When setting up who can access your site, you can limit new user signups to those that follow certain rules. There are two types of rules that you can filter out new users by: email address and the usernames that they choose.

Accessing the New User Rules Settings

• Click Administer » User management » Access rules.

Setting Access Rules Based on Email Address

If you have a company or school website and all members of that organization were given email addresses with a unique domain (that is, if the company name was Example Co. and they all have @example.com email addresses), and only want users of that organization to access the site, you can set it so that only those users are able to sign up. Also, if you want to deny users that have an email address from a free email address provider—say because the amount of fake accounts has grown faster than you can delete them—you can deny users based on an address "mask".

What is a "Mask"?

A "mask" is a pattern which will look at to determine whether the email address is allowable. Since Bryght sends out new user passwords by email, if users put in an address that is not their own, they will not be able to access the site with the user they create.

1. If you haven't already, click Administer » User management » Access rules and then click the "Add rule" tab
2. Under "Rule type", click "E-mail"
3. Choose whether you want to deny or allow users based on the mask.
4. type in a mask. An example follows:
• Example: to restrict signups to email addresses ending in example.com, select Allow as the "Access type", then %@example.com (percent sign, "at" sign, then example.com) means that any address that ends in @example.com will be allowed. You will want a deny rule as well, for % (just the percent sign) so that it denies all email addresses that don't fit that pattern.
  
5. Click the "Add rule" button.
6. Repeat steps 2-5 for every rule you would like to add. Note: to deny everything but the types of addresses you want to allow, you must have a "deny" rule with the mask of % (percent sign).
7. (optional, but highly recommended) You can test out the rules by clicking the "Check rules" tab and then typing in an example email address in the box under "E-mail:". The system will tell you whether that email address is acceptable or not.

Setting Access Rules Based on Username Rules

To remove the possibility that users will sign up with names that contain profanities or other offensive words, you can add those words to the username mask.

1. If you haven't already, click Administer » User management » Access rules and then click on the "Add rule" tab
2. Under "Rule type", click "username"
3. Choose whether you want to deny or allow users based on the mask by selecting "Allow" or "Deny" under "Access Type"
4. Type in a mask under "Mask". e.g. to get everybody with "krzy" in their username %krzy%
5. Click the "Add rule" button.
6. Repeat steps 2-5 for every rule you would like to add. Note: to deny everything but the types of username you want to allow, you must have a "deny" rule with the mask of % (percent sign).
7. (optional, but highly recommended) You can test out the rules by clicking the "Check rules" tab and then typing in an example username in the box under "Username". The system will tell you whether that username is acceptable or not.