Servlet Web Hosting - MySQL, Java, JSP, Servlet, Tomcat, SSH Blog

CHAPTER 10 SECURING AND MAINTAINING PHPBB 319 Extract template_file_cache.php from the /contrib folder from your phpBB installation package and place it in the /includes subdirectory. Remove the existing template.php file after ensuring it is backed up in a safe place, and rename template_file_cache.php to template.php. Next, you will need to upload the /cache subdirectory and its contents from your phpBB installation package to the server, and make it world-writable (777). As I discussed in Chapter 8, SmartFTP (http://www.smartftp.com) makes this task easy. Upload the newly christened template.php to your server (in the /includes subdirectory), and you will be finished. Visit a few pages on your board and take a look at the /cache subdirectory, and you should see some files inside, indicating caching is happening. Database Template Caching If you decide to go the database route, extract template_db_cache.php. Copy it over your existing template.phpfile (after making a backup of that file). In this case, you will not create a cache subdirectory, but rather a new table in your database. Log in to phpMyAdmin, select your phpBB database, and navigate to the SQL tab at the top. You ll be running another raw SQL query, shown in Listing 10-1, in this box. The represents whatever database prefix you are using on your server, which defaults to phpbb. Listing 10-1. The SQL Query to Run in phpMyAdmin to Create the New Caching Table CREATE TABLE _template_cache ( template_name char(255) NOT NULL default ‘’, template_handle char(50) NOT NULL default ‘’, template_cached int(11) NOT NULL default ‘0′, template_echo tinyint(1) NOT NULL default ‘1′, template_compile text NOT NULL, PRIMARY KEY (template_name) ) Tip You can find this same query in the README.html file located in the /contrib folder of your phpBB installation or upgrade package. It will be easier and less error-prone for you to copy and paste the query than for you to type it straight in. After creating the table, upload the enhanced template.php file to your includessubdirectory (as for the flat-file system). Visit a few pages of your phpBB, and open the template_cache table in your phpBB installation to ensure that there is activity in the table, indicating that the caching is working properly. Uninstalling Template Caching If, for some reason, you wish to uninstall the template cache system, simply copy the original template.php, either from your backup or the installation package, over the one that currently exists. This restores the old template functionality. Only then can you remove the /cachesubdirectory or the template cache table, as removing those prior to restoring the original noncaching file can cause errors.
We recommend high quality webhost to host and run your jsp application: christian web host services.

318 CHAPTER 10 SECURING AND MAINTAINING PHPBB selected the compression, especially if you have a slower connection. The trade-off is that the backup will take a little longer to get started. Click Start Backup, and be patient, as it can take a few minutes to get the backup fully downloaded to your computer. Once you ve made a backup, restoring it is quite straightforward, as Figure 10-21 illustrates. This screen appears when you click the Restore Database link under General Admin in the Administration panel. From here, simply locate the compressed or uncompressed backup file on your computer, and then click Start Restore. phpBB uploads and, if necessary, decompresses the backup and restores it to the database. Be patient, as this process can take a few minutes. Figure 10-21. Restoring a backup Caution If your database is quite large, the restore script may run afoul of your host s PHP script timeout. If you click Start Restore and nothing happens after five minutes, it s quite possible the script has terminated due to the timeout period, which is designed to stop runaway scripts. You can try breaking up the file (if it is compressed, use WinZip or WinRAR on Windows to decompress it first) and uploading separate text files. Contact your host provider if you have questions about its PHP timeout policies. Using Template Caching When the styling system made its debut in phpBB 2.0, there was a great deal of concern over increased server load due to the templates. Time has shown that phpBB s template engine is a solid performer under load, but the phpBB Group provides two options for caching templates: one for using individual files and the other to save template information to the database. These solutions will help decrease the strain on your server under periods of extreme duress. Caution The phpBB Group has tested the caching systems, but as always, your mileage may vary. Back up the template.php file located in the /includes subdirectory under your phpBB path before proceeding, in case something goes wrong. Additionally, you can choose only one system or the other, not both. Flat-File Template Caching If you are going to use template caching, I recommend using the flat-file method, as it does not require further use of the database. Boards under duress already stress the database, so it s good to try to offload from the database when you can.
From our experience, we are can tell you that you can find a reliable and cheap webhost service at Java Web Hosting services.

