Latest version
Our site Forum Blog

Security

Check our option to handle several security regarding the user subscription, file download on your site and database maintenance.

Captcha

On all our paid versions, you have the possibility to turn on a captcha verification on your AcyMailing subscription forms in order to only allow human subscriptions.

  • Captcha: Choose the captcha solution you want to use on the subscription forms

  • Security key: if you use the subscription via URL and you want to enable the captcha, you will have to add this security key on your subscription via URL (by adding the argument seckey=YOUR_KEY) otherwise the subscription via URL won't work. This key is randomly generated during the install process but you can change it if you want.

  • Google site key: site key given by Google after registering your website

  • Google secret key: secret key given by Google after registering your website

  • Score to reach: Only shown when using the reCaptcha v3. Google gives a score to people visiting your site based on their previous actions (pages visited, links clicked, etc...). The users with a lower score than what you enter will have to validate a captcha.

You can use these keys provided by Google to test the reCaptcha: Site key: 6LeIxAcTAAAAAJcZVRqyHh71UMIEGNQ_MXjiZKhI Secret key: 6LeIxAcTAAAAAGG-vFI1TnRWxMZNFuojJ4WifJWe

Generate reCaptcha keys

To generate real keys for your website, go to https://www.google.com/recaptcha/admin/create then follow these steps for the invisible reCaptcha:

If you want to use the reCaptcha v3, select "reCaptcha v3" as the generated keys can't work with any reCaptcha version!

Advanced email verification

  • Check if the domain exists: If you enable this option, AcyMailing will perform a test on the domain name to make sure the domain exists before allowing the user to subscribe. For example, if a user submits the e-mail address user@example.com then AcyMailing will check if the domain example.com exists and if not, it will not allow the user to subscribe and will ask for a valid e-mail address. This option is turned OFF by default as some hosting companies won't enable you to do this verification but we recommend you to turn it ON and then check again the subscription form to make sure everything is still working fine.

  • Show spellcheck suggestions: try to detect typos in domain names when new users enter their email address. Active on the subscription form and the profile form for example.

  • Add a validation field for the email field: an email confirmation field will be displayed on the subscription forms.

Permissions

This first option takes you to the Joomla permissions page that lets you manage the AcyMailing access per user group.

Advanced permissions

This option allows to handle which user group have access to which feature in AcyMailing. By default every user group which have access to the back-end and AcyMailing have access to every feature:

But you can customise it. For example if you don't want the user management to be accessible to other groups you can make this configuration:

Front-end edition

This option allows you to modify the behaviour when a user is deleted from a front-end menu on Joomla:

  • Delete the user: This will simply delete the user in the database

  • Remove the user's subscription: The behaviour will remove the user subscription attach to the manager in front-end but the user still exists in the database.

Files

  • Allowed Files : List of allowed file extensions for the attachments. We won't let you compromise your website! Some files will still be blocked even if you allow the extension on your configuration.

  • Upload Folder : Folder in which the attachments will be uploaded to. Please make sure this folder is writable otherwise AcyMailing won't be able to upload your files in it. You can customize the folder path per user, here are the available variables:

    • {groupname} => the name of the first user group of the current user (on Joomla users can have multiple groups)

    • {userid} => the identifier of the AcyMailing user, visible on the users listing

Redirections

This option will allow you to make safe redirection on your subscription form. If you are using the redirection option on your subscription form and you are redirecting subscribers to another website than yours you must set this option with the other website domain.

For example, here we will allow redirection on https://www.acymailing.com:

Database maintenance

  • Check database integrity: If you click on this button, AcyMailing will perform a few tests to make sure your database structure is up to date. We may add additional tests in the future. You can safely click on it at any time to check your database structure.

  • V5 data migration: If AcyMailing version 5 was installed on your website when you first installed the version 6, a migration procedure was displayed for your to migrate your data. The bouton is displayed only if tables from the version 5 are still in your database. You can trigger again the migration from here, but it will first delete your version 6 data.

Launching again the migration procedure will first delete data from the version 6. Be sure you don't want to keep them before launching this as there is no rollback.

PreviousData collectionNextLanguages

Last updated