AccessGuardian protects
directories and their contents on any server or hosting account against
unauthorized usage and also manages accesses coming from registered users
(members).
The software is able to handle
multiple subscriptions, which may be either free of charge or fee based
(refer to the following parts of this chapter for more information).
You can protect confidential
business data, provide private areas to your employees (e.g. sales staff),
sell paid memberships of your website or (web-)services, distribute all
kinds of downloadable goods like software, e-books and much more.
Seen on the technical
side, two security methods are provided:
Proxy script (normal security,
Unix and other OS):
All data stored in the protected
directory(ies) is delivered through AccessGuardian after the user has provided
its authentication. This method works well with most websites and is recommended,
if .htaccess/.htpasswd is not supported by your server.
Technical
notes: Server-side scripting, server-generated directory listings
and SSI is not supported; embedded multimedia objects (e.g. Flash animations,
Quicktime movies or PDF) should work. CGI software must be called by using
full URLs.
.htaccess and .htpasswd
files (strong security, Unix only):
AccessGuardian uses the server's
.htaccess and .htpasswd files to protect content with the highest level
of security.
It's the recommended method
suited for all kinds of deliverable data, e.g. binary content, multimedia
files, embedded objects and executable software like CGI scripts as well
as other server-based applications - fully compatible to your existing
website.
Technical
note: This method may not work on most Windows systems; please
use "proxy script" instead of.
Subscriptions - the way
AccessGuardian works:
If users are interested to
access protected content, they must become a member first. By doing so,
they have normally not access to any provided subscriptions (at least unless
you specify a particular subscription to be available for new members).
As soon as the users are
registered (now called "members"), they can proceed to order the desired
subscriptions (which can be free or fee based depending upon your settings
and desired application).
After approvement (either
automatically or by the admin), members are able to access the subscriptions
they have registered for. In this way, it is possible to host multiple
subscriptions only accessible by certain users.
|
First of all you must configure
basic system settings which take effect to the behavior of the software.
Click on the button "Edit AccessGuardian parameters" when you're in the
admin menu.
General settings:
|
AccessGuardian asks...
|
Description...
|
| Name of site |
Name of your website (e.g.
"My sample company"). |
| URL of site |
URL of your website (e.g.
"http://www.sunnyscript.com"), as it will be displayed at the member lounge
and within mailings. |
| Footer to be added to each
e-mail |
Default footer being added
to all outgoing e-mails; suited especially for showing your business card
or advertisements. |
Security settings:
|
AccessGuardian asks...
|
Description...
|
| Security method |
Choose the type of security
used to protect your content (see above). |
| Main files in secure directory(ies) |
Type in a comma separated
list of index files used to be called as the initial page of a protected
content directory, like "index.htm,index.html,index.cgi,startme.txt, getit.zip".
If more than one of these
files exist in a particular directory, the first file appearing in this
list is chosen.
By
the way: The directory location can be set individually for
each subscription. Please refer to the part "Manage subscriptions - available
settings" of this chapter. |
| Time to keep cart on server
(hours) |
Specify the time period,
shopping carts (containing subscriptions) of your members will be held
in the system. Recommended range: 1 to 5 hours.
Technical
note: As longer you keep the carts alive, as more diskspace
is temporarily required (about 1 KB per cart). |
Max. time to await payment
confirmation from card processor |
It defines the time period
the system waits for order confirmations from the credit card processor.
Recommended value: 12 hours.
Usage
note: Applicable for fee based subscriptions and payment method
"Credit card real-time processing" only (described closer below). |
| E-mail blocking |
Activate "Block these e-mail
addresses" and specify a list of domains and/or e-mail addresses (one per
line) not allowed to be used by people creating profiles. |
| IP blocking |
Activate "Block these IP
addresses" and specify a list of IP addresses (one per line) not allowed
to be used by people trying to subscribe to your services.
Also partial IP addresses
(e.g. 123.456.78.*) are allowed. |
"Welcome new member" e-mail
message:
|
AccessGuardian asks...
|
Description...
|
| Send welcome message |
Marked to send a welcome
message after a profile has been created successfully.
