HostBill provides a wide range of security settings. In order to establish your own security configuration you need to go under Settings -> Security Settings. Here, you can operate within 5 areas which deal with security in your application. They are:
Adminarea allowed IPs
HostBill has an admin access restriction feature that controls what IPs may access the administrative interface. To utilize this feature, do the following.
- 1. Navigate to Security Settings > Administrative Allowed IPs.
- 2. Allow your IP first.
- 3. Deny all IPs next.
HostBill will always check the deny IPs first, and allow IPs next.
Here, you can ban abusive IP addresses. The ban can be sat permanently and temprorary (by setting a precise date when the ban expires). Note: Every IP you enter in IP Ban form has to match exactly the user IP you want to ban, those bans apply both for HostBill adminarea and clientarea restriting login or registration.
If you are sick and tired of spammers that overload your support dashboard you can use Ban Email option which allows to ban traffic from certain domains/email addresses.
Admin login notification
Here, you can enable / disable notifications for certain staff / administrators, which will send a notification to both you, and the staff member when someone has logged into the account with the feature enabled. Also, you can take an advantage of Admin activity log option, where you can find information about admins' activities such as: login and logout time, last access and IP address.
Remote API Access
Password Strength settings
Here, you can configure your passwords. You can set up to how many characters the password will be created. Also, you have opportunity to choose which characters will be allowed.
If you want to know how strong your password is you may like Passtrenght Plugin. It can be activated under Extras -> Plugins. This plugin will display password strength meter next to password fields across HostBill.
More info about HostBill security you may find here