Kentico CMS 7.0 Context Help

Security & Membership

Security & Membership

Previous topic Next topic Mail us feedback on this topic!  

Security & Membership

Previous topic Next topic JavaScript is required for the print function Mail us feedback on this topic!  


Administrator's e-mail

Specifies the e-mail address of the administrator. It is used in modules where the administrator's e-mail address cannot be specified in the administration interface or in web part properties (e.g. user account confirmation page).

Send membership reminder (days)

Determines when the system should send e‑mail notifications about Memberships that will soon expire. The value sets how many days before the expiration date reminders should be mailed out.


These e-mails are only sent for memberships that were assigned with the Send notification flag enabled and for those that were purchased as a product with a limited duration.


Memberships are checked periodically using the Membership reminder scheduled task. The content of the notifications is based on the Membership - Expiration notification e‑mail template.

Deny login interval

Interval in minutes during which kicked users cannot log back in to the site.

Share user accounts on all sites

If enabled, user accounts created on one site will be shared among all the sites running on the installation. If disabled, new accounts will be assigned only to the current site and not the others.

Use site prefix for user names

If enabled, user names will only have to be unique for each site, not globally, meaning that it will be possible to create users with names that are already taken on another site in the system.


When a user registers on the live site or is edited/created on a specific site (i.e. in the CMS Desk -> Administration -> Users interface), the unique identifier (GUID) of the given site will internally be added as a prefix to that user's name.


Do not enable this setting if you wish to have accounts shared across multiple sites.


Warning: Use this setting only if you have your system's user/site organization planned according to the functionality described above. Reverting back to the default state where user names are globally unique would require a significant amount of effort and direct editing of your user database.


Reserved user names

Sets a list of users names that cannot be selected during registration. Entered user names must be divided by semicolons.

Registration requires e-mail confirmation

Indicates if user registration should require confirmation via e-mail (double opt-in).

Registration requires administrator's approval

Indicates if an administrator's approval is needed for a user to get registered.

Delete non-activated user after (days)

When a user registers but doesn't activate their account, their account will be deleted after the entered number of days.

Require unique user e-mails

If checked, users cannot enter an e-mail address during registration if the address is already used by another user's account.

On-line users

Monitor on-line users

Enables the On-line users module, which monitors users currently browsing the website.

Store on-line users in database

If checked, records about on-line users will be stored in the database. This is necessary when running the system on a web farm.


Storing the data in the database also allows the system to provide more detailed information about anonymous users (guests) when using Contact management.

Update on-line users (minutes)

Interval in minutes after which information about on-line users will be updated. When running the system on a web farm, you need to enter the same value which is set for the Sessions remove expired sessions scheduled task (you can read the value in Site Manager -> Administration -> Scheduled tasks -> edit (Edit) Sessions remove expired sessions -> Task interval -> Every: X minutes).


Check page permissions

Indicates if the website should check the user permission settings of documents (pages) and apply them. The permissions of documents may be configured in CMS Desk -> Content -> Edit -> Properties -> Security.


The following values are possible:


All pages - permissions will be checked for all documents on the website.

No page - permissions will not be checked for any documents.

Secured areas - permissions will be checked only for documents that are configured to require authentication.

Website logon page URL

Specifies the URL of the page where users can sign in on the website in order to access its secured areas.


Please note: This page is different from the one used to log into the administration interface (CMS Desk and Site Manager).

Access denied page URL

URL of the page that should be displayed when a user is not allowed to read a page.


Use SSL for administration interface

Indicates if the pages of the administration interface (CMS Desk and Site Manager) should automatically use URLs that are secured by the SSL protocol (i.e. with the https URL scheme).

Enable UI personalization

Indicates if UI personalization should be enabled. If this is the case, users only see those parts of the UI that are allowed for the UI profile assigned to their roles. If disabled, the entire UI is visible for all users.

Automatically sign-in user when site changes

If enabled, users will not need to enter their username and password when they switch between edited sites in CMS Desk (using the Site drop-down list).

Enable code editing for site administrators

Indicates whether global administrators who do not have access to the Site Manager interface should automatically be allowed to edit code on the website. This affects users who have both the Is global administrator and Disable Site Manager flags enabled in Administration -> Users -> General.


If disabled, such administrators can still edit code if they have the appropriate permissions assigned: Edit Code for the Design module or Edit SQL Queries for the Reporting module.


The restriction applies to ASCX code of page layouts and transformations (modifying the HTML version of the code is allowed regardless of the setting), and SQL queries, e.g. for objects in the Reporting module.


Default report connection string

Sets the database connection string that the system assigns to newly created reports. Existing reports also inherit the connection string value from this setting by default.


Only users who have the Set connection string permission for the Reporting module can change the connection strings of individual reports.


The system loads the list of connection strings from the <connectionStrings> section of the application's web.config file. The (default) option represents the CMSConnectionString added by the application's initial database installer.


You can use reporting connection strings for the following scenarios:


Retrieving data from a Separated on-line marketing database

Restricting the database-level permissions of reporting queries via a connection string with a limited database user


Additional resource:


Developer's Guide -> Development -> Membership, permissions and security

Developer's Guide -> Development -> Scheduler

Developer's Guide -> Modules -> On-line users -> Overview

Developer's Guide -> Modules -> Reporting