320 CHAPTER 10 SECURING AND MAINTAINING PHPBB (Web site optimization)
320 CHAPTER 10 SECURING AND MAINTAINING PHPBB Introducing phpBB 3.0 Security and Maintenance Enhancements phpBB 3.0 features a vastly improved set of options for hardening your board as well as performing maintenance. Additionally, the new version offers incredible performance improvements plus more tuning options. Caution The standard disclaimer applies: as of this writing, phpBB 3.0 is still in prerelease form, with the permissions system under heavy construction. Screen shots and information here can and likely will change between now and final release. Managing Permissions in phpBB 3.0 Back in Chapter 8, I introduced you to the new phpBB 3.0 permissions system with regard to working with forums. Additionally, you will be able to restrict all facets of a user s interaction with the board, including limiting access in the Administration panel, restricting private messages, and much more. Per-user and group permissions have been expanded considerably and are far more flexible than ever before. Here are a few of the permissions enhancements: The Founder: A new security feature in phpBB 3.0 designates the user who set up the forum as the community Founder. The Founder cannot, under any circumstances, lose administrative privileges. The Founder has the right, by default, to all objects, and other administrators cannot edit these preferences. This prevents malicious users from demoting every administrator and holding a board hostage, so to speak. Administrative permissions for user groups: A glaring omission from phpBB 2.0 is the ability to assign a user group administrator rights. This is no longer the case in phpBB 3.0. As before, you can use user groups to assign moderator permissions, and also assign supermoderators in the same fashion. User groups have become much more useful in this release as a result of these changes, and they are my preferred method for designating permissions in phpBB 3.0. Piecemeal administrative/moderator power: phpBB s permissions system breaks the mold of one-size-fits-all permissions for moderators and administrators and now permits you to assign or revoke individual rights to users or groups. For example, you can set someone to be able to access the Administration panel to ban users and edit user accounts, but not view the system logs. Using Strengthened Security Features in phpBB 3.0 phpBB 3.0 offers a dazzling array of enhancements to other facets of security beyond the permissions system. There are now logging features that record activity by your staff, temporary banning, post reporting, and much, much more.
We recommend high quality webhost to host and run your jsp application: christian web host services.