Thanks for the very kind posts. There are a couple
of different variables that can be set to adjust the
number of emails Strongbox sends. Below is a cut and
paste from the new Owner's manual page
describing these options, which can be found
at:
http://www.bettercgi.com/strongbox/manual/emails.html
Linda mentioned that she thinks I don't charge enough.
Several other people have said the same thing.
In fact, after I get another support person trained,
the owner's manual "completed", and some
admin interface improvements done I do plan
to increase the price to $150, so if you're planning
to put Strongbox on some more sites you may
wish to order in the next couple of weeks before
I complete these items and then feel comfortable
increasing the price.
<h2>Strongbox Owner's Manual - Notification Emails</h2>
Strongbox will send emails to your specified email address(es)
when it detects certain types of unusual activity.
There are 3 variables in cgi-bin/sblogin/config.pl which
affect this behavior. Some webmasters with many busy sites
or sites which are the target of many attacks prefer to
recieve fewer emails, being notified of only the most important
information. These variables start at about line #55
of the config file.
<h3>@email_addresses (aka @disabtos)</h3>
The first sets which email addresses
should be notified. On oler installations this variable
was called @disabtos. On newer installations it has a better
name, @email_addresses. It looks like:
<pre>
@disabtos = ( 'you@yoursite.com', 'tech@yoursite.com' );
or:
@email_addresses = ( 'you@yoursite.com', 'tech@yoursite.com' );
</pre>
This is a comma seperated list of email addresses, all of which
will recieve identical emails when Strongbox needs to notify you
of something. You can have as many email addresses listed as you
wish, from none at all to many. Note that the last email address
does not have a comma after it.
<h3>$notifyof</h3>
The $notifyof variable tells Strongbox which conditions it should email
you about. If you find that you are recieving more emails than you
would like this is one variable you may wish to edit. This is a list of
"result codes" that match the result codes shown in the Strongbox reports
and the result code which is found in the emails as the last word in
the subject line of the email. It looks like this:
<pre>
$notifyof = 'htpffail|opnproxy|attempts|dis_uniq|totllgns|uniqsubs|badchars|uniqcnty';
</pre>
Some webmasters that get a lot of proxy based dictionary attacks end
up recieving a lot of emails about people trying to login via open proxies,
status code "opnproxy", so they choose not be be notified each time this
happens, but have Strongbox wait to notify them until it suspends a
username of password. To adjust this you can just remove "opnproxy"
from the list, so it looks like this:
<pre>
$notifyof = 'htpffail|attempts|dis_uniq|totllgns|uniqsubs|badchars|uniqcnty';
</pre>
Even if you remove all of the others, you'll probably want to keep
htpffail, which tells you if Strongbox is unable to read the password
file (meaning it probably got deleted or moved), and dis_uniq, which
tells you when a username is permanently disabled. See the
<a href="codes.html">status codes</a>
page for a description of all of the possible status codes.
<h3>$max_notices_per_day</h3>
Sites which had Strongbox installed after mid 2005 will have
a 3rd variable as the next line after $notifyof, called $max_notices_per_day.
This tell Strongbox the maximum number of emails it should send in
a single day. It looks like:
<pre>
$max_notices_per_day = 25;
</pre>
You can change the maximum number to any number, from zero to any very large nymber.