Important
note: Unless providing login IDs and passwords in an other way
(e.g. by modifying the member lounge templates to do so there), this message
is required to let your members receive their login information. |
Currency settings:
|
AccessGuardian asks...
|
Description...
|
| Currency prefix |
Type in the prefix of the
currency (e.g. "$" for usage in "$12.34 USD"). |
| Currency suffix |
Type in the suffix of the
currency (e.g. " EUR" for usage in "12.34 EUR"). |
| Currency decimals |
Specify the number of decimal
places in desired currency (commonly two). |
| Primary currency 3-digits
separator |
Decide for a character you
want to use in order to separate amounts every three digits (e.g. $1'499.80
USD or 2.700,40 EUR). |
Admin's notification:
|
AccessGuardian asks...
|
Description...
|
| Send receipt to admin |
Marked to send a notification
to admin for each new incoming order. |
Order logging settings:
|
AccessGuardian asks...
|
Description...
|
Orders log file
Required by YourAffiliates |
Absolute path of the log
file location used by YourAffiliates (or other compatible affiliate managers)
to track sale based commissions. Leave it empty to disable tracking.
Sample setting: /usr/www/cgi-bin/ya/data/sales.db |
| Orders log file format |
Select either "New release
format" or "New release format, moderated" when using YourAffiliates ("Old
release compatibility" is intended for elder releases of this product). |
How long keep "affiliate
cookie"
on user's computer (in hours) |
If you use AccessGuardian
to place affiliate cookies (see "Helpful hints and technical reference"),
then you can set the time period to hold cookies on visitor's computer.
Recommended value: 48 hours.
Parameter is optional. |
Order restrictions:
|
AccessGuardian asks...
|
Description...
|
| Order sub-total |
| Minimum order value |
Type in the minimum amount
of an order, before granting checkout.
Format: 12.34
(without any currency prefix or suffix) |
| Maximum order value |
Type in the maximum total
amount allowed per single order.
Format:
12.34
(without any currency prefix or suffix) |
| Payment location
restrictions |
| Show standard country list |
Select this option and a
pre-defined list of countries will be shown. |
Accept payments from following
locations only |
Type in a list of locations
from which you will accept payments. Use a two-char location code and full
name separated by pipe, one pair per line.
Format: <Two-char
abbreviation>|<Full location name>
For example:
UK|United Kingdom
FR|France
DE|Germany
Usage
note: There is no need to keep attention to specific conventions,
you can invent your own list of locations depending upon your requirements. |
Payment methods: See
next part of this chapter.
AccessGuardian member
lounge layout:
|
AccessGuardian asks...
|
Description...
|
| Menu layout |
| Menu items separator |
Characters that will appear
between the top menu items (standard value: " | "). |
| Main menu entries |
Right box (available
selections): Choose entry and click on "Add" to select it.
Left box (current selections):
Click on "Delete" to remove an entry or use "Up" and "Down" buttons to
change entry order.
Alternatively you can type
in a comma delimited list of entries manually. |
"Home", "Profile update",
"Access
history", "Logout", "Help"
entry text |
Labels (linking text) used
for top menu entries.
You can also insert image
tags according valid HTML standard. "Help" allows also an e-mail address,
like "mailto:support@sunnyscript.com". |
|
Offline payment:
This payment option applies,
when you handle payment processing outside (orders are only taken, no invoices
generated).
|
AccessGuardian asks...
|
Description...
|
Allow buyer choose "Offline
checkout" |
Mark this checkbox to enable
the "Offline checkout" payment method. |
| Allow buyer cancel an order |
Check it to allow the customer
to cancel an order until order processing has started. Customers will see
a "Cancel order" link on their order receipts.
If an order was cancelled
through the customer, you get notified by e-mail and the field "Order cancelled"
(table of orders) is set to "Yes" for the concerned order.
Usage
note: Disable "User can cancel order" in the table of orders
as soon as you started order processing and don't wish the customer to
cancel its order anymore.
