Documentation
3.2. General Configuration and Front Page
The section is the first screen you see each time you log into the ACP. It contains some basic statistics and information about your forum. It also has a subsection called . It provides quick access to some of the admin pages that are frequently used, like User Management or Moderator Logs. We will discuss its items later in their specific sections.
We will concentrate on the other three subsections: Board Configuration, Client Communication, and Server Configuration.
3.2.1. Board Configuration
This subsection contains items to adjust the overall features and settings of the forum.
3.2.1.1. Board Settings
The allow you to change the most important setting of your forum installation: the name of your forum. Put the name of your site into the Site Name text field and it will be shown on the header of the default style and will be the prefix to the window title of your browser.
The Site Description is the slogan or tag line of your forum. It will appear below the Site Name on the default style's header.
If you need to close your whole forum to do maintenance work, for instance, you can do it by using the Disable Board switch. This will keep any members of your forum that are not Administrators or Moderators from accessing the board. They will either see a default message instead of the forum or you can add your own message in the text field below the check boxes. Administrators and Moderators will still be able to browse forums and use their specific control panels.
You need to set the Default Language of your board. This is the language guests will see when they visit the board. You can allow users to choose other languages. By default there is only English [UK] installed but you can download more languages on the phpBB website. Find out more about working with languages in the Language Pack configuration.
TODO: Write about date format and timezone, may change, so leaving this out for now.
The board will appear to your guests and members in the Default Style. In the standard phpBB installation two Styles are available (TODO: write more about them?). You can either allow users to select another Style than the default by selecting No in the Override User Style setting or disallow it. Please visit the Styles section to find out how to add new Styles and where to find them.
Moderators can send warnings to users that break the forum rules. The value of Warning Duration defines the number of days a warning is valid until it expires. Read more about warnings in the Moderator Control Panel. TODO: Add link to this section.
3.2.1.2. Board Features
Through the section you can enable or disable several features board-wide. Note that any feature you disable here will not be available on your forum, even if you give your users permissions to use them.
3.2.1.3. Attachment Settings
One of the many new features in phpBB 3.0 is Attachments. Attachments are files that can be attached to posts, like e-mail attachments. Certain restrictions, set by the board administrator, control what users can attach. You can set these restrictions via the page.
For more information, see the section on configuring your board's attachment settings.
3.2.1.4. Avatar Settings
Avatars are generally small, unique images a user can associate with themselves. Depending on the style, they are usually displayed below the user name when viewing topics. Here you can determine how users can define their avatars.
There are three different ways a user can add an avatar to their profile. The first way is through an avatar gallery you provide. Note that there is no avatar gallery available in a default phpBB installation. The Avatar Gallery Path is the path to the gallery images. The default path is images/avatars/gallery. The gallery folder does not exist in the default installation so you have to add it manually if you want to use it.
The images you want to use for your gallery need to be in a folder inside the gallery path. Images directly in the gallery path won't be recognised. There is also no support for sub folders inside the gallery folder.
The second approach to avatars is through Remote Avatars. This are simply images linked from another website. Your members can add a link to the image they want to use in their profile. To give you some control over the size of the avatars you can define the minimum and maximum size of the images. The disadvantage of Remote Avatars is that you are not able to control the file size.
The third approach to avatars is through Avatar Uploading. Your members can upload an image form their local system which will be stored on your server. They will be uploaded into the Avatar Storage Path you can define. The default path is images/avatars/upload and does already exist after installation. You have to make sure that it is server writable (TODO: a link to a FAQ that explains this). The file format of the images has to be either gif, jpeg, or png, and the avatars will be automatically checked for their file and image size after the upload. You can adjust the Maximum Avatar File Size and images that are bigger than the allowed value will be discarded.
3.2.1.5. Private Messaging
Private Messages are a way for registered members to communicate privately through your board without the need to fall back to e-mail or instant messaging.
You can disable this feature with the Private Messaging setting. This will keep the feature turned off for the whole board. You can disable private messages for selected users or groups with Permissions. Please see the Permissions section for more information.
Olympus allows users to create own personal folders to organise Private Messages. The Max Private Messages Per Box setting defines the number of message folders they can create. The default value is 4. You can disable the feature with setting value to 0.
Max Private Messages Per Box sets the number of Private Messages each folder can contain. The default value is 50, Set it to 0 to allow unlimited messages per folder.
If you limit the number of messages users can store in their folders, you need to define a default action that is taken once a folder is full. This can be changed in the "Full Folder Default Action" list. The oldest message gets deleted or the new message will be held back until the folder has place for it. Note that users will be able to choose this for themselves in their PM options and this setting only changes the default value they face. This will not override the action a user chosen.
