Categories

Core Templates
2
Elevated X CMS
277
ELXComplete
9
Legal and Compliance
4

  Categories

  Tag Cloud

Age Verification System AVS

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Open Ticket

VOD User and IP lockout settings Print

  • 0

VOD User and IP lockout settings

By default, the VOD (which includes ELX Complete style setups) places limits on users who are logged into the system.

These settings can be changed by adding / altering values that are within cmsinclude.ini.php. If there is not a value present within cmsinclude.ini.php, the system will use the default value that is there.

[temporary_ban_user] settings

These are settings that control how aggressively a user is banned or locked out of the system.

These settings can be listed underneath the [temporary_ban_user] header. If this header does not exist within cmsinclude.ini.php, this header can be added

daily_cap: This is the number of bytes that are allowed per day for a user to download. By default, this value is 150gb. If a user downloads more than this amount of data in a day, they won't be allowed to browse the site until the next day.
Default value: 150000000000

hourly_cap: This is the number of bytes that are allowed per hour for a user to download. By default, this value is 40gb. If a user downloads more than this amount of data in an hour, they won't be allowed to browse the site until the hour is up.
Default value: 40000000000

number_ips_soft: This is the simultaneous number of IPs that are allowed to be signed in at once. This setting is used with the number_minutes_soft setting. For instance, if number_ips_soft=2 and number_minutes_soft=10, the system will log out any existing users if there are more than 2 IPs in the past 10 minutes for this user.
Default value: 2

number_minutes_soft: See entry for number_ips_soft for more information on how this setting works.
Default value: 5

number_ips_hard: This is the simultaneous number of IPs that are allowed to be signed in at once before this user is temporarily banned. This setting is used with the number_minutes_hard and ban_length setting. For instance, if number_ips_hard=5 and number_minutes_hard=30 and ban_length=180, the system will temporarily ban this account if there are more than 5 IPs in the past 30 minutes for this user. The ban will last for 180 minutes, or whatever value is set for ban_length.
Default value: 5

number_minutes_hard: See entry for number_ips_hard for more information on how this setting works.
Default value: 30

ban_length: See entry for number_ips_hard for more information on how this setting works.
Default value: 180

[main] settings

What is present here is related to anti-slurp behavior.

Slurping is when a script attempts to download an entire site using a bot script.

Our system works by embedding an mp4 link within our templates:

<a href="antslrp.mp4"></a>

A bot script attempts to download this movie file automatically. As as result, when this download is attempted, the user is temporarily banned for ban_length number of minutes.

slurptext: This determines the string path that will cause a ban. If this value is changed from "antslrp" to something like "askjfASDFj22oiaw2jk", it will effectively turn off slurp protection for people who try it.
Default value: antslrp

[temporary_ban_ip] settings

What is present here is related to IP addresses that are attempting bad behavior.

There is protection from having a bot script try too many logins and passwords at once. There is also protection that prevents a user or bot script from creating too many free accounts at one time.

number_attempts: This is the number of login attempts that are tried before an IP is temporarily banned. For instance, if number_attempts=25 and number_minutes=5, the system will temporarily ban any IP that tries to sign into the site 25 times within 5 minutes. The temporary ban will last ban_length minutes, which is 180 minutes by default.
Default value: 25

number_minutes: See entry for number_attempts for more information on how this setting works.
Default value: 5

ban_length: See entry for number_ips_hard for more information on how this setting works.
Default value: 180

create_attempts: This is the number of account creations that are tried before an IP is temporarily banned. For instance, if create_attempts=3 and create_minutes=360, the system will temporarily ban any more account creations from that IP. The temporary ban will last ban_length minutes, which is 180 minutes by default.
Default value: 3

create_minutes: Please see the entry for create_attempts on how this setting works.
Default value: 360

Was this answer helpful?

Related Articles

Setup Setup A description of each function and option can be seen by mousing over the (?) icon to the... CMS Administrator Access CMS Administrator AccessLocation - Gear icon menu at top right of screen. Manage users who have... Restore Database Restore DatabaseLocation - Utilities Here you can browse your hard drive and locate the desired... Media Types Media Types   Media Types list all the file formats and extensions the CMS will use to... Sets Sets Switch to gallery viewClicking this link will change the page display to show you a...
« Back

  Tag Cloud

Age Verification System AVS

  Support

My Support Tickets
Announcements
Knowledgebase
Downloads
Open Ticket

This site uses cookies to personalize content and to analyze traffic. You consent to our cookies if you continue to use our website. Read our Privacy Policy to learn more. Please Agree or Exit