Random quotes: Put random quotes (e.g. testimonials) into your design.

Awards: Showcase your most popular content, and optionally award the submitter with points.

Tags: Set keyword tags for content and display tag clouds.

Recent content: Automatically feature links to your most recent content (via main_multi_content block).

Show website statistics to your visitors (via stats graphs or page hit counters).

Random content: Feature random content from your website specified via a sophisticated filtering language.

Automatically create newsletter issues highlighting your latest content

Double opt-in: Prevent false sign-ups by asking subscribers to confirm their subscriptions.

Host multiple newsletters: Visitors can subscribe to the ones they want.

Flexible mailings: Send out mailings to all members, to different usergroups, or to subscribers of specific newsletters.

Welcome e-mails: Send multiple welcome e-mails to new users automatically, on a configurable schedule (Conversr-only).

Bounce cleanup: Automatically clean out bounces from your e-mail list.

Unsubscribe: Recipients can easily unsubscribe from newsletters through an unsubscribe link provided in the e-mail.

Change settings: Newsletter subscribers can change their subscription settings on-site.

Drip sending: Prevent overwhelming your mail server or outbound limits.

Choose what is searchable

Boolean and full-text modes

Keyword highlighting in results

Search boxes to integrate into your website

Logging/stats

OpenSearch support: Allow users to search from inside their web browser.

Results sorting, and filtering by author and date

Search within downloads: Including support for looking inside archives.

Composr fast custom index: Support full-text searches in instances where your database does not

Multiple types: Each one can specify its own width-by-height (e.g. skyscraper).

Smart banners: Integrate text-banners into your content via keyword detection.

Broad media compatibility: Image banners, external banner rotations, and text banners.

Determine which banners display most often

Run a cross-site banner network

Hit-balancing support: A site on a banner network gets as many inbound hits as it provides outbound clicks.

Targeted advertising: Show different banners to different usergroups.

Track banner performance

Use the banner system to display whole sets of sponsor logos or partners

Supports Geotargeting

Periodic content reviews: Reminders to check (or remove) banners

Quick installer: Our self-extractor allows faster uploads and will automatically set permissions.

Wizard-based installation

Auto-scans for compatibility problems: Be informed of problems before installing

Get your site up and running in just a few minutes

Keep your site closed to regular visitors until you're happy to open it

Configures server: Automatically generates an htaccess file for you (for Apache).

Auto-detection of forum settings for easy integration

Install test content

Add virtually unlimited pages to your site

WYSIWYG editor (powered by CKEditor)

Convenient edit links: Staff see “edit this” links at the bottom of every page.

PHP support: Upload your PHP scripts and run them inside Composr (may require adjustments to the script code).

Hierarchical page structure: Supports parent and child pages

Periodic content reviews: Helping you ensure ongoing accuracy of your content.

Add Comcode pages (the default) or static HTML pages

Supports revisions and revision control systems (such as git); add new pages as files, and Composr will automatically register them in its system.

Clear organisation: Uses a tree structure for unlimited categorisation.

Anti-leech protection: download links contain a session ID

Community-centred: Allow users to comment upon and rate downloads

Many ways to add new files: Upload files. Link-to existing files. Copy existing files using a live URL. Batch import links from existing file stores.

Author support: Assign your downloads to authors, so users can find other downloads by the same author.

Set licences: Make users agree to a licence before downloading.

Images: Show images along with your downloads (e.g. screen-shots) (this implicitly uses galleries).

Basic file versioning support

Control monthly bandwidth use site-wide

Think “structured wikis”.

Create an encyclopaedic database for your website

Use a tree-structure or traditional cross-linking

Supports revisions: Track changes

Display the tree structure of your entire Wiki+

Allow users to jump in at random pages

Make your pages either wiki-style or topic-style

Allow members to contribute to Wiki+ pages by adding Wiki+ posts

Run a competition: Choose winners randomly from those who passed the quiz.

Surveys: Gather data and find trends.

Tests: Test members' knowledge on a variety of topics.

Cheat prevention: Settings to prevent cheating, such as time limits, question / answer shuffling, and re-testing rules.

Integration with points: Charge points to enter a competition, or award points for winning.

Member blogs: Allow members to have their own blogs on their profile

RSS and Atom support: Export and import feeds.

