Security Settings

General Security Features

Enhance the security of your Concord CRM installation with these settings.

Disable Password Forgot

  • Enabling this option disables the password forgot feature, reducing the risk of spam bots and hackers attempting to access user accounts.

Block Bad Visitors

  • Activating this feature checks guest visitors against a list of known bad user agents, IP addresses, and referrers.
  • Note: This is only applicable to non-logged-in users.

ReCaptcha Configuration

Implement Google reCaptcha v2 for enhanced security.

Important: Ensure you configure ReCaptcha v2, not v3.

Setting Up ReCaptcha

  1. Generate Keys:
    • Visit Google reCaptcha Admin.
    • Register your site with a label (e.g., Concord CRM -> reCaptcha) and add your domain.
    • Obtain the Secret Key and Site Key.

Verify the accuracy of the keys and their correct placement in Concord CRM settings.

  1. Configuring in Concord CRM:
    • Go to Settings -> Security -> reCaptcha.
    • Enter the Site Key and Secret Key in the respective fields.

Testing ReCaptcha

  • Test the setup by accessing your CRM URL in Incognito Mode and attempting to log in.
  • This confirms if ReCaptcha is functioning correctly.

To prevent lockout, add your IP address to the ignored list before saving, especially if unsure about the configuration steps.