docs: add missing configuration pages and remove redundant H1 headers
This commit is contained in:
Dwindi Ramadhana
33
contents/docs/configuration/security/index.mdx
Normal file
33
contents/docs/configuration/security/index.mdx
Normal file
@@ -0,0 +1,33 @@
|
||||
---
|
||||
title: Security Settings
|
||||
description: Protect your store with WooNooW security features.
|
||||
---
|
||||
|
||||
|
||||
|
||||
Navigate to **Settings > Security** to configure access controls and protection features for your store.
|
||||
|
||||
## Access Control
|
||||
|
||||
### Limit Login Attempts
|
||||
Protect your admin area and customer accounts from brute-force attacks.
|
||||
- **Max Retries**: Set the maximum number of failed login attempts allowed.
|
||||
- **Lockout Time**: Duration to lock out an IP address after exceeding retries.
|
||||
|
||||
### Password Strength
|
||||
Enforce strong passwords for new customer accounts.
|
||||
- **Minimum Strength**: Choose between Weak, Medium, or Strong requirements (based on zxcvbn strength estimation).
|
||||
|
||||
## Checkout Security
|
||||
|
||||
### Captcha Protection
|
||||
Enable ReCaptcha or Cloudflare Turnstile on checkout and registration forms to prevent bot spam.
|
||||
- **Provider**: Select your captcha provider using the dropdown.
|
||||
- **Site Key & Secret Key**: Enter your API credentials.
|
||||
|
||||
## API Security
|
||||
|
||||
### REST API
|
||||
WooNooW relies on the WordPress REST API.
|
||||
- **Require SSL**: Force HTTPS for all API requests (Recommended).
|
||||
- **CORS Settings**: Configure Cross-Origin Resource Sharing if you are hosting the frontend on a different domain.
|
||||
Reference in New Issue
Block a user