Contents

Popular
Contents

Site Admin Login

  1. Click the Login button on the upper-right corner or click the Already have an account button.



  2. Click the Login as Admin link in the Login page.

Recovering Admin Password

If a user or site admin wants to reset his/her password, perform the following actions:

  1. Click the Forgot your Password link as shown below.



  2. Provide the admin email ID and click the Reset button. One time login link will be sent to the registered mail id through which the user can change his/her password.

Recovering Developer Password

  1. Step1 from above.
  2. Select the environment in which the developer account exists and provide user mail ID and click the Reset button.
    One time login link will be sent to the registered mail id through which the user can change his/her password.

Changing Password

To change the password,

  1. Log into the account
  2. Navigate to the Edit account page using the Account dropdown in the header



  3. Provide the current password and new password, confirm password and click Save.



  4. Logout and login to the account with the new password.

Setting up Login Security

Login Security module enables the site administrator to configure security of the login like configuring number of login attempts, detecting ongoing attacks on logging into site, blocking the ip address of the attacker e.t.c

Enabling Login Security

To start using Login Security module, it has to be enabled in the configuration page. 

  1. Login into the Developer Portal as admin and click Extend present in the menu bar.



  2. Select the Login Security option and click the Install button. 



  3. A confirmation regarding installing BanModule will be shown. Select 'Continue



  4. Module successfully enabled message is seen.

Configuring Login Security

Now Login Security can be used by performing the following actions:

  1. Go to Configuration > People > Login Security .



  2. Specify a number in the failed attempts textbox to set the failed login attempts. 

    General Settings:

    Icon

    Track Time –It tracks the security violations in the given time usually in hours.
    Soft Host - The host cannot login to Developer Portal, but can access Developer Portal as anonymous user after reaching the no. of failed attempts provided here.
    Host – The host will be blocked and cannot access Developer Portal after reaching the no. of failed attempts provided here.
    Attack detection – A warning will be sent after reaching the no. of failed attempts provided here. A mail to be sent can be configured in Notifications section as below.

  3. Select the Notify the user about the remaining login attempts option to configure notification.



  4. Save the configuration 



  5. Configuration saved message will be shown.


Now users will get to know about the failed login attempts and also the user is bocked if the number of attempts exceeds the set limit.

Blocking IP addresses

A site administrator can also block IP Addresses from accessing Developer Portal after enabling Login Security Module.

IP addresses added here are banned from the site. Banned addresses are completely forbidden from accessing the site. Perform the following actions to enable the same:

  1. Go to Configuration > People > IP address bans.



  2. Enter a valid IP address and click Add



  3. A success message will be shown and the added IP address will be shown in the list.



  4. Added IP address can be removed from the list of banned IPs by clicking the Delete button.
Account Blocked Email

Provide a comma-separated list of emails for who should receive an email message when a user is blocked.

If it is empty, no notification will be sent.


When an account is blocked due to multiple failed login attempts or IP ban, then the email needs to be sent for the blocked account can be configured using the tokens as shown below

Adaptavist ThemeBuilder EngineAtlassian Confluence