| Line 1: | Line 1: | ||
| − | <ul> | + | <div class="docslinkbox"> | 
| − | + |    <div class="docstitle">Contents</div> | |
| − | + |    <div class="docslink"> | |
| − | + |    <ul> | |
| − | + | 	   <li>[[Security Settings#Common_Settings|Common Settings]]</li> | |
| − | + | 	   <li>[[Security Settings#Two_Step_Authentication_Settings|Two Step Authentication Settings]]</li> | |
| − | </ul> | + | 	   <li>[[Security Settings#Password_Settings|Password Settings]]</li> | 
| − | <div id="Common_Settings ">Common Settings  | + | 	   <li>[[Security Settings#Website_Security|Website Security]]</li> | 
| − | <div id=" | + | 	   <li>[[Security Settings#Captcha_Settings|Captcha Settings]]</li> | 
| − | <div id="Password_Settings">Password Settings  | + |    </ul> | 
| − | <div  | + |    </div> | 
| − | <div id="Email | + | </div> | 
| − | < | + | <div class="subtitle">Security Settings - Settings / Security</div> | 
| − | <div id=" | + | <p>Security Settings can be set from here.</p> | 
| − | <div  | + | <div class="subtitle" id="Common_Settings">Common Settings</div> | 
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li style="list-style: none;"> | ||
| + |       <ul> | ||
| + | 	<li><b>Use Static IP : </b>Static IP protects Adminpanel logins from other IP Addresses. When enabled, Admin <b>Has to Verify</b> every new IP Address he tries to log in with to the Adminpanel. So, Admin will receive a <b>Verification Mail</b> every time there is a login attempt from an Unverified IP Address.</li> | ||
| + | 	<li><b>Verification Mail Expiration Time (Hours) :* </b>Specify <b>Number of Hours</b> the verification mail will be valid.</li> | ||
| + | 	<li><b>Anti Brute Force :* </b>This option saves you from the hackers trying to get into the Adminpanel using <b>different possible passwords</b>. Here, you can specify the number of <b>consecutive failed login attempts </b>after which user's IP Address will be blocked for the number of hours specified here.</li> | ||
| + | 	<li><b>Anti Brute Force :* </b>This option is little different from the one above. You can permanently lock the Adminpanel for everyone if someone tries to login here with incorrect details for a specified number of consecutive attempts <b>within a specified number of minutes</b>. This can be useful especially when someone tries a heavy brute force attack on the Adminpanel where <b>different combinations</b> of passwords are used to login. After the permanent lock, a mail containing the verification link will be sent to the admin email address. Lock will be removed <b>only when admin unlocks</b> the Adminpanel using the link.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| + | </div> | ||
| + | <p>Click on <b>Update</b> to apply the Common Settings.</p> | ||
| + | <div class="subtitle" id="2-Step_Verification_Settings">2-Step Verification Settings</div> | ||
| + | <p>You can set Google's 2-Step Verification settings here, which will provide enhanced security.</p> | ||
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li>Admin Area | ||
| + |       <ul> | ||
| + | 	<li><b>Enable Google 2-Step Verification : </b>Choose Yes if you want to enable Google's 2-Step Verification feature for Admin area. This feature is the latest and safest security measure.</li> | ||
| + | 	<li><b>Select A Means To Set up Google 2-Step Verification : </b>Select how you want to setup Google's 2-Step Verification security measure. There are 2 options available: via <b>QR Code</b> or <b>Security Key</b>.</li> | ||
| + | 	<li><b>Admin Password :* </b>Please enter current <b>Main Admin's Password</b>. Sub Admin password will not work here.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| + | </div> | ||
| + | <p>Click on <b>Update</b> to Enable Google 2-Step Verification for Admin Area.</p> | ||
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li>Member Area | ||
| + |       <ul> | ||
| + | 	<li><b>Enable Google 2-Step Verification : </b>Choose Yes if you want to enable Google's 2-Step Verification feature for Member's area.</li> | ||
| + | 	<li><b>Enable Secondary Password : </b>For Enhanced Security, enable secondary password from here. When enabled, members can set their secondary password which will be asked <b>every time they log in </b>to their account.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| + | </div> | ||
| + | <p>Click on <b>Update</b> to Enable Google 2-Step Verification for Member Area.</p> | ||
| + | <div class="subtitle" id="Password_Settings">Password Settings</div> | ||
| + | <p>You can specify password policy settings here. Member's passwords must meet below criteria when they <b>Set/Update</b> their passwords.</p> | ||
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li style="list-style: none;"> | ||
| + |       <ul> | ||
| + | 	<li><b>Minimum Password Length :* </b>Set the minimum password length here.</li> | ||
| + | 	<li><b>Maximum Password Length :* </b>Set the maximum password length here.</li> | ||
