From the Admin
page, configure Shares security by clicking
under the Security header.
||Log out users after this many minutes of inactivity.
|Require strong passwords
||Require passwords to be at least 8 characters and contain at least one uppercase
letter, lowercase letter, number, and symbol.
|Password expiration interval
||Number of days before a user must change the password. Leave the field blank to
disable password expirations..
|Failed login count
||Number of failed logins within the Failed login interval
before Shares locks the account .
|Failed login interval
||The interval in minutes within which hitting the Failed login
count locks the account.
||Determines whether non-users can create or request user accounts. For more
information on self-registered accounts, see Moderate Self Registered Accounts.
- None: Not allowed.
- Moderated: An admin must approve the account before it is created. If you
allow self-registration, the moderated setting is recommended for security.
- Unmoderated: After a user registers, the user’s account is automatically
Removing Support for TLS 1.0 and 1.1
The default configuration of Shares
has TLS 1.0, 1.1 and 1.2 enabled. Older browsers require the older and less secure version,
TLS 1.0. You may disable support for these older browsers by removing TLS 1.0 from the
To remove TLS 1.0 from the configuration, edit the nginx.conf file located
. Delete TLSv1 and TLSv1.1 from
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;