CHAPTER 10 SECURING AND MAINTAINING PHPBB 317 pane takes you there), scrolling to the bottom of the page in the right pane, and clicking Check overheaded. This puts check boxes next to tables in which phpMyAdmin detects overhead. You can then click the drop-down menu and select Optimize table. Clicking Go at the bottom of the form runs the optimizations. You will, barring disaster, get an OK message from MySQL, indicating that the optimizations have been completed. In rare instances, phpBB s tables may become damaged. This can happen due to a software error on the MySQL server side, a power glitch, or a random hardware issue. Signs of damage to your database tables include excessive slowness when browsing or odd SQL error messages when trying to use the forums. If you suspect damage has occurred, click Check all at the bottom of the main database page, and then select Repair table from the drop-down menu. Click Go, and you will get a confirmation message stating your tables were repaired. With any luck, your forum will perform better. If this turns out not to be the case, you may want to undo some of your recent modifications to see if they are causing problems. If even that doesn t work, there s a possibility you may have corrupted data in your database. Restoring a backup may be in order. Conveniently, that s the next task I ll cover. Backing Up and Restoring Your Database phpBB s Administration panel has useful facilities for creating a compressed backup of the contents of your phpBB database that you can download to your hard drive for safekeeping. This function is analogous to making a text dump of your database in phpMyAdmin or using the mysqlcommand-line utility directly. You ll find the backup and restore utilities listed under the General Admin heading. Caution I recommend disabling your board, through the Configuration panel, before backing up and restoring your database, as it will help to ensure the integrity of your backups and prevent data loss. Click the Backup Database link to see the backup options, shown in Figure 10-20. These are quick and to the point. The first time you make a backup, you will want to do a full backup (of both the structure and data), as that file will contain the instructions to re-create the phpBB tables as well as re-create the data. If you have a broadband connection, there is no harm in backing up the structure and data every time. The other options to create backups with the table structure only and the data only can be useful for people on slower connections. In addition to the phpBB tables, the backup utility also lets you list additional tables that you wish to back up. To do this, verify the names of those additional tables in the database, and then type them in the Additional tables text box, separated by commas. Finally, you can choose whether to use gzip compression. I recommend, where available, using gzip compression on your backups. If you store a lot of backups of your forum, you ll be happy you Figure 10-20. The phpBB backup function
You want to have a cheap webhost for your apache application, then check apache web hosting services.

316 CHAPTER 10 SECURING AND MAINTAINING PHPBB The bottom of the form contains the options for automatic pruning. To enable it, check the Enabled check box. You can set the maximum age (the default is seven days) and an interval for checking for topic age (the default is every day). Depending on how active you are about archiving topics and how much load your board takes, you may wish to adjust these settings. More frequent pruning will cause less of an immediate impact on your performance than pruning once over a long period of time. To save your changes, click Update. When an administrator visits a forum, the auto-pruning feature will see if it needs to be run. If so, it will check the posts and delete them automatically. Caution Auto-pruning occurs without warning. If you decide to enable this option in your forums, make sure you and your moderators regularly archive posts that you wish to keep, as you won t have any warning when phpBB is about to delete posts. If you are concerned about losing data in a forum, I recommend that you leave this option off and prune manually. Managing Your Database One of the most important tasks in administering phpBB is to keep your database healthy. The database is your bread and butter. Most databases do a fairly good job of taking care of themselves, but just like everything else, they require periodic maintenance. Keeping an eye on the database is quite important because when your database malfunctions, phpBB malfunctions, and your users won t like it one bit! Note This section of this chapter relies on phpMyAdmin for performing some of these tasks. Now is a good time to check with your host provider about the location of your phpMyAdmin (or equivalent) database administration tool, how to log in, and the extent of the functionality available to you. I reference phpMyAdmin 2.6.1 here. Optimizing and Repairing Database Tables Over time, heavily accessed tables in your database will accumulate some sort of overhead. Predictably, this overhead can slow down your database operations a bit, causing it to perform less than optimally. Figure 10-19 illustrates phpMyAdmin showing a table with overhead. Note the overhead of 100 bytes in this table. This is a minor occurrence, but it s worth optimizing anyway. Clicking Optimize table will fix the overhead. It s a good idea to check for this regularly in the
_posts table (where prefixrepresents the database prefix you selected during initial setup, usually phpbb), as that table is written to and Figure 10-19. phpMyAdmin read from incredibly frequently. You can easily optimize all tables that need work by viewing the full database (clicking looking at a table with the name of the database, in bolded black text, in the left
If you are in need for chaep and reliable webhost to host your website, our recommendation is http web server services.

