Convert from other software: See our importing tutorial for a list of importers.

Use an existing member system: See our download page for a list of forum drivers.

Convert an HTML site into Composr pages

LDAP support for corporate networks (Conversr only)

HTTP authentication: Tie into an existing HTTP authentication-based login system (Conversr only)

Proxying system: Programmers can integrate any existing scripts using our sophisticated proxying system (which includes full cookie support).

Minimodules and miniblocks: Programmers can port existing PHP code into Composr itself without having to strictly conform it to Composr's framework

Intuitive sitemap editor: Visually browse your site structure.

Menu editor: Our user friendly editor can work with several different kinds of menu design (drop-downs, tree menus, pop-ups, etc)

Zones (sub-sites): Organise your pages into separate zones. Zones can have different menus, themes, permissions, and content. They can also use a sub-domain.

Full structural control: Edit, move, and delete existing pages and modules.

Redirects: Set up redirects if you move pages, or if you want pages to appear in more than one zone.

Use Composr for clients and pretend you made it.

We ensure Composr is not hard-coded anywhere in the software where it would appear to an average user.

Responsive design and hi-dpi images

True and correct XHTML5 markup

WCAG, ATAG: Meeting of accessibility guidelines in full.

Tableless CSS markup, with no hacks

Support for all major web browsers

Inbuilt tools for checking webstandards conformance of XHTML5, CSS, and JavaScript

Extra markup semantics including Dublin Core support, schema.org, Open Graph, and microformats.

Standards-based JavaScript (modern DOM and AJAX, no DOM-0 or innerHTML)

Automatic cleanup of bad XHTML5: HTML outside your control (e.g. from RSS) will be cleaned up for you.

Highly optimised code

Can run CDNs

Multiple levels of caching

Sophisticated template compiler

Self-learning optimisation system

Automatic pruning of old cache files when caches get large

Translate Composr into your own language

Translate content into multiple languages

Custom time and date formatting

Language packs: Download new language packs as users post them; host multiple languages on your website at the same time.

Time zone support: Members may choose their own time zones, and dates / times will adapt to them.

Support for different character sets and Unicode

Serve different theme images for different languages

Right-to-left languages possible

Professionally designed user interfaces

AJAX techniques: Streamlined website interaction.

WYSIWYG editing

Tutorials: Over 200 written tutorials, and a growing collection of video tutorials.

Displays great on mobiles: Mobile browsers can be automatically detected, or the user can select the mobile version from the footer. All public website features work great on QVGA or higher. The default theme is also responsive and will adapt to the client screen size.

A consistent and fully integrated feature-set: Breadcrumb navigation, previews, and many other features we didn't have space to mention here – are all present right across Composr.

Supports different URL schemes and textual monikers

Automatic site-map generation: Both XML Sitemaps and sitemaps for users.

Metadata: Meta descriptions and keywords for all content. Auto-summarisation.

Keyword density analysis when previewing content

Correct use of HTTP status codes

Content-contextualised page titles

Semantic and accessible markup (e.g. ‘alt tags')

Compliance with major data protection legislation such as the GDPR

Allow members to download or purge their personal data from their profile. Set a limit on the number of days between downloads / purges to preserve server resources.

Also manage member data to a more technical degree in the Administration Zone.

Allow members to purge their data upon deleting their member account

Composr is careful to maintain important data (such as warnings or bans) when members request their data to be purged from their profile. But this data can still be purged on the admin side (in the Admin Zone).

Automatic generation of a basic Privacy Policy based on site settings and installed addons

Cookie Consent notice

Set declarations on the rules page which members must agree to on registration (or whenever they are changed) which are also stored in the database and e-mailed to the member as a written copy

Automatic detection, logging, notifying, and banning of hackers

2-factor-authentication: E-mail based 2-factor-authentication security when unrecognised IP addresses are used with certain usergroups (optional, Conversr-only).

Password strength checks: Enforce minimum password strengths based on length and use of upper / lower case, numbers, and symbols, and avoiding repeated characters (Conversr-only).

Architectural approaches to combat all major exploit techniques

A JavaScript framework that makes XSS attacks virtually impossible

Defence-in-depth: Multiple layers of built-in security.

Encrypted custom profile fields: Once set the CPF can't be read unless a key password is entered (Conversr-only, requires OpenSSL).

Extensive support and use of Content Security Policy (CSP)

Track failed logins and automatically ban brute-force attacks

HTML filtering

Protection against CSRF attacks: Forms and AJAX requests make use of randomly generated POST tokens

Root-kit detection kit for developers

Cookies are secure and HttpOnly where possible to prevent session hijacking

Set number of days that passwords expire or must be changed

• The script: http://yourbaseurl/config_editor.php
• The Admin Zone: Admin Zone > Setup > Configuration > Installation Options

• Zone access permissions
• Page (or content entry) access permissions
• Catalogue access permissions
• Category access permissions

• Content Security Policy
• Session expiry time
• Password reset process
• Password expiry days
• Minimum password length and strength
• Login error secrecy
• IP strictness for sessions
• Cryptographic ratchet
• CAPTCHA usage
• Brute force threshold
• Audio CAPTCHA
• URL Monikers
• .htaccess restrictions on maintenance scripts
• Enquiry on new IP addresses

• Minimum: Very bare-bones informational-only sites
• Low: Sites which do not allow public registrations and do not use eCommerce but have content managed by different staff, and are not concerned with privacy or data
• Medium: Sites with social features / public accounts but do not use eCommerce.
• High: Sites which use eCommerce.
• Ultra High: Sites containing very sensitive data, such as but not limited to cybersecurity sites, government departments, banks, healthcare, etc.

• home (Welcome and Site zones): The default front pages for the respective zones.
• sitemap (Welcome zone): Displays the sitemap, typically generated automatically.
• _rules (Welcome zone): Outlines the site rules, also displayed during registration. The "rules" page (no underscore) is a wrapper for this page.
• privacy (Welcome zone): Provides privacy policy information. By default, this is generated automatically with Composr's privacy policy generator block.
• 404 (Welcome zone): The page shown for 404 errors (page not found) and includes a sitemap.
• help (Site zone): Contains general help information.
• userguide_comcode (Site zone): A basic guide to Comcode for users.