Important
note: Please be careful using this option. |
Send invoice:
This payment option will
create a customizable invoice for each order.
|
AccessGuardian asks...
|
Description...
|
| Allow buyer choose "Send
invoice" |
Mark this checkbox to enable
the "Send invoice" payment method. |
| Allow buyer cancel an order |
Check it to allow the customer
to cancel an order until order processing has started. Customers will see
a "Cancel order" link on their order receipts.
If an order was cancelled
through the customer, you get notified by e-mail and the field "Order cancelled"
(table of orders) is set to "Yes" for the concerned order.
Usage
note: Disable "User can cancel order" in the table of orders
as soon as you started order processing and don't wish the customer to
cancel its order anymore.
Important
note: Please be careful using this option. |
Credit card real-time
processing:
This payment option requires
a "merchant account" registered at a payment processor. In this way, you
can handle credit card payments electronically through an online payment
system.
Usage
note: If you process credit cards by yourself (e.g. via terminal
or an electronic cash register), please refer to the payment option "Credit
card manual processing" as described later.
Passing back order details
from the credit card processor to AccessGuardian:
After a payment has been
processed (no matter, if accepted or declined), the payment processor must
hand over the results back to AccessGuardian. For this application, the
program
passback.cgi
is intended.
Instruct your credit card
processor to transfer all data to passback.cgi
of your AccessGuardian installation:
|
Action to perform...
|
URL to provide to payment
processor (location varies on your system, of course)...
|
Hand over the payment processing
results to AccessGuardian |
http://www.sunnyscript.com/cgi-bin/ag/passback.cgi |
And here you can see how
to configure AccessGuardian to work together with a payment processor...
|
AccessGuardian asks...
|
Description...
|
Allow buyer choose "Credit
card
realtime processing" |
Mark this checkbox to enable
the "Credit card realtime processing" payment method. |
Generate invoice for each
transaction |
AccessGuardian can add an
invoice to the table of invoices for each single transaction.
|
Possible settings...
|
Description...
|
| Do not generate |
Disable this feature. |
| Generate, but internal use
only |
Invoice is generated, but
invisible to the customer. |
| Generate and show to buyers |
Invoice is generated and
link to a printable version is shown to the customer. |
|
Order confirmation
message
This message confirms the
order arrival ("queued for processing"). |
| Send confirmation message
to user |
Select at which stage in
order processing an order confirmation is sent to the customer.
|
Possible settings...
|
Description...
|
Send receipt in payment
confirmation message |
Don't send a confirmation
before payment was surely handled by the payment processor. |
| Send separate receipt |
Send an order confirmation
as soon as the order arrived (payment may be not done so far). |
|
Payment gateway
configuration
Important
note: All parameter settings described here must be provided
by the payment processor; set them very carefully. |
| Name of credit card processor |
Type in the name of the
payment processor. |
| Payment gateway URL |
AccessGuardian sends all
order details to this URL for payment processing. |
| Payment URL request method |
Select the submission method
(GET or POST). |
| Form variables |
AccessGuardian will send
these variable/value pairs to the payment gateway URL.
Format:
<Name
of variable>=<Submitted value>
(put only one pair into
a single line)
Sample 1:
$cart_id=$cart_id
Submit the variable $cart_id
and its assigned value.
Sample 2:
account=abc123
Submit a variable called
account
and its fix value abc123.
Sample 3:
ordertotal=$total
Take over the value from
$total
to a new variable.
Sample 4:
name=$first_name
$last_name
Put two system variables
into a new one.
Different payment processors
have different requirements in variable names and values being passed through
to them.
The following variable names
are reserved and holding system data (their values can be taken over according
the samples above):
|
Variable name...
|
Description...
|
| $total * |
Total sale amount to charge
from the credit card (contains numerical value only, format: 12.34). |
| $cart_id * |
Cart ID as assigned by AccessGuardian. |
$first_name, $last_name,
$company, $country,
$state, $zip,
$city,
$address1, $address2,
$phone, $_email,
... |
Various customer details,
as taken from the table of registered users.
Usage
note: Also custom fields you invented can be taken over by specifying
their names here. |
*
Important note: These fields are required being submitted to
the payment processor. |
Payment confirmation
"pass back" configuration
After the transaction has
been handled (successfully or not) by the payment processor, they need
to call passback.cgi
in order to inform AccessGuardian about the payment status.
