Servlet Web Hosting - MySQL, Java, JSP, Servlet, Tomcat, SSH Blog

CHAPTER 10 SECURING AND MAINTAINING PHPBB 321 The following is a sampling of the new security features: Auditing features: phpBB 3.0 now takes stock of all actions performed by administrators and moderators and places them in a system log. As shown in the example in Figure 10-22, you are now able to see exactly when administrators log in to the Administration panel and what actions they perform. This is an obvious boon to security and helps to provide accountability for when something goes wrong in the Administration panel. Similar logging exists for moderator actions, as well. In addition to these logs, phpBB also takes stock of all board errors that are encountered to aid in troubleshooting. Figure 10-22. An administration log from phpBB 3.0 Authentication plug-ins: Authentication plug-ins are another new option to phpBB 3.0. Previously, the only method provided was to use phpBB s own database. That has all changed in the 3.0 world, with the addition of Apache .htpasswd authentication, as well as authentication against an LDAP server that you specify. A phpBB installation that authenticates against a Windows Server 2003 Active Directory would be nothing short of sweet, particularly in an enterprise setting, and that is theoretically possible with this version. Validation options: The phpBB 3 Server Settings panel permits a few new validation options to be set for sessions. The option exists for setting a minimum threshold for how much an IP address can change in a session without the session being invalidated. This is incredibly useful for combating problems with America Online users, who sit behind rotating proxy servers, which sometimes change their IP addresses on each click. This has caused problems in the past, and you are now free to customize the feature (or even disable it). You can now restrict sessions to one browser; if the user opens a new session on another browser, she is logged out of the original browser.
We highly recommend you visit web and email hosting services if you need stable and cheap web hosting platform for your web applications.

This entry was posted on Sunday, October 14th, 2007 at 11:14 pm and is filed under MySQL5. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.