tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

Added mention of Session.timeout to secure_coding docs

Browse Source
This commit is contained in:
Jackson Darlow 2020-06-12 14:42:14 +12:00
parent ea7e0e8e3b
commit ae1a883b32
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/en/02_Developer_Guides/09_Security/04_Secure_Coding.md
View File

@ -617,6 +617,7 @@ In addition, you can tighten password security with the following configuration
the user is blocked from further attempts for the timespan defined in `$lock_out_delay_mins`
* `Member.lock_out_delay_mins`: Minutes of enforced lockout after incorrect password attempts. Only applies if `lock_out_after_incorrect_logins` is greater than 0.
* `Security.remember_username`: Set to false to disable autocomplete on login form
* `Session.timeout`: Set timeout to attenuate the risk of active sessions being exploited
## Clickjacking: Prevent iframe Inclusion