• Broken links and forms
• Security vulnerabilities
• Outdated software versions
• Server performance issues
• Email configuration problems

• Configuring the CDN option in Composr with a comma-separated list of CDN domain names.
• Ensuring your files are mirrored on the CDN servers.
• Utilizing the CDN_FILTER directive and symbol to control what content is served via CDN.

• $SITE_INFO['disable_smart_decaching'] = '1';
• $SITE_INFO['no_disk_sanity_checks'] = '1';
• $SITE_INFO['hardcode_common_module_zones'] = '1';
• $SITE_INFO['prefer_direct_code_call'] = '1';
• $SITE_INFO['charset'] = 'utf-8';
• $SITE_INFO['known_suexec'] = '1';
• $SITE_INFO['dev_mode'] = '0';
• $SITE_INFO['no_extra_logs'] = '1';
• $SITE_INFO['no_extra_bots'] = '1';
• $SITE_INFO['no_extra_closed_file'] = '1';
• $SITE_INFO['no_installer_checks'] = '1';
• $SITE_INFO['assume_full_mobile_support'] = '1';
• $SITE_INFO['no_extra_mobiles'] = '1';

• Go to the Installation Options editor (yourbaseurl/config_editor.php). You will need your maintenance password.
• Activate the static cache option.

• Language cache: Eliminates the need to parse language files on each page load.
• Template cache: Avoids reparsing template files repeatedly.
• Comcode page cache & Comcode cache: Reduces the need to parse Comcode pages and general Comcode usage.
• Block cache: Caches blocks based on their parameters, minimizing execution.
• Theme image cache: Prevents redundant searches for theme images.
• Values caches: Stores calculated values like member post counts.
• Persistent cache: Keeps frequently used data in memory for faster access.
• Advanced admin cache: Allows admins to view cached pages while the server generates updates.
• Static cache: Serves static pages to bots and guests, bypassing much of the framework.
• Self learning cache: Optimizes resource loading by learning which resources each page requires.

• Check Email Logs: View the email log (Admin Zone > Audit > E-mail queue/log) to see what notifications have been sent.
• Use the SU Feature: Impersonate a member using the SU feature (described in the "Testing access and privileges" tutorial) to view their notification settings and confirm they are set up correctly.
• Enable Carbon-copy Email: Configure a "Carbon-copy e-mail address" in the configuration settings to receive copies of all outgoing emails, including notifications. This helps you monitor email delivery.
• Verify System Scheduler: Ensure the system scheduler is configured correctly if members are not receiving digest emails.
• Check Digest Settings: Confirm that "Enable digest notifications" is enabled in the Messages configuration settings.
• Review "Safety listing limit": If a notification has too many categories, members might not see the full selection tree. Adjust the "Safety listing limit" in the configuration settings if necessary.

• Notification Defaults: You can set default notification preferences for all members. You can enable or disable specific notifications and choose the delivery method (Admin Zone > Setup > Notification defaults).
• Notification Lock-down: You can force members to receive or prevent them from receiving certain notifications (Admin Zone > Setup > Notification lock-down). This allows you to enforce specific notification policies and manage email volume.

• Content Updates: Notifications for new or updated content, such as news articles, forum posts, and gallery images.
• Private Messages: Alerts for new private messages received.
• Friend Requests: Notifications for new friend requests.
• Administrative Actions: Alerts for actions taken by site administrators, such as account approvals or content moderation decisions.

• Email: Notifications sent directly to their email address.
• Digest Email: Combined summaries of activity sent in batched emails. This requires the system scheduler and the digest e-mails configuration option to be enabled.
• Private Topics: Notifications delivered as private forum topics.
• SMS: Notifications sent as text messages (requires configuration and incurs costs).
• Web Notifications: Real-time alerts displayed within the Composr interface.

Intuitive sitemap editor: Visually browse your site structure.

Menu editor: Our user friendly editor can work with several different kinds of menu design (drop-downs, tree menus, pop-ups, etc)

Zones (sub-sites): Organise your pages into separate zones. Zones can have different menus, themes, permissions, and content. They can also use a sub-domain.

Full structural control: Edit, move, and delete existing pages and modules.

Redirects: Set up redirects if you move pages, or if you want pages to appear in more than one zone.