Trackback support: Send and receive trackbacks.

Scheduled publishing

Ping support and RSS Cloud support

Multiple news categories and filtering

Multiple ways to integrate news into your website

Import from RSS feeds

Supports geotargeting

Members can rate and comment on news articles and blog posts

Send out a news article as a newsletter

• System-defined staff: This includes administrators and super moderators who have specific privileges within the forum/member system (Conversr).
• Privilege-based staff: Anyone granted the necessary permissions for a particular situation is considered staff for that context.

• Identify the Cause: Analyze access logs for suspicious activity and pinpoint the vulnerability.
• Clean and Restore: Restore your website from a clean backup and thoroughly remove any malicious code.
• Address Vulnerabilities: Patch security holes, update software, and strengthen security configurations.
• Seek Expert Help: If needed, consult security professionals for assistance with cleanup and prevention.

• SSL: Enable HTTPS for encrypted communication and improved user trust.
• Secure Zones: Configure sensitive zones to require confirmed sessions.
• Restrict Logins: Enforce IP address confirmation for enhanced account security.
• Maintenance Scripts: Restrict access to maintenance scripts like upgrader.php via IP restrictions.
• Server Hardening: Disable unnecessary services, change default ports, enable automatic updates, and more.
• Robots.txt: Use the robots.txt file to prevent search engine indexing of sensitive areas.

• XSS Attacks: By restricting inline scripts and limiting script sources.
• Data Injection Attacks: By controlling the allowed origins for data requests.
• Clickjacking: By specifying allowed framing sources.

• Confirmed: When you actively log in with your credentials.
• Non-confirmed: When you return to the site and are automatically logged in via cookies.

• Choose a Secure Host: Opt for hosts that offer suEXEC and open_basedir for better account isolation.
• Test Security: Verify the host's security measures with the provided filesystem_browser.php script.
• Restrict _config.php: Remove world-writable permissions from _config.php after installation.

• HTML Filtering: Configurable levels of filtering prevent malicious script injection.
• Content Security Policy (CSP): Restricts the sources from which scripts and other resources can be loaded.
• Input Sanitization: Data is sanitized before being processed to prevent malicious code execution.
• Output Encoding: Data displayed to users is properly encoded to prevent interpretation as active code.

• DODGY_GET_HACK: Suspicious URLs with potentially harmful characters.
• EVIL_POSTED_FORM_HACK: Possible CSRF attempts via malicious form submissions.
• SCRIPT_UPLOAD_HACK: Attempts to upload PHP scripts, potentially malicious.
• DOWNLOAD_PRIVATE_URL_HACK/TRY_TO_DOWNLOAD_SCRIPT: Attempts to download sensitive files.
• BRUTEFORCE_LOGIN_HACK: Repeated failed login attempts.
• SQL_INJECTION_HACK: Attempts to exploit SQL queries for data extraction.

• Avoid FTP: Use secure alternatives like SFTP or SSH for file transfer.
• Secure Email: Enable SSL for IMAP and POP3 email protocols.
• Strong Passwords: Use unique and complex passwords for different services.
• Secure Computers: Keep your own devices patched and secure.
• Maintenance Password: Remove the maintenance password from _config.php when not in use.

• Visual representation of password quality and enforcement of complexity rules.
• Password expiry and prevention of re-use.
• Secure password hashing, even if the database is compromised.
• Temporary passwords for staff setup.

• Two-factor authentication via IP address approval.
• IP address banning, including wildcard banning.
• Session locking to IP addresses.
• Configurable session expiry times.
• Ability to prevent privileged actions from auto-logged in sessions.
• Optional member approval process.

• Comprehensive audit logging of administrative actions.
• Logging of user actions and IP address history.
• Tools to analyze audit logs.
• Failed login logging.
• Hack attack detection, logging, and banning.
• Email notifications for changes to user credentials.

• Protection against CSRF attacks.
• Click-jacking prevention via CSP implementation.
• Secure coding standards and scanning techniques.
• Configurable HTML filtering to prevent XSS attacks.
• Secure code modularization standards.

• Granular privileges and access permissions.
• Content submission validation process.
• Rootkit detection system.
• Spam prevention systems.
• Web application firewall rules.
• Moderation systems.