Select the subnet mask which reflects the level of checking you wish to run against IP addresses when a session is being fetched. This is useful if you have a large number of users who are behind transparent proxies and have an IP address that can change randomly between request such as AOL. The more this is decreased the greater the security risk from session hijacking.
Define how long a user is displayed as active on the site in minutes. If a user is inactive longer then the specified setting they will be removed from the online session table. When this is done they will no longer appear to be online when other members view their profile. If the user suddenly becomes active after their session expired a new session will automatically be created.