From the
Admin page, configure Shares security by clicking
User Security under the Security header.
| Option |
Description |
Options |
| Session timeout |
Log out users after this many minutes of inactivity. |
1-480 |
| Require strong passwords |
Require passwords to be at least 8 characters and contain at least one uppercase
letter, lowercase letter, number, and symbol. |
|
| Password expiration interval |
Number of days before a user must change the password. Leave the field blank to
disable password expirations.. |
1-720 |
| Failed login count |
Number of failed logins within the Failed login interval
before Shares locks the account . |
1-20 |
| Failed login interval |
The interval in minutes within which hitting the Failed login
count locks the account. |
1-60 |
| Self registration |
Determines whether non-users can create or request user accounts. For more
information on self-registered accounts, see Moderate Self Registered Accounts. |
- None: Not allowed.
- Moderated: An admin must approve the account before it is created. If you
allow self-registration, the moderated setting is recommended for security.
- Unmoderated: After a user registers, the user’s account is automatically
created.
|
Removing Support for TLS 1.0 and 1.1
The default configuration of Shares
has TLS 1.0, 1.1 and 1.2 enabled. Older browsers require the older and less secure version,
TLS 1.0. You may disable support for these older browsers by removing TLS 1.0 from the
configuration.
To remove TLS 1.0 from the configuration, edit the nginx.conf file located
at
/opt/aspera/shares/etc/nginx/nginx.conf. Delete TLSv1 and TLSv1.1 from
the following
line:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;