# Security *Article Topics:* [*Customization*](/getting-started/common-topics/customization.md)*,* [*One Click Systems*](/getting-started/common-topics/one-click-systems.md) The Configuration Admin's "Security" section contains options to configure who can access secure areas of your NATS program. {% hint style="warning" %} **Important:** Be careful editing these settings, as you can easily lock yourself out. {% endhint %} ## Admin IPS * **Admin IPs** - A comma-delimited list of IPs allowed for admin access. Leave empty to disable. * **Tmm Admin IPs** - IP Addresses for Too Much Media's admin access. Used by TMM Admins. * **Remote Auth IPs** - Set secure IP Addresses permitted for remote authentication of reseller accounts. * **Secure IPs** - Secure IP Addresses permitted to post login log entries. * **Shop Allowed IPs** - Secure IP Addresses allowed to post shop transactions. * **Extended Track Allowed IPs** - Comma-delimited list of IPs authorized to post extended sales. Leave empty if not set. ## APIs * **Admin API Allowed IPs** - Set the IP Address of IPs allowed to access the Admin API. * **Enable SOAP API** - Set whether to enable the SOAP API. * **Enable REST API** - Set whether to enable the REST API. ## Data Encryption {% hint style="warning" %} **Important:** CHANGES TO THIS WILL NOT EFFECT ALREADY ENCODED DATA. [Please put in a ticket with TMM](https://clients.toomuchmedia.com/index.php?tmmatt=1) if you want to make any changes to encryption. {% endhint %} * **Encrypt Member Username** - Encrypt member usernames. Encrypted member usernames will be in lowercase. {% hint style="info" %} **Please Note:** Username encryption may impact member authentication processes. [Reach out to TMM ](https://clients.toomuchmedia.com/index.php?tmmatt=1)before making changes. {% endhint %} * **Encrypt Member Password** - Encrypt member passwords. * **Encrypt Member Email** - Encrypt member email addresses. * **Encrypt Member First Name** - Encrypt member first names. * **Encrypt Member Lastname** - Encrypt member last names. * **Encrypt Member Address** - Encrypt member addresses. * **Encrypt Member Temp** - Encrypt member temp table. * **Encrypt Member Note** - Encrypt member notes. * **Encrypt Memberip** - Encrypt members' IP addresses. * **Encrypt Surferip** - Encrypt surfers' IP addresses. * **Encrypt ATVOD Verification** - Encrypt sensitive ATVOD verification information. * **Encrypt Affiliate Email** - Encrypt affiliate email addresses. * **Encrypt Affiliate Info** - Encrypt affiliate private information. * **Encrypt Payvia** - Encrypt affiliate payment information. * **Encrypt Mail Queue** - Encrypt send-to addresses and variables in the mail queue. * **Encrypt Config** - Encrypt configuration information. * **Encrypt Postbacks** - Encrypt data stored in NATS for delayed (and retried) postbacks. * **Decrypt Option Biller** - Keep option biller details decrypted. * **Decrypt Site Biller** - Keep site biller details decrypted. ## Document Upload * **Documents Secure Ext** - Comma-delimited list of extensions allowed for document upload. * **Documents Secure Ips** - Comma-delimited list of IPs allowed for document upload. ## Throttling * **Throttle White List IPs** - Comma-delimited list of IPs to allow skipping of throttling checks. * **Throttle Black List IPs** - Comma-delimited list of IPs to automatically fail throttling checks. * **Throttle Approved** - Turn on throttle checking for the approved.php page (initial member approval template). * **Throttle Approved Max Count** - Maximum number of attempts to approved.php page from a single IP address (initial member approval template). * **Throttle Approved Time Limit** - Number of seconds to wait to clear past hit attempts to approved.php page (initial member approval template). * **Throttle Upgradeplus** - Turn on throttle checking for the upgradeplus.php page (instant upgrades). * **Throttle Upgradeplus Max Count** - Maximum number of attempts to upgradeplus.php page from a single IP address (instant upgrades). * **Throttle Upgradeplus Time Limit** - Number of seconds to wait to clear past hit attempts to upgradeplus.php page (instant upgrades). * **Throttle Upgraded** - Turn on throttle checking for the upgraded.php page (member upgraded templates). * **Throttle Upgraded Max Count** - Maximum number of attempts to upgraded.php page from a single IP address (member upgraded templates). * **Throttle Upgraded Time Limit** - Number of seconds to wait to clear past hit attempts to upgraded.php page (member upgraded templates). * **Throttle Upsellplus** - Turn on throttle checking for the upsellplus.php page (upsells). * **Throttle Upsellplus Max Count** - Maximum number of attempts to upsellplus.php page from a single IP address (upsells). * **Throttle Upsellplus Time Limit** - Number of seconds to wait to clear past hit attempts to upsellplus.php page (upsells). * **Throttle Packageplus** - Turn on throttle checking for the packageplus.php page (package upgrades). * **Throttle Packageplus Max Count** - Maximum number of attempts to packageplus.php page from a single IP address (package upgrades). * **Throttle Packageplus Time Limit** - Number of seconds to wait to clear past hit attempts to