When sending a private message, it is still possible to edit the message until the recipient reads it. After a sent private message has been read, editing the message is no longer possible. To limit the time a message can be edited before the recipient reads it, you can set the Limit Editing Time. The default value is 0, which allows editing until the message is read. Note that you can disallow users or groups to edit Private Messages after sending through Permissions. If the permission to edit messages is denied, it will override this setting.
The General Options allow you to further define the functionality of Private Messages on your board.
Allow Mass PMs: enables the sending of Private Messages to multiple recipients. This feature is enabled by default. Disabling it will also disallow sending of Private Messages to groups.
Tip
See the Groups section for information on how to enable the ability to send a message to a whole group.
By default, BBCode and Smilies are allowed in Private Messages.
Tip
Even if enabled, you can still disallow users or groups to use BBCode and Smilies in Private Messages through Permissions.
We don't allow attachments by default. Further settings for attachments in Private Messages are in the Attachment Settings. There you can define the number of attachments per message for instance.
3.2.2. Client communication
Other than its own authentication system, phpBB3 supports other client communications. phpBB3 supports authentication plugins (by default, the Apache, DB, and LDAP plugins), email, and Jabber. Here, you can configure all of these communication methods. The following are subsections describing each client communication method.
3.2.2.1. Authentication
Unlike phpBB2, phpBB3 offers support for authentication plugins. By default, the Apache, DB, and LDAP plugins are supported. Before switching from phpBB's native authentication system (the DB method) to one of these systems, you must make sure that your server supports it. When configuring the authentication settings, make sure that you only fill in the settings that apply to your chosen authentication method (Apache or LDAP).
Authentication
Select an authentication method: Choose your desired authentication method from the selection menu.
LDAP server name: If you are using LDAP, this is the name or IP address of the LDAP server.
LDAP user: phpBB will connect to the LDAP server as this specified user. If you want to use anonymous access, leave this value blank.
LDAP password: The password for the LDAP user specified above. If you are using anonymous access, leave this blank.
Important
This password will be stored as plain text in the database; it will be visible to everybody who can access your database.
LDAP base dn: The distinguished name, which locates the user information.
LDAP uid: The key under which phpBB will search for a given login identity.
LDAP email attribute: this to the name of your user entry email attribute (if one exists) in order to automatically set the email address for new users. If you leave this empty, users who login to your board for the first time will have an empty email address.
3.2.2.2. Email settings
phpBB3 is capable of sending out emails to your users. Here, you can configure the information that is used when your board sends out these emails. phpBB3 can send out emails by using either the native, PHP-based email service, or a specified SMTP server. If you are not sure if you have an SMTP server available, use the native email service. You will have to ask your hoster for further details. Once you are done configuring the email settings, click Submit.
Note
Please ensure the email address you specify is valid, as any bounced or undeliverable messages will likely be sent to that address.
General Settings
Enable board-wide emails: If this is set to disabled, no emails will be sent by the board at all.
Users send email via board:: If this is set to enabled, a form allowing users to send emails to each other via the board will be displayed, rather than an email address.
Email function name: If you are using the native, PHP-based email service, this should be the name of the email function. This is most likely going to be "mail".
Email package size: This is the number of emails that can be sent in one package. This is useful for when you want to send mass emails, and you have a large amount of users.
Contact email address: This is the address that your board's email feedback will be sent to. This is also the address that will populate the "From" and "Reply-to" addresses in all emails sent by your board.
Return email address: This is the return address that will be put on all emails as the technical contact email address. It will always populate the "Return-Path" and "Sender" addresses in all emails sent by your board.
Email signature: This text will be attached at the end of all emails sent by your board.
Hide email addresses: If you want to keep email addresses completely private, set this value to "Yes".
SMTP Settings
Use SMTP server for email: Select "Yes" if you want your board to send emails via an SMTP server. If you are not sure that you have an SMTP server available for use, set this to "No"; this will make your board use the native, PHP-based email service, which in most cases is the safest available option.
SMTP server address: The address of the SMTP server.
SMTP server port: The port that the SMTP server is located on. In most cases, SMTP servers are located on port 25; do not change this value if you are unsure about this.
Authentication method for SMTP: This is the authentication method that your board will use when connecting to the specified SMTP server. This only applies if an SMTP username and password are set, and required by the server. The available methods are PLAIN, LOGIN, CRAM-MD5, DIGEST-MD5, and POP-BEFORE-SMTP. If you are unsure about which authentication method you must use, ask your hoster for more information.