| + | 	<li><b>Minimum Numeric Characters in Passwords :* </b>Specify the minimum number of numeric characters should be there in the passwords.</li> | ||
| + | 	<li><b>Maximum Numeric Characters in Passwords :* </b>Specify the minimum number of numeric characters allowed in the passwords.</li> | ||
| + | 	<li><b>Allow Non-Alphanumeric Characters in Passwords : </b>If set to Yes, then passwords with Non-Alphanumeric characters will be allowed. That is, passwords that include non-alphanumeric characters like $,#,& etc. will be allowed.</li> | ||
| + | 	<li><b>Minimum Number of Non-Alphanumeric Characters in Passwords :* </b>This setting doesn't matter if you have selected 'No' above. Mismatches may happen otherwise. If you select Yes above, then you need to specify the minimum number of Non-Alphanumeric characters that have to be there in the passwords.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| + | </div> | ||
| + | <p>Click on <b>Update</b> to apply the Password Settings.</p> | ||
| + | <div class="subtitle" id="Website_Security">Website Security</div> | ||
| + | <p>Admin can add a record to <b>Block New Registrations</b> from any particular Email, Domain, IP Address or Country. Specific Username can also be banned. Delete a record any time to again allow new sign ups from those particular Emails, IP Addresses, Domains or Countries.</p> | ||
| + | <p>Click on <b>Add New</b> to create a new record for blocking a particular Email, Domain, IP Address or Country.</p> | ||
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li style="list-style: none;"> | ||
| + |       <ul> | ||
| + | 	<li><b>Block Signups By : </b>Choose whether you want to block signup by Domain Name, IP Address, Email, Username or Country.</li> | ||
| + | 	<li><b>Enter Value :* </b>Specify the value depending on what you have chosen in the Block Signups By field.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| + | </div> | ||
| + | <p>Click on <b>Submit</b> to apply the Website Security changes.</p> | ||
| + | <div class="subtitle" id="Captcha_Settings">Captcha Settings</div> | ||
| + | <p>You can Set settings for Captcha here.</p> | ||
| + | <div class="docs"> | ||
| + |   <ul> | ||
| + |     <li style="list-style: none;"> | ||
| + |       <ul> | ||
| + | 	<li><b>Captcha Characters :* </b>Specify list of characters you wish to show in Captcha.</li> | ||
| + | 	<li><b>Captcha Character Length :* </b>Specify the Captcha length. Minimum 5 characters are recommended.</li> | ||
| + | 	<li><b>Captcha Text Color :* </b>Specify the Captcha Text Color in R, G, B format.</li> | ||
| + | 	<li><b>Captcha Background Image :* </b>Enter the captcha background image name. It should be uploaded to <b>'vendors/captcha/images/'</b> directory.</li> | ||
| + | 	<li><b>Captcha Font File :* </b>Specify the captcha font file name and upload the file to <b>'vendors/captcha/fonts/' </b>directory if you want to show captcha in different fonts.</li> | ||
| + | 	<li><b>Enable Captcha For : </b>Select the pages where you want to enable captcha. Pages for which you can enable the captcha are: Admin Login, Member Login, Member Signup, Member Profile, Public Support, Member Support, Public Support Search, Add Member Testimonial, Advertisement Banner Ad, Advertisement Text Ad, Advertisement Solo Ad, Advertisement Solo Saved Ad, Member Add Fund and Member Purchase Position.</li> | ||
| + |       </ul> | ||
| + |     </li> | ||
| + |   </ul> | ||
| </div> | </div> | ||
| − | |||
| [[Category:Settings]] | [[Category:Settings]] | ||
Revision as of 13:33, 8 May 2015
Security Settings can be set from here.
- 
      - Use Static IP : Static IP protects Adminpanel logins from other IP Addresses. When enabled, Admin Has to Verify every new IP Address he tries to log in with to the Adminpanel. So, Admin will receive a Verification Mail every time there is a login attempt from an Unverified IP Address.
- Verification Mail Expiration Time (Hours) :* Specify Number of Hours the verification mail will be valid.
- Anti Brute Force :* This option saves you from the hackers trying to get into the Adminpanel using different possible passwords. Here, you can specify the number of consecutive failed login attempts after which user's IP Address will be blocked for the number of hours specified here.
- Anti Brute Force :* This option is little different from the one above. You can permanently lock the Adminpanel for everyone if someone tries to login here with incorrect details for a specified number of consecutive attempts within a specified number of minutes. This can be useful especially when someone tries a heavy brute force attack on the Adminpanel where different combinations of passwords are used to login. After the permanent lock, a mail containing the verification link will be sent to the admin email address. Lock will be removed only when admin unlocks the Adminpanel using the link.
 
