Difference between revisions of "Security/Ban Control"
m |
|||
| Line 4: | Line 4: | ||
===Managing Banned IPs=== | ===Managing Banned IPs=== | ||
| − | To view all the banned IPs in your system, go to | + | To view all the banned IPs in your system, go to '''Setup > Manage Banned IPs'''. You will then see the IP numbers that are banned, the reason for that ban, and the date/time the ban expires. You can delete IPs from the ban list that have been banned in error using the red delete icon to the right of the line. |
===Adding a New Banned IP=== | ===Adding a New Banned IP=== | ||
| Line 18: | Line 18: | ||
With WHMCS it is possible to ban email domains from signing up. This is useful if you want to block customers signing up using free email accounts. | With WHMCS it is possible to ban email domains from signing up. This is useful if you want to block customers signing up using free email accounts. | ||
| − | To enable this feature, simply go to | + | To enable this feature, simply go to '''Setup > Manage Banned Emails'''. You will then see a list of all the currently banned email domains and the number of times a customer has attempted to signup using them. |
To add a new banned email domain, click the Add tab at the top of the page and then enter the email domain you wish to ban, for example "hotmail.com". | To add a new banned email domain, click the Add tab at the top of the page and then enter the email domain you wish to ban, for example "hotmail.com". | ||
| Line 24: | Line 24: | ||
==Auto Ban Control== | ==Auto Ban Control== | ||
| − | WHMCS by default blocks any users IP who attempts to login to the admin area with a valid username and incorrect password three times or more. The length of this ban by default is 15 minutes and is designed to prevent hackers being able to endlessly try different password combinations in order to gain access to your admin area. You can however alter the length of this ban to increase or decrease it by going to | + | WHMCS by default blocks any users IP who attempts to login to the admin area with a valid username and incorrect password three times or more. The length of this ban by default is 15 minutes and is designed to prevent hackers being able to endlessly try different password combinations in order to gain access to your admin area. You can however alter the length of this ban to increase or decrease it by going to '''Setup > General Settings > Other tab''' > Exceeding Invalid Login Attempts Ban Time |
Revision as of 12:14, 10 September 2010
Contents
Banning IP Addresses
With WHMCS, it is possible to ban an IP address from accessing your entire WHMCS system.
Managing Banned IPs
To view all the banned IPs in your system, go to Setup > Manage Banned IPs. You will then see the IP numbers that are banned, the reason for that ban, and the date/time the ban expires. You can delete IPs from the ban list that have been banned in error using the red delete icon to the right of the line.
Adding a New Banned IP
To add a new banned IP, click the Add tab near the top of the page. The add options will then be displayed where you can enter the IP you want to ban, the reason for banning it and the date/time the ban should expire. Once complete, click the Add Banned IP button to ban the IP. The change will take effect immediately.
Searching Banned IPs
To search for a banner IP, click the Filter tab near the top of the page. You can then filter the list of banned IPs by IP or reason to locate specific IPs you wish to un-ban.
Banning Email Domains
With WHMCS it is possible to ban email domains from signing up. This is useful if you want to block customers signing up using free email accounts.
To enable this feature, simply go to Setup > Manage Banned Emails. You will then see a list of all the currently banned email domains and the number of times a customer has attempted to signup using them.
To add a new banned email domain, click the Add tab at the top of the page and then enter the email domain you wish to ban, for example "hotmail.com".
Auto Ban Control
WHMCS by default blocks any users IP who attempts to login to the admin area with a valid username and incorrect password three times or more. The length of this ban by default is 15 minutes and is designed to prevent hackers being able to endlessly try different password combinations in order to gain access to your admin area. You can however alter the length of this ban to increase or decrease it by going to Setup > General Settings > Other tab > Exceeding Invalid Login Attempts Ban Time