Important
note: All parameter settings described here must be provided
by the payment processor; set them very carefully. |
Form field, which holds
shopping cart ID (mandatory) |
Provide the name of the
variable containing the shopping cart ID of the order (as it was originally
delivered by AccessGuardian).
Important
note: It is required to find the order belonging to the concerned
transaction. |
Form field, which holds
total amount paid (optional) |
Provide the name of the
variable containing the total amount as it was charged from the customer's
credit card for the concerned order. Accepted format: 12.34.
Technical
note: Leave the field empty, if this information is not available. |
Form field, which holds
transaction ref. number
(optional) |
Provide the name of the
variable containing the transaction reference number.
Technical
note: Leave the field empty, if this information is not available. |
Form field, which holds
transaction status (recommended) |
Provide the name of the
variable containing the transaction status (whether the payment was done
successfully or failed).
Important
note: It is recommended to let AccessGuardian know the payment
status. |
Value of successful transaction
status |
Specify the value, the "transaction
status" field must contain, to consider a payment transaction as being
done successfully (value must match the submitted one). |
| Log values of passed back
fields |
Specify a comma-delimited
list of all variables passed back to AccessGuardian which will be logged
in a special file for later reference:
Successful transactions are
stored in...
data/transactions.db
(suited for database or spreadsheet import)
data/transactions_readable.txt
(suited for humans; convenient to read)
Declined transactions are
stored in...
data/transactions_err.db
(suited for database or spreadsheet import)
data/transactions_err_readable.txt
(suited for humans; convenient to read)
Technical
note: Leave it empty to disable this feature. |
Payment confirmation
security
Important
note: All parameter settings described here must be provided
by the payment processor; set them very carefully. |
| Allowed request method |
Select the allowed submission
methods of the payment details (GET, POST or both). |
| Allowed referring URL (optional) |
If this parameter is set,
passback.cgi
is allowed to be called from a specific origin only (the URL you name here).
Intended to limit access and avoid security injuries. |
Action on violation of referring
URL rule (optional) |
When passback.cgi
is called from an other than the above specified referring URL, one of
these actions will be performed:
|
Possible settings...
|
Description...
|
| Accept payment, but notify
admin |
Payment will be accepted,
but a warning message is sent to the administrator. |
| Decline payment and notify
admin * |
Payment will be declined
and a warning message is sent to the administrator. |
| Decline payment * |
Payment will be declined
without notice. |
* Important
note: Although the payment is not accepted by AccessGuardian,
it may be already processed - so it is recommended to use these options
with care only. |
If order sum and passed
back paid
total sum doesn't match,
then... |
If the calculated order
total ($total)
differs from the charged amount, one of these actions will be performed:
|
Possible settings...
|
Description...
|
| Accept payment, but notify
admin |
Payment will be accepted,
but a warning message is sent to the administrator. |
| Decline payment and notify
admin * |
Payment will be declined
and a warning message is sent to the administrator. |
| Decline payment * |
Payment will be declined
without notice. |
* Important
note: Although the calculated amount differs from the paid one,
it may be already processed - so it is recommended to use these options
with care only. |
Script for additional verification
of
passed back values |
Advanced users only:
A verification script (written in Perl) can be placed in here to carry
out additional checks before accepting a particular payment.
You can access variables
with via $in{VARNAME} hash and access order fields (as in the table of
orders) via $order{FIELDNAME} hash.
Technical
note: If you push errors to @errors array, payment is declined.
If you push warnings to @warnings array, payment is accepted, but a warning
message is sent to the admin to notify about a possible security hazard
or processing error. |
Credit card manual processing:
This payment option is suited
to accept credit cards for manual processing (e.g. via terminal or an electronic
cash register).
|
AccessGuardian asks...
|
Description...
|
| Allow buyer choose "Credit
card" |
Mark this checkbox to enable
the "Credit card" payment method. |
Accept these pre-defined
card types |
Decide for the credit cards
you wish to accept; choose multiple entries by holding the CTRL key (or
appropriate) when selecting. |
| Accept also these card types |
Add further credit cards
for being accepted (e.g. direct debit cards or customer cards).
