The system scheduler is crucial for scheduled tasks like sending notifications, running backups, and processing reports. To set it up, you need to schedule a system-level task to run the data/cron_bridge.php file at least every 10 minutes. This links Composr's scheduler with your server's scheduler (like Cron on Linux).
Composr can often detect the correct command to use for your setup. You can check by visiting http://yourbaseurl/data/cron_bridge.php?query_mode=1, which should display the suggested Cron command. Note that you may need to replace the php command with the absolute path to PHP if you cannot use the php command directly.
If your hosting doesn't support Cron or scheduled tasks, you can enable scheduled tasks to run when visitors access your site. Navigate to Admin Zone > Setup > Configuration > Performance options and check "Web requests run scheduled tasks". Keep in mind that this method relies on visitor traffic and isn't as reliable as a dedicated scheduler.
Alternatively, consider using external services like EasyCron, setcronjob.com, or onlinecronjobs.com. These services allow you to schedule calls to the data/cron_bridge.php script by URL at specified intervals.
What are the different security levels in Composr's Setup Wizard and what do they affect?
Answer
Composr offers five security levels in the Setup Wizard: Minimum, Low, Medium, High, and Ultra High. Each level sets various security configurations that you can later customize under Admin Zone > Setup > Configuration.
The security levels influence settings such as:
Content Security Policy
Session expiry time
Password reset process
Password expiry days
Minimum password length and strength
Login error secrecy
IP strictness for sessions
Cryptographic ratchet
CAPTCHA usage
Brute force threshold
Audio CAPTCHA
URL Monikers
.htaccess restrictions on maintenance scripts
Enquiry on new IP addresses
The higher the security level, the more stringent the security measures, with Ultra High offering the most robust protection but the most potential inconvenience to users.
Generally, you should use these settings depending on your site:
Minimum: Very bare-bones informational-only sites
Low: Sites which do not allow public registrations and do not use eCommerce but have content managed by different staff, and are not concerned with privacy or data
Medium: Sites with social features / public accounts but do not use eCommerce.
High: Sites which use eCommerce.
Ultra High: Sites containing very sensitive data, such as but not limited to cybersecurity sites, government departments, banks, healthcare, etc.
You can change your site's logo manually or by using the Logo Wizard. To change it manually, go to Admin Zone > Style > Themes. Choose "logo/-logo" from the dropdown list, which represents the logo for the Welcome Zone and any zone without a specific logo. Replace the current image by uploading a new .jpeg, .gif, or .png file. Ensure that the 'Name' field remains unchanged.
Composr is built using a series of addons that provide different functionalities. All "bundled" addons are installed by default. Once you are familiar with Composr, it's recommended to remove any bundled addons you don't need to simplify your site and prevent accidental exposure of unconfigured features to visitors (the Setup Wizard can also uninstall these addons based on your preferences). You can manage addons by navigating to Admin Zone > Structure > Addons. Uninstalled addons are archived and can be restored later, but any associated data will be permanently lost.
Composr also offers non-bundled addons. These addons are not bundled because they are not considered mainstream, rely on third-party services, haven't been vetted to Composr standards, or don't fully conform to those standards.
You can install non-bundled addons by going to Admin Zone > Structure > Addons, scrolling to the bottom and clicking "Import non-bundled addon(s)". You will need to browse to the addon file and click the import button. Once imported, review the warnings and proceed to install the addon.
You can also download and import addons from this website under the Downloads section.
What are some of the default Comcode pages in Composr?
Answer
Composr includes several default Comcode pages, each serving a specific purpose:
home (Welcome and Site zones): The default front pages for the respective zones.
sitemap (Welcome zone): Displays the sitemap, typically generated automatically.
_rules (Welcome zone): Outlines the site rules, also displayed during registration. The "rules" page (no underscore) is a wrapper for this page.
privacy (Welcome zone): Provides privacy policy information. By default, this is generated automatically with Composr's privacy policy generator block.
404 (Welcome zone): The page shown for 404 errors (page not found) and includes a sitemap.
help (Site zone): Contains general help information.
userguide_comcode (Site zone): A basic guide to Comcode for users.
Remember that you can edit these default pages or create entirely new ones to tailor your site's content to your specific needs.
If you want to prevent a Comcode page from appearing in your sitemap, you can simply prefix its name with an underscore (_). For example, pages named "_test" or "_example" would be excluded from the sitemap. Note that this generally does not hide the page from your site itself (to do that, use the validation addon to turn validated to "OFF" for the pages); it only hides them from the sitemap / search engines.
Can I organize Comcode pages in a hierarchical structure?
