34 lines
1.2 KiB
Plaintext
34 lines
1.2 KiB
Plaintext
---
|
|
title: Security Settings
|
|
description: Protect your store with WooNooW security features.
|
|
---
|
|
|
|
|
|
|
|
Navigate to **Settings > Security** to configure access controls and protection features for your store.
|
|
|
|
## Access Control
|
|
|
|
### Limit Login Attempts
|
|
Protect your admin area and customer accounts from brute-force attacks.
|
|
- **Max Retries**: Set the maximum number of failed login attempts allowed.
|
|
- **Lockout Time**: Duration to lock out an IP address after exceeding retries.
|
|
|
|
### Password Strength
|
|
Enforce strong passwords for new customer accounts.
|
|
- **Minimum Strength**: Choose between Weak, Medium, or Strong requirements (based on zxcvbn strength estimation).
|
|
|
|
## Checkout Security
|
|
|
|
### Captcha Protection
|
|
Enable ReCaptcha or Cloudflare Turnstile on checkout and registration forms to prevent bot spam.
|
|
- **Provider**: Select your captcha provider using the dropdown.
|
|
- **Site Key & Secret Key**: Enter your API credentials.
|
|
|
|
## API Security
|
|
|
|
### REST API
|
|
WooNooW relies on the WordPress REST API.
|
|
- **Require SSL**: Force HTTPS for all API requests (Recommended).
|
|
- **CORS Settings**: Configure Cross-Origin Resource Sharing if you are hosting the frontend on a different domain.
|