Controlling access to your site will help you protect user sessions and minimize exposure to unwanted data breach or unauthorized access.
Official Documentation Link: https://awwo.link/QbuSM
These features will not work, unless you activate the section. Use the 'checkbox' next to the section title, and then hit the 'Save Changes' button at the bottom to activate. 'These functions are currently resting in peace. Please use the checkbox for activation.' message confirms that no actual code is running in the background. Enhance website security by allowing admins to customize error pages for missing content, restrict account access to a single session, and implement brute force lockout by limiting failed login attempts. It also includes options to set lockout durations, configure lockout messages for both IP addresses and accounts, and enable a show/hide password feature for better user convenience.
- 404 Error Page: This error appears when you access a website link with no content available at that address. You have the option to switch between the default theme error page or create a personalized error page.
- One Session Per User: Tick this checkbox if you want to restrict access to your account from being accessed simultaneously on multiple browsers or terminals.
- Brute Force Lockout: This security measure is implemented to protect accounts from brute force attacks. Brute force attacks involve an attacker attempting to gain access by systematically trying all possible passwords or passphrases until the correct one is found.
- Login Attempts: Set the maximum number of failed login attempts.
- Lockout Time (minutes): Set how long an account is under lockout because brute force attack was detected.
- IP Lockout Message: After multiple failed attempts the system will block the attacker IP address for a predefined period of time and send a message to the account owner.
- Account Lockout Message: After multiple failed attempts, the system will completely suspend account access to prevent further issues from occurring.
- Enable Show/Hide Password Switch: Tick this checkbox if your theme’s password input field does not have the feature to toggle password visibility.
Reset Section Settings using the checkbox and Save Changes button in order to remove database entries.