probleme
Für dieses Modul sind derzeit keine offenen oder gelösten Probleme registriert.
30 Tage Rückgaberecht
Einfache Rückgabe – keine Fragen
Plug & Play Module
Installieren, einrichten und profitieren
Support an erster Stelle
Priorität für Hilfe & Zufriedenheit
Mehr aus dieser Kategorie
Noch keine Bewertungen. Seien Sie der Erste, der eine Bewertung hinterlässt!
Bewertung schreiben