Select the forum you wish to prune (or leave it set to All Forums to prune en masse), and then click the Look up Forum button. This takes you to the screen shown in Figure 10-17. Enter the maximum number of days for inactive topics in your forum to live, and then click the Do Prune button. The process may take a few seconds, as this is a database- intensive step. When you reenter your forum, you should see that all of the inactive topics past the maximum age you specified are now gone. Repeat the process for each forum you wish to trim down. With any luck, you ll be running a little leaner and maybe even a smidgen faster. CHAPTER 10 SECURING AND MAINTAINING PHPBB 315 Figure 10-16. Selecting a forum to prune Figure 10-17. The second part of pruning a forum, where you determine the cutoff Note Pruning both manual and automatic will not remove announcement or sticky posts, as those are considered having elevated importance and are designed to last a long time. To remove these posts, you ll need to manually delete them, or edit the first post in the topic and change the status of the posts you want to remove to Normal before you run the prune operation. Pruning Forums Automatically You can also set individual forums to automatically prune posts without user intervention. This option can be set while you are creating a forum or after the fact. Figure 10-18 shows an example of editing an existing forum. Figure 10-18. Editing a forum, paying close attention to the automatic pruning options
You want to have a cheap webhost for your apache application, then check apache web hosting services.

314 CHAPTER 10 SECURING AND MAINTAINING PHPBB Caution Treat users IP address information with the utmost care. Releasing that information could put users in danger of having their computer attacked if they have not taken the proper precautions. Additionally, IP addresses, if configured by the Internet service provider, can give information that some users may believe violates their privacy, right down to the town where they are located. Respect your users privacy and be responsible with IP address information. Maintaining and Performance Tuning phpBB Now that you have improved the security of your board, it s time to talk about those mundane maintenance tasks that administrators love to hate, but are vital to the smooth operation of your community. These include pruning dead posts, managing your database, and caching templates. Pruning Dead Posts As your community gets larger and more active, it will inevitably slow down. This is a fact of any forum system you will come across. phpBB, like most other forum software, permits you to reduce the size of your community via a process known as pruning, where posts with no activity after a certain cutoff date are removed from the system. Caution Pruning a fledgling community is generally discouraged. This is because pruning may result in the community looking rather dead, and that is not the image you want to cast as you try to attract people to your site. Archiving Posts If you plan to prune your forums on any sort of regular basis, I suggest setting up locked forums for the posts that you wish to keep, and then move those posts into them. This is a process known as archiving. Setting up an archive forum is just like setting up a regular forum, except that you check the box to lock the forum. This prevents users (but not administrators or moderators) from posting or editing anything inside the forum, so that the data inside is preserved. After creating your archive forums, I recommend using the Moderator Control Panel to perform mass movement of topics to these forums to save some time. This way, the posts that you prize can stay well away from your digital pruning shears (ha, ha!) while the deadwood gets cut out. Pruning Forums Manually To prune a forum, enter the Administration panel and click the Pruning link underneath Forum Admin in the navigation pane. You ll be presented with a screen resembling Figure 10-16.
You want to have a cheap webhost for your apache application, then check apache web hosting services.

CHAPTER 10 SECURING AND MAINTAINING PHPBB 313 To delete, move, lock, or unlock multiple topics at once, check the check box on the far right corresponding to the topics on which you wish to perform the action, and then click the appropriate button for the action. Clicking a topic s title takes you to the Split Topic Control Panel (see Figure 10-13), the same location you arrive at when you click the Split Topic icon at the bottom of a View Topic page. The Mod CP s mass moderation functions operate almost identically to performing the operations one by one. Be sure to heed the confirmations accordingly, as mass actions (particularly mass deletions) can take some time to recover from if you make a mistake. Using the IP Manager For security purposes, phpBB records an IP address with each post made, corresponding to the user who made the post. To access the IP address associated with a particular post, click the tiny IP icon in the extreme top-right corner of the post. This brings you to a screen similar to Figure 10-15. Tip Stunningly, phpBB lacks the ability to track the IP address of users when they register, which can be important if users are registering accounts for malicious purposes, but not necessarily posting. This is a glaring omission, which luckily can be rectified by installing a modification known as Log Registration IP. I consider it vital, and I highly recommend this feature, even if you do not install any additional ones. You can obtain the Log Registration IP modification from http://www.phpbbhacks.com/download/2975. Figure 10-15. The IP manager displaying the IP address associated with a particular post, with a cross-reference to other users who have posted from the same IP address phpBB s IP manager helps you, with reasonable accuracy, see if a user is masquerading with multiple identities on your site, which is useful in terms of bans. Clicking the Look up IP address link next to the IP address associated with the post permits you to see the host name of the user (in most cases), which typically identifies the Internet service provider he is using to access your site. From there, you can take that information to a site such as samspade.org or network-tools.com, run a WHOIS query, and determine an abuse address, for example. You can search on the posting history of users who have posted from that IP address. Finally, phpBB gives the other IP addresses the user has posted from, for further cross-referencing work.
In case you need affordable webhost to host your website, our recommendation is ecommerce web host services.

