Settings - Security & Membership
General |
|
Administrator’s email |
Specifies the administrator’s e-mail address. It is used in places where the administrator’s e-mail address cannot be specified in the administration interface or in web part properties (e.g., user account confirmation page). |
Send membership reminder (days) |
Determines when the system should send e‑mail notifications about Memberships that will soon expire. The value sets how many days before the expiration date reminders should be mailed out. These e-mails are only sent for memberships that were assigned with the Send notification flag enabled and for those that were purchased as a product with a limited duration. Memberships are checked periodically using the Membership reminder scheduled task. The content of the notifications is based on the Membership - Expiration notification e‑mail template. |
Deny login interval |
Interval in minutes during which kicked users cannot log back in to the site. |
Share user accounts on all sites |
If enabled, user accounts created on one site will be shared among all the sites running on the installation. If disabled, new accounts will be assigned only to the current site and not the others. |
Use site prefix for user names |
If enabled, user names only need to be unique for each site, not globally. It is possible to create users with names that are already taken on another site in the system. When a user registers on the live site or is edited/created on a specific site (i.e. in the Users application), the system internally adds the unique identifier (GUID) of the given site as a prefix to that user’s name. Do not enable this setting if you wish to have accounts shared across multiple sites. Warning: Use this setting only if you have your system’s user/site organization planned according to the functionality described above. Reverting back to the default state where user names are globally unique would require a significant amount of effort and direct editing of your user database. |
Registrations |
|
Reserved user names |
Sets a list of users names that cannot be selected during registration. Entered user names must be divided by semicolons. |
Registration requires e-mail confirmation |
Indicates if user registration should require confirmation via email (double opt-in). |
Registration confirmation page path |
Path to the page that contains the Registration e-mail confirmation web part. The registration confirmation link that will be sent to users will point to this page. |
Registration requires administrator’s approval |
Indicates if an administrator’s approval is needed for a user to get registered. |
Delete non-activated user after (days) |
When users register but do not activate their account, their account will be deleted after the entered number of days. |
Require unique user e-mails |
If checked, users cannot enter an e-mail address during registration if the address is already used by another user’s account. |
On-line users |
|
Monitor on-line users |
Enables monitoring of on-line users who are currently browsing the website. |
Store on-line users in database |
If checked, records about on-line users will be stored in the database. This is necessary when running the system on a web farm. Storing the data in the database also allows the system to provide more detailed information about anonymous users (guests) when using Contact management. |
Update on-line users (minutes) |
Interval in minutes after which information about on-line users will be updated. When running the system on a web farm, you need to enter the same value which is set for the Sessions remove expired sessions scheduled task (you can read the value in the Scheduled tasks application -> edit Sessions remove expired sessions -> Task interval -> Every: X minutes). |
Content |
|
Check page permissions |
Indicates if the website should check the user permission settings of pages and apply them. You can configure the permissions of pages in the Pages application on the Properties -> Security tab. The following values are possible:
|
Website logon page URL |
Specifies the URL of the page where users can sign in on the website in order to access its secured areas. Note: This page is different from the one used to log into the administration interface. |
Access denied page URL |
URL of the page that should be displayed when a user is not allowed to read a page. |
Administration |
|
Use SSL for administration interface |
Indicates if the pages of the administration interface should automatically use URLs that are secured by the SSL protocol (i.e. with the https URL scheme). |
Automatically sign-in user when site changes |
If enabled, users will not need to enter their username and password when they switch between edited sites in the administration interface (using the Site drop-down list). |
Enable code editing for site administrators |
Indicates whether users with the Administrator privilege level are automatically allowed to edit code on the website. If disabled, administrators can still edit code if they have the appropriate permissions assigned: Edit Code for the Design module or Edit SQL Queries for the Reporting module. The restriction applies to ASCX code of page layouts and transformations (modifying the HTML version of the code is allowed regardless of the setting), and SQL queries, e.g. for objects in the Reporting module. |
UI personalization |
|
Enable UI personalization |
Indicates if UI personalization should be enabled. If this is the case, users only see those parts of the UI that are allowed for the UI profile assigned to their roles. If disabled, the entire UI is visible for all users. |
Reporting |
|
Default report connection string |
Sets the database connection string that the system assigns to newly created reports. Existing reports also inherit the connection string value from this setting by default. Only users who have the Set connection string permission for the Reporting module can change the connection strings of individual reports. The system loads the list of connection strings from the <connectionStrings> section of the application’s web.config file. The (default) option represents the CMSConnectionString added by the application’s initial database installer. You can use reporting connection strings for the following scenarios:
|
Related pages