Navigation:  Domain > Domain Settings > General Settings >

Password & Security

Previous pageReturn to chapter overviewNext page





Enable Linux/Unix symbolic links

Allow or disallow file listing for symbolic links under Linux/Unix.


User passwords using SHA256 hash encryption

The user password will be stored with SHA256 hash by default, when this option is disabled, the user password will use MD5 hash.


Enable password salting and specify a salt string

Specifying a SALT string makes it hard to decrypt the user password. You can also use a variable "%Name" as SALT, it will be replaced into the username dynamically.


Need to change the password on the first logon

When enabled, the user needs to change his password on the first login. Only for web clients.


Minimum user password length

It will restrict the user password length when adding a user account or changing the password.


The password must contain characters from the following categories

You can specify the password complexity by choosing a few categories.



Enable Anti-hammer

Activate or deactivate anti-hammering function.


Ban IP xx seconds if xx failed login tries in xx seconds

The counter will monitor the login tries and count them. If the number of failed login tries during the period is exceeded, the user IP will be banned for a period of time as defined.


Redirect HTTP to HTTPS automatically

When enabled, all the HTTP will be redirected to the HTTPS protocol, and you can also specify the HTTPS listener port.


Additional HTTP headers

You can define additional HTTP headers by yourself.