Format: <Card
name>|<Digit
length>|<MOD10
test>|<Valid
prefix>
<Card name>*:
Label of the credit card as it should appear during checkout.
<Digit length>*:
Length of the card numbers.
<MOD10 test>:
"1" to allow MOD10 check or "0" to disable it (default).
<Valid prefix>:
Fix prefix of the card numbers to accept.
Examples:
My Personal Card|16|1|812
Your Card|15
* Important
note: Card name and digit length are mandatory, other fields
are optional. |
| How to store credit card
numbers |
Submitted credit card numbers
can be stored in these different ways:
|
Possible settings...
|
Description...
|
| Split (Increased
security) |
Stores one part of number
in the table of orders and submits the other part with admin's order notification. |
| Database (Convenient
way) |
Shows the entire number
in the table of orders. |
| E-mail (Convenient
way) |
Shows the entire number
in admin's order notification. |
|
| Ask "CVV2/CVC2/CID code" |
Enable this option in order
to request the card verification code provided by some credit card suppliers.
This may decrease the risk of fraudulent orders. |
Generate invoice for each
transaction |
AccessGuardian can add an
invoice to the table of invoices for each single transaction.
|
Possible settings...
|
Description...
|
| Do not generate |
Disable this feature. |
| Generate, but internal use
only |
Invoice is generated, but
invisible to the customer. |
| Generate and show to buyers |
Invoice is generated and
link to a printable version is shown to the customer. |
|
| Allow buyer cancel an order |
Check it to allow the customer
to cancel an order until order processing has started. Customers will see
a "Cancel order" link on their order receipts.
If an order was cancelled
through the customer, you get notified by e-mail and the field "Order cancelled"
(table of orders) is set to "Yes" for the concerned order.
Usage
note: Disable "User can cancel order" in the table of orders
as soon as you started order processing and don't wish the customer to
cancel its order anymore.
Important
note: Please be careful using this option. |
Validate credit card number
with MOD10 algorithm |
This verifies the syntax
of provided credit card numbers according a pre-set algorithm.
Checking includes these
steps:
1. Syntax verification with
MOD10 algorithm.
2. Verification of the card
type (each card type has special characteristics).
3. Verification of the expiration
date (expired cards are not accepted).
Important
note: This validation cannot give you any guarantee that the
credit card is a valid one. You should not provide goods or services until
the payment was processed. |
Payment details by phone
or fax:
This payment option is suited
when using a 3rd-party payment system working with reference IDs or when
you desire to get credit card details sent by fax. Following applications
may be handled with this payment method:
* 3rd-party payment systems
where customer receives (after successful payment) a confirmation ID that
needs to be submitted by the customer to you (either by phone or fax).
For example, paying by phone bill or credit card acceptance via call center.
* 3rd-party payment systems
where customer pays cash and receives a confirmation ID that needs to be
submitted by the customer to you for collecting payment. For example, money
transfer companies or special banking transfer services.
* High-risk environments
(e.g. blacklisted countries with high rates of credit card abuse) requiring
you to take credit cards only by fax, perhaps together with a photocopy
of the original credit card for verification purposes.
|
AccessGuardian asks...
|
Description...
|
Allow buyer choose "Payment
details by phone or fax" |
Mark this checkbox to enable
the "Payment details by phone or fax" payment method. |
Generate invoice for each
transaction |
SunnyShop can add an invoice
to the table of invoices for each single transaction.
|
Possible settings...
|
Description...
|
| Do not generate |
Disable this feature. |
| Generate, but internal use
only |
Invoice is generated, but
invisible to the customer. |
| Generate and show to buyers |
Invoice is generated and
link to a printable version is shown to the customer. |
|
Deduct ordered quantity
from
products with limited quantity |
When having products with
a limited quantity (system field _quantity
set in product records), mark this button to deduct the ordered quantity
from the remaining total.
Please refer to the next
chapter for details regarding this feature. |
| Allow buyer cancel an order |
Check it to allow the customer
to cancel an order until order processing has started. Customers will see
a "Cancel order" link on their order receipts.
