What are the different security levels in Composr's Setup Wizard and what do they affect?

  • By
  • Added
  • 18 views
Question What are the different security levels in Composr's Setup Wizard and what do they affect?
Answer Composr offers five security levels in the Setup Wizard: Minimum, Low, Medium, High, and Ultra High. Each level sets various security configurations that you can later customize under Admin Zone > Setup > Configuration.

The security levels influence settings such as:

  • Content Security Policy
  • Session expiry time
  • Password reset process
  • Password expiry days
  • Minimum password length and strength
  • Login error secrecy
  • IP strictness for sessions
  • Cryptographic ratchet
  • CAPTCHA usage
  • Brute force threshold
  • Audio CAPTCHA
  • URL Monikers
  • .htaccess restrictions on maintenance scripts
  • Enquiry on new IP addresses

The higher the security level, the more stringent the security measures, with Ultra High offering the most robust protection but the most potential inconvenience to users.

Generally, you should use these settings depending on your site:
  • Minimum: Very bare-bones informational-only sites
  • Low: Sites which do not allow public registrations and do not use eCommerce but have content managed by different staff, and are not concerned with privacy or data
  • Medium: Sites with social features / public accounts but do not use eCommerce.
  • High: Sites which use eCommerce.
  • Ultra High: Sites containing very sensitive data, such as but not limited to cybersecurity sites, government departments, banks, healthcare, etc.

Rating

Unrated