Click on Update to apply the Common Settings.
You can set Google's 2-Step Verification settings here, which will provide enhanced security.
- Admin Area
      - Enable Google 2-Step Verification : Choose Yes if you want to enable Google's 2-Step Verification feature for Admin area. This feature is the latest and safest security measure.
- Select A Means To Set up Google 2-Step Verification : Select how you want to setup Google's 2-Step Verification security measure. There are 2 options available: via QR Code or Security Key.
- Admin Password :* Please enter current Main Admin's Password. Sub Admin password will not work here.
 
Click on Update to Enable Google 2-Step Verification for Admin Area.
- Member Area
      - Enable Google 2-Step Verification : Choose Yes if you want to enable Google's 2-Step Verification feature for Member's area.
- Enable Secondary Password : For Enhanced Security, enable secondary password from here. When enabled, members can set their secondary password which will be asked every time they log in to their account.
 
Click on Update to Enable Google 2-Step Verification for Member Area.
You can specify password policy settings here. Member's passwords must meet below criteria when they Set/Update their passwords.
- 
      - Minimum Password Length :* Set the minimum password length here.
- Maximum Password Length :* Set the maximum password length here.
- Minimum Numeric Characters in Passwords :* Specify the minimum number of numeric characters should be there in the passwords.
- Maximum Numeric Characters in Passwords :* Specify the minimum number of numeric characters allowed in the passwords.
- Allow Non-Alphanumeric Characters in Passwords : If set to Yes, then passwords with Non-Alphanumeric characters will be allowed. That is, passwords that include non-alphanumeric characters like $,#,& etc. will be allowed.
- Minimum Number of Non-Alphanumeric Characters in Passwords :* This setting doesn't matter if you have selected 'No' above. Mismatches may happen otherwise. If you select Yes above, then you need to specify the minimum number of Non-Alphanumeric characters that have to be there in the passwords.
 
Click on Update to apply the Password Settings.
Admin can add a record to Block New Registrations from any particular Email, Domain, IP Address or Country. Specific Username can also be banned. Delete a record any time to again allow new sign ups from those particular Emails, IP Addresses, Domains or Countries.
Click on Add New to create a new record for blocking a particular Email, Domain, IP Address or Country.
- 
      - Block Signups By : Choose whether you want to block signup by Domain Name, IP Address, Email, Username or Country.
- Enter Value :* Specify the value depending on what you have chosen in the Block Signups By field.
 
Click on Submit to apply the Website Security changes.
You can Set settings for Captcha here.
- 
      - Captcha Characters :* Specify list of characters you wish to show in Captcha.
- Captcha Character Length :* Specify the Captcha length. Minimum 5 characters are recommended.
- Captcha Text Color :* Specify the Captcha Text Color in R, G, B format.
- Captcha Background Image :* Enter the captcha background image name. It should be uploaded to 'vendors/captcha/images/' directory.
- Captcha Font File :* Specify the captcha font file name and upload the file to 'vendors/captcha/fonts/' directory if you want to show captcha in different fonts.
- Enable Captcha For : Select the pages where you want to enable captcha. Pages for which you can enable the captcha are: Admin Login, Member Login, Member Signup, Member Profile, Public Support, Member Support, Public Support Search, Add Member Testimonial, Advertisement Banner Ad, Advertisement Text Ad, Advertisement Solo Ad, Advertisement Solo Saved Ad, Member Add Fund and Member Purchase Position.
 



![[Main Page]](/docs/skins/Proxcripts/resources/images/logo.jpg)

 Contents
 Contents