312 CHAPTER 10 SECURING AND MAINTAINING PHPBB Figure 10-13. Splitting a topic Performing Mass Moderation If, for some reason, you need to perform moderation actions on many topics en masse, you don t need to worry about acting on each topic separately. phpBB provides facilities for mass moderation in the Moderator Control Panel, affectionately referred to by the phpBB community as the Mod CP. You access the Mod CP for your forum by clicking the Moderate this forum link in the permissions block, typically located on the lower-right side of each View Forum and View Topic page. The Mod CP shows a list of topics, much as a regular forum view does, with options to perform mass actions on them, as shown in Figure 10-14. Figure 10-14. The Moderator Control Panel, ready for mass-moderating fun!
We recommend cheap and reliable webhost to host and run your web applications: Coldfusion Web Hosting services.

CHAPTER 10 SECURING AND MAINTAINING PHPBB 311 Moderating Individual Posts On the bottom of each View Topic page, administrators and moderators will (under the default subSilver template) see icons such as those shown in Figure 10-12. Figure 10-12. The icons found at the bottom of each View Topic page, visible to moderators of the forum and administrators only Here is a rundown of those moderation options and a little guidance on when to use them: Locking a topic: This is an option generally employed when the topic in question is straying too far off track or is becoming heated, or topics that the moderator wishes to prevent replies to for some other reason. Once you lock a topic, it can no longer be replied to, nor can users edit their posts within the topic. Moderators have the option of unlocking the topic later, if they wish. Moving a topic: This generally happens when a topic s subject matter isn t consistent with the purpose of the forum in which it was posted. When a moderator moves a topic, phpBB gives the option to leave a link in the original forum to the topic s new location with a Moved notation next to it. If you don t use this option, people might think their topics just randomly disappeared or were deleted, when those topics were just moved to another forum. Deleting a topic: This removes a topic permanently and subtracts the number of posts deleted from the post counts of the forum and of the users who posted the topics. More and more communities are beginning to forego deleting offensive topics outright in favor of moving them to a hidden forum. This allows staff members to examine an offensive post and possibly use it as evidence in banning or, in extreme circumstances, reporting incidents to Internet service providers or law enforcement. Splitting a topic: This is a good way to salvage a thread that has gone astray or remove posts that may be offensive to a hidden location for further discussion by staff. Splitting a topic takes posts out of one topic and generates a new topic from those posts. You can split off the end of a topic, or even take posts right out of the middle. The first post in the original topic can never be split out. Figure 10-13 illustrates the split topic function in action.
Searching for affordable and reliable webhost to host and run your web applications? Go to our java web server services and you will be pleased.

310 CHAPTER 10 SECURING AND MAINTAINING PHPBB Figure 10-11. The Ban panel Use extreme caution when banning IP addresses (and especially ranges of IP addresses). Users on dial-up connections typically have their IP address change every session, so banning an IP address may be useful briefly but then ban an innocent person later. Banning ranges of IP addresses could potentially block an entire Internet service provider, so do that only if you really must. You can use sites such as samspade.orgor network-tools.com(which phpBB s Administration panel references) to run WHOIS queries on IP addresses, so you can find out the range that they cover. Then you ll be able to avoid inadvertently banning whole cities or providers. It s a good idea to keep the list of banned IP addresses relatively short and trim. In most cases, once a troublemaker has been banned for a while, she will move on to another forum to cause problems. You don t want to inadvertently lose visitors due to overzealous banning. Moderating Your Forums Effective moderation is the key to every successful community. Moderation must be firm but fair, and it should always be professional. Here, I will show you the tools you can use to moderate posts on your site. I will leave it to you, the community administrator, to develop a policy on moderation that you feel is fair to your members.
From our experience, we can recommend PHP Web Hosting services, if you need affordable webhost to host and run your web application.