SMTP username: The username that phpBB will use when connecting to the specified SMTP server. You should only fill this in if the SMTP server requires it.
SMTP password: The password for the above specified username that phpBB will use when connecting to the specified SMTP server. You should only fill this in if the SMTP server requires it.
3.2.2.3. Jabber settings
phpBB3 also has the ability to allow users to communicate via Jabber. Your board can send instant messages and board notices via Jabber, too. Here, you can enable and control exactly how your board will use Jabber for communication.
Note
Some Jabber servers include gateways or transports which allow you to contact users on other networks. Not all servers offer all transports and changes in protocols can prevent transports from operating. Note that it may take several seconds to update Jabber account details, so do not stop the script until it has finished!
Jabber settings
Enable Jabber: Set this to "Enabled" if you want to enable the use of Jabber for messaging and notifications.
Jabber server: The Jabber server that your board will use. For a list of public servers, see jabber.org's list of open, public servers.
Jabber port: The port that the Jabber server specified above is located on. Port 5222 is the most common port; if you are unsure about this, leave this value alone.
Jabber username: The Jabber username that your board will use when connecting to the specified Jabber server. If the username you specify is unregistered on the server, phpBB3 will attempt to register the username for you.
Jabber password: The password for the Jabber username specified above. If the Jabber username is unregistered, phpBB3 will attempt to register the above Jabber username, with this specified value as the password.
Jabber resource: This is the location of the particular connection that you can specify. For example, "board" or "home".
Jabber package size: This is the number of messages that can be sent in one package. If this is set to "0", messages will be sent immediately and is will not be queued for later sending.
3.2.3. Server configuration
As an administrator of a board, being able to fine-tune the settings that your phpBB board uses for the server is a must. Configuring your board's server settings is very easy. There are five main categories of server settings: , , , , and . Properly configuring these settings will help your board not only function, but also work efficiently and as intended. The following subsections will outline each server configuration category.
3.2.3.1. Cookie settings
Your board uses cookies all the time. Cookies can store information and data; for example, cookies are what enable users to automatically login to the board when they visit it. The settings on this page define the data used to send cookies to your users' browsers.
Warning
When editing your board's cookie settings, do so with caution. Incorrect settings can cause such consequences as preventing your users from logging in.
To edit your board's cookie settings, locate the Cookie Settings form. The following are four settings you may edit:
Cookie Settings
Cookie domain: This is the domain that your board runs on. Do not include the path that phpBB is installed in; only the domain itself is important here.
Cookie name: This is the name that will be assigned to the cookie when it is sent to your users' browsers and stored. This should be a unique cookie name that will not conflict with any other cookies.
Cookie path: This is the path that the cookie will apply to. In most cases, this should be left as "/", so that the cookie can be accessible across your site. If for some reason you must restrict the cookie to the path that your board is installed in, set the value to the path of your board.
Cookie secure: If your board is accessible via SSL, set this to Enabled. If the board is not accessible via SSL, then leave this value set to Disabled, otherwise server errors will result during redirections.
When you are done editing your board's server settings, click Submit to submit your changes.
3.2.3.2. Server settings
On this page, you can define server and domain-dependent settings. There are three main categories of server settings: Server Settings, Path Settings, and Server URL Settings. The following describes each server settings category and the corresponding settings in more detail. When you are done configuring your board's server settings, click Submit to submit your changes.
Warning
When editing your board's server settings, do so with caution. Incorrect settings can cause such consequences as emails being sent out with incorrect links and/or information, or even the board being inaccessible.
The Server Settings form allows you to set some settings that phpBB will use on the server level. The only available option at this time is Enable GZip Compression. Setting this value will enable GZip compression on your server. This means that all content generated by the server will be compressed before it is sent to users' browsers, if the users' browsers support it. Though this can reduce network traffic/bandwidth used, this will also increase the server and CPU load, on both the user's and server's sides.
Next, the Path Settings form allows you to set the various paths that phpBB uses for certain board content. For default installations, the default settings should be sufficient. The following are the four values that you can set:
Path Settings
Smilies storage path: This is the path to the directory, relative to the directory that your board is installed in, that your smilies are located in.
Post icons storage path: This is the path to the directory, relative to the directory that your board is installed in, that the topic icons are stored in.
Extension group icons storage path: This is the path to the directory, relative to the directory that your board is installed in, that the icons for the attachments extension groups.
The last category of server settings is Server URL Settings. The Server URL Settings category contains settings that allow you to configure the actual URL that your board is located at, as well as the server protocol and port number that the board will be accessed to. The following are the five settings you may edit:
Server URL Settings
Force server URL settings: If for some reason the default settings for the server URL are incorrect, then you can force your phpBB board to use the server URL settings you specify below by selecting the Yes radio button.
