ARMember – Security Options

Go to the Security Options Tab at General Settings to add Security options.

Brute Force login protection:

Login pages are highly protected by brute-force prevention mechanism. ARMember is providing a very secure login mechanism.

  • Provides Setting for temporary blocking mechanism.
  • Provides to set the allowed number of login attempts.
  • Manage blocked member blocking time interval.

Enable Login Security For Failed Login Attempts

If you enable this option ARMember will keep record of IP address and timestamp of each failed login attempt. If more than certain number of attempts are detected within a short period of time from the same IP range, then the login function is disabled for all requests from that range of IP Address.

  • Maximum Number of login attempts: Number of allowed login attempts

  • Lock user temporarily for : Temporary lockdown Duration in minutes

  • Permanent lock user after login attempts : Number of allowed login attempts

  • Permanent lockdown Duration : Lockdown Duration in Hours

  • Reset Login Attempts : You can clear all failed login attemts for every users.

  • Display Remained Login Attempts Warning : If this option is enable then it will show front end user, how many login attempts are remained as warning.

When user exceeds the maximum number of login attempts, he/she will be blocked for temporary lock down time duration.


Block Username

You can restrict specific keywords from being used as username in registration form with this option.

When user try to register with blocked username, Error message will be displayed. Also you can display specific error message with Blocked Username Message option.

  • Note: You should place each Username on a new line.

Block Email Addresses

You can restrict specific keywords from being used in email address at time of registration.

When someone try to register with blocked email address, for that you can set custom error message from Blocked Email Addresses Message option.

  • Note: You should place each Email Address on a new line.

Block IP Addresses

You can block site access for specific IP address with this option.

If anyone try to access site with mentioned blocked IP address, Error message will be displayed. Also you can display specific error message with Blocked IP Address Message option.

  • Note: You should place each IP Address on a new line.

Block URLs

You can block site access to specific URL or URL Patterns requested from users.

You can use wildcard(*) for specific pattern.

For Example
http://www.example.com/*some_text*/page

  • Note: You should place each URL or URL Pattern on a new line.

You will be able to block URLs plan wise too. You can add as many conditions as you want.

You will find two Blocked URLs Options whether you want to Display Message or Redirect to page when requested URL is blocked.

  • If you select Display Message, You will have input to add message to be displayed when requested URL or URL pattern is blocked.
  • If you select Redirect to page, You will have input to add specific URL where you want to redirect users when requested URL or URL pattern is blocked.

Display Login History

You can keep track of login history in database for all users, if display login history switch is on.

  • Reset Login History : you can clear login history log from database for all users by one click.