g_admin_access - Allow / Restrict domain admin access to features based on g_access_group
g_admin_access group="wildcard" access="list"
This setting matches the g_access_group the admin is in to the wildcard specified and applies the specified access list to that domain admin, giving / restricting thier access to certain features. The list may include any of the following:
| Value | Result |
|---|---|
| alias | Access to domain users "Alias" page and features. |
| aspam | Access to the "ASpam" page and features. |
| blog | Access to the "Blogs" page and features. |
| bulletins | Access to the "Bulletins" page and features. |
| centipaid | Access to domain users "Centipaid" page and features. |
| enotify | Access to domain users "Email Notification" page and features. |
| exceptions | Access to domain users "Exceptions" page. |
| friends | Access to domain users "Friends" pages, and system. |
| fwd | Access to domain users "Forwarding" features, forwarding, auto-responder. |
| fwdonly | Access to domain users "Forwarding" features, forwarding |
| lists | Access to the "Lists" page and features. |
| log | Access to domain users "Log" page. |
| mailbox | Access to domain users "Mailbox" page, view mailbox, setup rules. |
| sms | Access to domain users "Sms" page. |
| spam | Access to domain users "Spam" page, and SmiteSpam and Aspam processing of messages. |
| spampriv | Access to domain users "Spam" pages' spam private feature |
| spf | Access to domain users "Spf" page and features. |
| usage | Access to the "Usage" button, which shows a domain users usage. |
| users | Access to the "Users" page and features. |
| redirect | Access to the "Redirect" page and settings. |
| redirect_cc | Access to the "Redirect CC" page and settings. |
In addition you can prefix any of the above with ! to deny access. There are two other special case values, "all" and "none" which mean exactly what they say, access to "all" or "none" of the features.
Example:
g_admin_access group="simple" access="all,!users,!reports"
The above setting gives admins in the 'simple' group access to all the features except the users and reports features.
Syntax: g_admin_access group=string access=string
g_admin_access_default - Default features granted to domain admins
This setting is a default access list for all domain admins on the server, it is specified in the same maner as the g_admin_access settings 'access' parameter. eg:
g_user_access_default "all,!users,!reports"
Syntax: g_admin_access_default string
g_admin_guesses - Number of guesses allowed for admin.
Syntax: g_admin_guesses "number"
This sets the number of guesses allowed for the admin username/password. Once this has been reached the ip is banned.
Syntax: g_admin_guesses int
g_admin_ip - Admin IP access
Mask of valid IP addresses for admin users (default *), this is a security setting you can use to restrict remote web admin access to trusted IP addresses. One is always allowed to use manage SurgeMail using 127.0.0.1 regardless of whether this is explicitly specified.
eg. To restrict to local network as per net mask
g_admin_ip "10.0.0.*,10.1.2.*"
Syntax: g_admin_ip string
g_admin_localhost - Allow localhost web admin without user/pass
Allows a localhost connection to access the web admin port without using the administrator username / password. This is good if you keep forgetting the admin password like I do.
Syntax: g_admin_localhost bool
g_admin_readonly - System admins with readonly access to the management interface
This setting has no further documentation currently available
Syntax: g_admin_readonly string
g_admin_utoken_expire - Length of time a web admin session is valid for
This setting has no further documentation currently available
Syntax: g_admin_utoken_expire int
g_admin_utoken_idle - Length of time a web admin session may remain idle for
This setting has no further documentation currently available
Syntax: g_admin_utoken_idle int