packageplus.php page (package upgrades). * **Throttle Tokenplus** - Turn on throttle checking for the tokenplus.php page (token rebuys). * **Throttle Tokenplus Max Count** - Maximum number of attempts to tokenplus.php page from a single IP address (token rebuys). * **Throttle Tokenplus Time Limit** - Number of seconds to wait to clear past hit attempts to tokenplus.php page (token rebuys). * **Throttle Cancelplus** - Turn on throttle checking for the cancelplus.php page (member subscription cancel requests). * **Throttle Cancelplus Max Count** - Maximum number of attempts to cancelplus.php page from a single IP address (member subscription cancel requests). * **Throttle Cancelplus Time Limit** - Number of seconds to wait to clear past hit attempts to cancelplus.php page (member subscription cancel requests). * **Throttle Duplicate** - Turn on throttle checking for the duplicate.php page (duplicate membership on signup). * **Throttle Duplicate Max Count** - Maximum number of attempts to duplicate.php page from a single IP address (duplicate membership on signup). * **Throttle Duplicate Time Limit** - Number of seconds to wait to clear past hit attempts to duplicate.php page (duplicate membership on signup). * **Throttle Verifyplus** - Turn on throttle checking for the verifyplus.php page (member address verification for ATVOD). * **Throttle Verifyplus Max Count** - Maximum number of attempts to verifyplus.php page from a single IP address (member address verification for ATVOD). * **Throttle Verifyplus Time Limit** - Number of seconds to wait to clear past hit attempts to verifyplus.php page (member address verification for ATVOD). * **Throttle Signupplus** - Turn on throttle checking for the signupplus.php page (expired member one-click signup). * **Throttle Signupplus Max Count** - Maximum number of attempts to signupplus.php page from a single IP address (expired member one-click signup). * **Throttle Signupplus Time Limit** - Number of seconds to wait to clear past hit attempts to signupplus.php page (expired member one-click signup). * **Throttle Signup Validation** - Turn on throttle checking for the signup\_validation.php page (perform validation on passed-in data). * **Throttle Signup Validation Max Count** - Maximum number of attempts to signup\_validation.php page from a single IP address (perform validation on passed-in data). * **Throttle Signup Validation Time Limit** - Number of seconds to wait to clear past hit attempts to signup\_validation.php page (perform validation on passed-in data). * **Throttle Password** - Turn on throttle checking for the password.php page (member forgot password page). * **Throttle Password Max Count** - Maximum number of attempts to password.php page from a single IP address (member forgot password page). * **Throttle Password Time Limit** - Number of seconds to wait to clear past hit attempts to password.php page (member forgot password page). * **Throttle Forget Member** - Turn on throttle checking for the PATCH /member/forget API function. * **Throttle Forget Member Max Count** - Maximum number of attempts to the PATCH /member/forget API function from a single IP address. * **Throttle Forget Member Time Limit** - Number of seconds to wait to clear past hit attempts to the PATCH /member/forget API function. * **Throttle Login** - Turn on throttle checking for the login.php page (member login page) for the OpenID server. * **Throttle Login Max Count** - Maximum number of attempts to login.php page from a single IP address (member login page) for the OpenID server. * **Throttle Login Time Limit** - Number of seconds to wait to clear past hit attempts to login.php page (member login page) for the OpenID server. ## Auth Strings * **Member String Auth Cancelplus** - Set whether to require authstring to process hits on cancelplus.php. * **Member String Auth Packageplus** - Set whether to require authstring to process hits on packageplus.php. * **Member String Auth Tokenplus** - Set whether to require authstring to process hits on tokenplus.php. * **Member String Auth Upgradeplus** - Set whether to require authstring to process hits on upgradeplus.php. * **Member String Auth Upsellplus** - Set whether to require authstring to process hits on upsellplus.php. * **Member String Auth Signupplus** - Set whether to require authstring to process hits on signupplus.php. ## Input Source * **Packageplus Post Only** - Set whether to require input for packageplus.php to be $\_POST only (otherwise, it will be $\_REQUEST) * **Tokenplus Post Only** - Set whether to require input for tokenplus.php to be $\_POST only (otherwise, it will be $\_REQUEST) * **Cancelplus Post Only** - Set whether to require input for cancelplus.php to be $\_POST only (otherwise, it will be $\_REQUEST) * **Signupplus Post Only** - Set whether to require input for signupplus.php to be $\_POST only (otherwise, it will be $\_REQUEST) ## Two Factor Authentication * **G2FA Window** - Set the allowed difference in time between the time on the user's device and the time on the server. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.toomuchmedia.com/nats-admin/configuration/configuration-overview/security.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.