Answer
Yes, Composr allows you to simulate a hierarchical structure for your Comcode pages using multi-part paths in the page monikers. By editing the page monikers to include slashes (e.g., "about/team"), you can create a virtual directory structure within a single zone, enhancing your site's organization and navigation.
How do I embed content from other modules into a Comcode page?
Answer
You can use various blocks to embed content from different modules:
main_content block: Allows you to feature individual entries from modules/content like news or articles.
main_multi_content, main_cc_embed, main_gallery_embed, main_news blocks: Enable you to pull in and display multiple entries based on categories or other criteria.
main_include_module block: Provides a powerful way to integrate any module screen directly into a Comcode page.
What is the difference between blocks and boxes in Composr?
Answer
While both terms may seem similar, they have distinct meanings in Composr:
Blocks are functional units that generate dynamic content or provide specific features. They don't inherently have a visual form and their output can vary widely.
Boxes are a visual design element in Composr, essentially containers that visually group content on a page and often with a title at the top.
In practice, blocks often place their content within a box, but this isn't a requirement / standard.
Yes, you can customize the appearance of blocks by editing the associated templates and CSS. Each block typically has a corresponding template file (e.g., BLOCK_MAIN_NEWS.tpl for the main_news block) that controls its HTML structure. You can modify this template to change the layout and styling of the block's output.
An easy way to do this is through the template editor in Admin Zone > Style > Themes, and click edit templates for the relevant theme.
Post history tracks changes made to forum posts, including edits and deletions. This feature helps monitor for inappropriate edits or attempts to cover up spam or rule violations. Staff can review the history, restore deleted content, or even permanently erase it.
Yes, Composr provides various moderation tools for managing forum content. Moderators can edit or delete posts and topics, move topics between forums, close or open discussions, and validate content submitted by users who require approval. These are done in an actions dropdown on a topic, or through buttons on individual posts.
What is the "black hole" technique and how does it work?
Answer
The "black hole" technique involves adding hidden fields to forms. While invisible to human users, bots often detect and fill these fields, revealing their nature. Composr uses this information to flag and block suspected spam submissions.
You can report spam using the "report this" link or "report" (forum post button) feature. This alerts staff to the issue, allowing them to investigate and take appropriate action, such as deleting the spam, warning the user, or banning them. It also creates a Support Ticket between the reporter and staff in case the staff need further information.
RBLs are third-party lists that track IP addresses associated with spamming activity. Composr can be configured to consult these lists and block or flag requests from suspicious IPs. However, relying solely on RBLs may lead to false positives, as some lists are overly broad.
CAPTCHAs are tests designed to differentiate between human users and bots. Composr's unique CAPTCHA method uses CSS and JavaScript to generate images or audio challenges that are difficult for bots to solve. While effective, some spammers use human workers to bypass CAPTCHAs, leading to the need for additional anti-spam measures.
Composr offers several tools and techniques to combat spam, including:
CAPTCHA: A visual or audio test that humans can easily pass but bots struggle with. This helps prevent automated spam submissions.
Heuristics: If Composr thinks an action is spam based off of configurable criteria, it can either flag the content for validation, block the attempt, or ban the IP address outright.
Public block lists: Composr can utilize the Stop Forum Spam system or other block list systems to identify and block known spammers based on IP addresses, usernames, and email addresses.
Link posting restrictions: Disallowing links in member profiles for users with no posts and adding "nofollow" attributes to links discourages spammers seeking backlinks.
Black hole fields: Hidden form fields that should remain empty. Bots often fill these in, allowing Composr to identify them.
Project Honey Pot integration: A system that places hidden links on pages, attracting and identifying spam bots.
Content/post reporting: Users can report spam, enabling staff to take action.
Guest posting limitations: Restricting guest permissions raises the bar for spammers.
Advanced techniques: Developer addons like "antispam_question" or probation systems provide additional layers of protection.
What is the "Sitemap" in Composr, and how is it used?
Answer
The Sitemap is a hierarchical representation of your website's content, including zones, pages, categories, and entries. Composr generates the Sitemap dynamically and uses it for various purposes:
Generating menus.
Creating the user-facing sitemap page.
Generating the XML Sitemap for search engines.
Providing a visual representation of your website structure in the Sitemap editor and Permissions tree editor.
You can edit the sitemap under Admin Zone > Structure > Sitemap editor.
Can I change the URL scheme after my website is already live?
Answer
Yes, you can enable or change a URL scheme on an existing website. Old URLs will redirect to the new format, ensuring that your SEO isn't negatively impacted. The canonical URL will also be specified in your website's HTML, further protecting your search rankings.
