Security Configuration

Allow self-registration

If you want visitors to be able to create themselves an account, enable this option. If you want to create user accounts manually yourself, disable it.

It defaults to enabled.

Require e-mail verification for self-registered accounts

Enable this option to require that visitors must click a link in an e-mail sent to their e-mail address before their account is activated. This ensures the e-mail address they are using is valid.

It’s strongly recommended to leave this option enabled.

Enable reCAPTCHA for self-registrations

You can optionally enable Google’s reCAPTCHA service to make it more difficult for bots to register fake accounts. If you enable this option, you’ll need to add the keys provided to you by Google in the fields below.

It’s strongly recommended to enable this option.

Site key

If you enable the above reCAPTCHA option, you’ll need to set this field to the site key provided by Google.

Secret key

If you enable the above reCAPTCHA option, you’ll need to set this field to the secret key provided by Google.

Restrict access to original images

You may want to show off your photos but not want people to access the full-size, original images. This option prevents anyone other than the photo’s owner to download the full-size image.

It defaults to enabled.

Prevent hot-linking to images

Hot-linking is when another site links directly to the images hosted on your own website. Enable this option to attempt to prevent hot-linking by checking that the “referrer” header is set to a page on your Blue Twilight application.

This is only a “best estimate” protection as the referrer header can be easily spoofed by a client application, and may not be supported by all browsers.