If an order was cancelled
through the customer, you get notified by e-mail and the field "Order cancelled"
(table of orders) is set to "Yes" for the concerned order.
Usage
note: Disable "User can cancel order" in the table of orders
as soon as you started order processing and don't wish the customer to
cancel its order anymore.
Important
note: Please be careful using this option. |
| Receipt message template |
Choose the template file
used for the "Payment details by phone or fax" receipts. |
Prepaid code:
With this payment option
you can allow customers to pay with a special code (e.g. issued by a telephone
payment system or by yourself, like gift certificates or as activation
code after arrival of cheques).
Technical
note: Prepaid codes are kept in the system unless their balances
reaches zero. This is done to allow your members buying prepaid codes in
advance and then spend them for different subscriptions from time to time.
|
AccessGuardian asks...
|
Description...
|
| Allow buyer choose "Prepaid
code" |
Mark this checkbox to enable
the "Prepaid code" payment method. |
Enter valid prepaid codes
and
corresponding amounts |
AccessGuardian will accept
the prepaid codes as specified here.
Format: <Prepaid
code>:<Value>:<Expiration date>
<Prepaid code>:
Prepaid code, allowed chars: A-Z, a-z, 0-9 and "-" (case-sensitive).
<Value>: Amount
of the prepaid code; format: 12.34.
<Expiration date>:
Date, until prepaid code stays valid; format: YYYY-MM-DD.
|
Sample input...
|
Description...
|
123-aBc:50
0987654321:9.80
star1:30:2010-12-31 |
Value of 50 currency units.
Value of 9.80 currency units.
Value of 30 currency units;
valid until 31. December 2010. |
Usage
notes: Unlimited code variations can be provided; any currency
is possible.
If an expiration date is
set, the concerned prepaid code will be removed automatically at the specified
date (regardless of its remaining balance). |
Generate invoice for each
transaction |
AccessGuardian can add an
invoice to the table of invoices for each single transaction.
|
Possible settings...
|
Description...
|
| Do not generate |
Disable this feature. |
| Generate, but internal use
only |
Invoice is generated, but
invisible to the customer. |
| Generate and show to buyers |
Invoice is generated and
link to a printable version is shown to the customer. |
|
|
In order to manage subscriptions,
click on the button "Edit AccessGuardian parameters" when you're in the
admin menu.
What is a subscription
?
A subscription is like a
product your members can subscribe to (after general registration). Such
a membership grants access to a protected area of your server for a limited
time period and/or number of accesses.
Accessing a subscription
can be either free of charge or fee based depending upon your settings
for the concerned membership (e.g. when protecting business data, subscriptions
are free; when selling memberships, subscriptions are charged).
How to create a new subscription:
Type in the name of the new
subscription (e.g. "My online book") and click on the button "Create new".
How to edit / remove a
subscription:
Select the subscription from
the list, click on "Delete" or "Edit" and follow the provided instructions.
How to change the sorting
of subscriptions:
Look for the one you wish
to move around and click on either "move up" or "move down" to change its
position (this affects the subscription's order within the list appearing
on the member lounge).
|
General settings:
|
AccessGuardian asks...
|
Description...
|
| Subscription name |
Name of the current subscription,
as it will be displayed at the member lounge.
Technical
note: The subscription name must stay the same as long as you
want to keep the concerned subscription available - so choose it with care. |
| Subscription description |
Short description, as it
will be displayed at the member lounge. |
| Automatically subscribe |
After a new member profile
is created, one item of this subscription is automatically granted free
of charge (e.g. suited for bonuses or "try it for free" offers). |
| Make available to all users |
This subscription is available
free of charge for all members (new and existing ones). Any available price
settings and access limitations will be ignored. |
| Subscription price |
The price of this subscription.