Server protocol: This is the server protocol (http:// or https://, for example) that your board uses, if the default settings are forced. If this value is empty or the above Force server URL settings setting is disabled, then the protocol will be determined by the cookie secure settings.
Domain name: This is the name of the domain that your board runs on. Include "www" if applicable. Again, this value is only used if the server URL settings are forced.
Server port: This is the port that the server is running on. In most cases, a value of "80" is the port to set. You should only change this value if, for some reason, your server runs on a different port. Again, this value is only used if the server URL settings are forced.
Script path: This is the directory where phpBB is installed, relative to the domain name. For example, if your board was located at www.example.com/phpBB3/, the value to set for your script path is "/phpBB3". Again, this value is only used if the server URL settings are forced.
When you are done editing your board's server settings, click Submit to submit your changes.
3.2.3.3. Security settings
Here, on the page, you are able to manage security-related settings; namely, you can define and edit session and login-related settings. The following describes the available security settings that you can manage. When you are done configuring your board's security settings, click Submit to submit your changes.
- Allow persistent logins
This determines whether users can automatically login to your board when they visit it.
The available options are Yes and No. Choosing Yes will enable automatic logins.
- Persistent login key expiration length (in days)
This is the set number of days that login keys will last before they expire and are removed from the database.
You may enter an integer in the text box located to the left of the word Days. This integer is the number of days for the persistent login key expiration. If you would like to disable this setting (and thereby allow use of login keys indefinitely), enter a "0" into the text box.
- Session IP validation
This determines how much of the users' IP address is used to validate a session.
There are four settings available: All, A.B.C, A.B, and None. The All setting will compare the complete IP address. The A.B.C setting will compare the first x.x.x of the IP address. The A.B setting will compare the first x.x.x of the IP address. Lastly, selecting None will disable IP address checking altogether.
- Validate browser
This enables the validation of the users' browsers for each session. This can help improve the users' security.
The available options are Yes and No. Choosing Yes will enable this browser validation.
- Validate X_FORWARDED_FOR header
This setting controls whether sessions will only be continued if the sent X_FORWARDED_FOR header is the same as the one sent with the previous request. Bans will be checked against IP addresses in the X_FORWARDED_FOR header too.
The available options are Yes and No. Choosing Yes will enable the validation of the X_FORWARDED_FOR header.
- Check IP against DNS Blackhole List:
You are also able to check the users' IP addresses against DNS blackhole lists. These lists are blacklists that list bad IP addresses. Enabling this setting will allow your board to check your users' IP addresses and compare them against the DNS blackhole lists. Currently, the DNS blacklist services on the sites spamcop.net, dsbl.org, and spamhaus.org.
- Check email domain for valid MX record
It is also possible to attempt to validate emails used by your board's users. If this setting is enabled, emails that are entered when users register or change the email in their profile will be checked for a valid MX record.
The available options are Yes and No. Choosing Yes will enable the checking of MX records for emails.
- Password complexity
Usually, more complex passwords fare well; they are better than simple passwords. To help your users try to make their account as secure as possible, you also have the option of requiring that they use a password as complex as you define. This requirement will apply to all users registering a new account, or when existing users change their current passwords.
There are four options in the selection menu. will disable password complexity checking completely. The setting requires that your users' passwords have both lowercase and uppercase letters in their password. The setting requires that your users' password include both letters from the alphabet and numbers. Lastly, the setting will require that your users' passwords include symbols.
Note
For each password complexity requirement, the setting(s) above it in the selection menu will also apply. For example, selecting will require your users' passwords to include not only alphanumeric characters, but also have both lowercase and uppercase letters.
- Force password change
It is always ideal to change passwords once in a while. With this setting, you can force your users to change their passwords after a set number of days that their passwords have been used.
Only integers can be entered in the text box, which is located next to the Days label. This integer is the number of days that, after which, your users will have to change their passwords. If you would like to disable this feature, enter a value of "0".
- Maximum number of login attempts
It is also possible to limit the number of attempts that your users can have to try to login. Setting a specific limit will enable this feature. This can be useful in temporarily preventing bots or other users from trying to log into other users' accounts.
Only integers can be entered for this setting. The number entered it the maximum number of times a user can attempt to login to an account before having to confirm his login visually, with the visual confirmation.
- Allow PHP in templates
Unlike phpBB2, phpBB3 allows the use of PHP code in the template files themselves, if enabled. If this option is enabled, PHP and INCLUDEPHP statements will be recognized and parsed by the template engine.
