SuiteCRM – Admin Guide

2.1 Access Monitor

After having installed CRM Defender, you get an Access Monitor link on the Lion Solution CRM Defender panel:
Access Monitor link
At the very first time you look there, you won’t find anything:
Empty Access Monitor
But i.e. right after one logout and a successful login with the admin user from a client with IP:, this is what you will see:
AccessMonitor 1row
Access Monitor List View is provided with 6 columns, most of them are self-explaining:
• IP Addresses
• Typed Name
• Registered Time
• Recognized User – this field is filled just in case of Success
• Admin User?
• Result – Could be: Login Success, Login Failed, Banned

2.1.1    Search

You can do a search or an advanced one, if you want to check your user’s accesses, the failed ones, or the banned IPs.

2.1.2    Delete failed attempts

Basically you can delete every row in the List View just selecting them and hitting “Delete”.
In the following example you are going to delete all failed attempts coming from 2 different IP addresses:
Failed Attempts
In first cases there were a typed name: admin, in the others not even that.
No Users have been recognized as the Login results were:” Failed”.

2.2 Ban IP Addresses

Let suppose you entered 3 as the maximum number of failed attempts before lockout as in section 1.2.3, then after 3 failed login attempts from the same IP address on the same day, on a 4th failed attempt that IP address will be banned by CRM Defender.
At the 4th failed attempt the request from this IP will be rejected by the .htaccess file so the client will receive a 403 error

2.2.1    Slow Attacks

The “Slow Attacks” consists in trying a login only a few times every hour.
If an attacker tries wrong combinations of username and passwords with the slow attacks technique, CRM Defender is still effective, because it checks failed attempts in a range of one day.

2.2.2    How to remove an IP from the banned list

CRM Defender is very safe and easy to manage. If you want to free a previsiosly banned IP, you just have
1. to access to your CRM istance from a different IP: you can use a mobile connection or a proxy server; there are many of them available on the internet; you can use for example,
2. add the IP to the whitelist CRM Defender Settings
3. and that’s all. You can login again from the banned IP after refreshing the page.

2.2.3    The Email Notification System

Enable the Email Notification System and select a recipient email address. If you leave it empty, the primary email address of the CRM admin will be used:

In case of IP Locking out you will receive a notification email:


Contact us

Feel free to contact us for commercial or technical questions

    Copyright All Rights Reserved 2021 CRM Defender - Lion Solution Srls