Format:
12.34
(without any currency prefix or suffix). Use "0" or leave the field empty
for free subscriptions. |
| Open content in new window |
Check this button to keep
the member lounge in the background and put accessed content in a new browser
window (recommended for increased convenience). |
Delete following URL prefix
Security method: Proxy script |
Converts absolute URLs into
relative ones by removing the specified prefix from URLs:
Imagine that you have links
to other resources on your original website, for example "<a href="http://www.maxjump.com/path1/path2/confidential.htm">Click
here</a>".
When now moving the original
website to a different (protected) location, you had to go through all
files and change the absolute URLs into the correct relative ones, like
"<a href="path2/confidential.htm">Click here</a>".
By using this feature, simply
type in the string that should be automatically removed from absolute URLs
to make these files accessible at the protected location.
According our above sample,
you would enter "http://www.maxjump.com/path1/". |
Limitations:
|
AccessGuardian asks...
|
Description...
|
| Time limitation |
Limit the time a member
can access the concerned subscription.
|
Possible settings...
|
Description...
|
| Don't limit time |
Gives unlimited access (as
long as member record is available in the table of registered users). |
| Usage time limit |
Number of days to grant
access. |
Usage
note: You can use time and quantity limitations together (e.g.
30 days, but not more than 120 accesses). Depending upon the first event,
the membership expires. |
| Quantity limitation |
Limit the number of accesses
a member is allowed for concerned subscription.
|
Possible settings...
|
Description...
|
| Don't limit number of accesses |
Gives unlimited access (as
long as member record is available in the table of registered users). |
| Limit for number of accesses |
Number of granted accesses. |
Usage
note: You can use time and quantity limitations together (e.g.
30 days, but not more than 120 accesses). Depending upon the first event,
the membership expires. |
Security settings:
|
AccessGuardian asks...
|
Description...
|
| Secure content directory |
Specify the directory which
holds the content to protect. The directory path must be written as being
relative to the location of AccessGuardian:
For example: AccessGuardian
is installed at /usr/home/www/cgi-bin/ag
Sample 1: The directory
to protect is at /usr/home/www/cgi-bin/ag/protectme
--> The "Secure content
directory" is: /protectme
Sample 2: The directory
to protect is at /usr/home/www/protectme
--> The "Secure content
directory" is: ../../protectme
Important
note: Please ensure that this path is correct, otherwise AccessGuardian
may deliver wrong content for the concerned subscription.
Usage
note: When using the security method "Proxy script", it is recommended
to put the secure content into a directory, which is not public accessible. |
| Secure content URL |
Optional parameter; intended
being the same as "Secure content directory", but in URL format. It is
especially suited to encrypt delivered content by using SSL.
Sample 1:
http://www.sunnyscript.com/protectme
(not encrypted)
Sample 2:
https://www.sunnyscript.com/protectme
(SSL encrypted)
Important
note: This parameter takes effect for security method ".htaccess,
.htpasswd files" only and is ignored for the method "Proxy script". |
| Max. accesses per period
limitation |
In order to protect your
server and subscriptions against abuse, you can set a maximum number of
accesses allowed within a given time period for each member.
Should the member reach this
limit, no further access is granted anymore as long as the current period
lasts (this prevents unauthorized re-selling of subscriptions).
|
Possible settings...
|
Description...
|
Use filter for max. accesses
per period |
Mark this checkbox to enable
the feature. |
| Max. accesses per period |
Number of accesses allowed
for this subscription within a given number of days (period). |
| Time frame of a period |
Number of days a period
lasts. |
Important
note: Please ensure to set a generous limit; otherwise you may
receive many complaints from members not able to access their subscriptions. |
Subscription expiration:
You can send warning and
notification messages to notify members regarding expiration of their subscriptions.
|
AccessGuardian asks...
|
Description...
|
| Warn on ... days before
expiration |
Specify the number of days
before notification messages are sent out for subscriptions., before sending
a message to notify the member about the end of the subscription. |
| Warning message body template |
Select the file that keeps
the notification message (e.g. warn_msg.txt).
Its content can be modified at screen "Edit templates". |
| Notify about deletion |
Enable this feature to send
a "Goodbye" message as soon as the subscription expires. |
| Notification message body
template |
Select the file that keeps
the notification message (e.g. del_msg.txt).
Content can be modified at the screen "Edit templates". |
|