Configuring Shares Security

From the Admin page, configure Shares security by clicking User Security under the Security header.
Option Description Options
Session timeout Log out users after this many minutes of inactivity. 1-480
Require strong passwords Require passwords to be at least 8 characters and contain at least one uppercase letter, lowercase letter, number, and symbol.  
Password expiration interval Number of days before a user must change the password. Leave the field blank to disable password expirations.. 1-720
Failed login count Number of failed logins within the Failed login interval before Shares locks the account . 1-20
Failed login interval The interval in minutes within which hitting the Failed login count locks the account. 1-60
Self registration Determines whether non-users can create or request user accounts. For more information on self-registered accounts, see Moderate Self Registered Accounts.
  • None: Not allowed.
  • Moderated: An admin must approve the account before it is created. If you allow self-registration, the moderated setting is recommended for security.
  • Unmoderated: After a user registers, the user’s account is automatically created.

Removing Support for TLS 1.0 and 1.1

The default configuration of Shares has TLS 1.0, 1.1 and 1.2 enabled. Older browsers require the older and less secure version, TLS 1.0. You may disable support for these older browsers by removing TLS 1.0 from the configuration.
To remove TLS 1.0 from the configuration, edit the nginx.conf file located at /opt/aspera/shares/etc/nginx/nginx.conf. Delete TLSv1 and TLSv1.1 from the following line:
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;