PamelaWare Time Validation

As protection against replay attacks, PamelaWare by default expects that tokens sent to it should be fresh - within a validity window of 5 minutes (300 seconds).

Sometimes this can cause errors on sites that are not time-synchronized. We strongly recommend that you use ntp or something similar to time-synch your web server.

You can turn off time validation on the admin console, but if you do, it means that you are vulnerable.

You can also extend the validity window (or shrink it) by editing the PW_VALIDITY_WINDOW and changing the value (in seconds) from 300 to something else.