Use Composr for clients and pretend you made it.

We ensure Composr is not hard-coded anywhere in the software where it would appear to an average user.

Responsive design and hi-dpi images

True and correct XHTML5 markup

WCAG, ATAG: Meeting of accessibility guidelines in full.

Tableless CSS markup, with no hacks

Support for all major web browsers

Inbuilt tools for checking webstandards conformance of XHTML5, CSS, and JavaScript

Extra markup semantics including Dublin Core support, schema.org, Open Graph, and microformats.

Standards-based JavaScript (modern DOM and AJAX, no DOM-0 or innerHTML)

Automatic cleanup of bad XHTML5: HTML outside your control (e.g. from RSS) will be cleaned up for you.

Highly optimised code

Can run CDNs

Multiple levels of caching

Sophisticated template compiler

Self-learning optimisation system

Automatic pruning of old cache files when caches get large

Translate Composr into your own language

Translate content into multiple languages

Custom time and date formatting

Language packs: Download new language packs as users post them; host multiple languages on your website at the same time.

Time zone support: Members may choose their own time zones, and dates / times will adapt to them.

Support for different character sets and Unicode

Serve different theme images for different languages

Right-to-left languages possible

Professionally designed user interfaces

AJAX techniques: Streamlined website interaction.

WYSIWYG editing

Tutorials: Over 200 written tutorials, and a growing collection of video tutorials.

Displays great on mobiles: Mobile browsers can be automatically detected, or the user can select the mobile version from the footer. All public website features work great on QVGA or higher. The default theme is also responsive and will adapt to the client screen size.

A consistent and fully integrated feature-set: Breadcrumb navigation, previews, and many other features we didn't have space to mention here – are all present right across Composr.

Supports different URL schemes and textual monikers

Automatic site-map generation: Both XML Sitemaps and sitemaps for users.

Metadata: Meta descriptions and keywords for all content. Auto-summarisation.

Keyword density analysis when previewing content

Correct use of HTTP status codes

Content-contextualised page titles

Semantic and accessible markup (e.g. ‘alt tags')

Compliance with major data protection legislation such as the GDPR

Allow members to download or purge their personal data from their profile. Set a limit on the number of days between downloads / purges to preserve server resources.

Also manage member data to a more technical degree in the Administration Zone.

Allow members to purge their data upon deleting their member account

Composr is careful to maintain important data (such as warnings or bans) when members request their data to be purged from their profile. But this data can still be purged on the admin side (in the Admin Zone).

Automatic generation of a basic Privacy Policy based on site settings and installed addons

Cookie Consent notice

Set declarations on the rules page which members must agree to on registration (or whenever they are changed) which are also stored in the database and e-mailed to the member as a written copy

Automatic detection, logging, notifying, and banning of hackers

2-factor-authentication: E-mail based 2-factor-authentication security when unrecognised IP addresses are used with certain usergroups (optional, Conversr-only).

Password strength checks: Enforce minimum password strengths based on length and use of upper / lower case, numbers, and symbols, and avoiding repeated characters (Conversr-only).

Architectural approaches to combat all major exploit techniques

A JavaScript framework that makes XSS attacks virtually impossible

Defence-in-depth: Multiple layers of built-in security.

Encrypted custom profile fields: Once set the CPF can't be read unless a key password is entered (Conversr-only, requires OpenSSL).

Extensive support and use of Content Security Policy (CSP)

Track failed logins and automatically ban brute-force attacks

HTML filtering

Protection against CSRF attacks: Forms and AJAX requests make use of randomly generated POST tokens

Root-kit detection kit for developers

Cookies are secure and HttpOnly where possible to prevent session hijacking

Set number of days that passwords expire or must be changed

(Conversr Only)

Issue warnings (with an optional Private Topic sent to them) for unruly members. Optionally include one or more of several punitive actions as explained below.

Ban the member's IP address so they can no longer access the site from that device (this also adds their IP address in your htaccess file)

Ban the member so they can no longer log in (and their profile can no longer be viewed by others except high-ranking staff)

Report spammers to public blocklists such as Stop Forum Spam

Put members in a special restricted 'probation' usergroup for a specified number of days

Silence a member from the forum or topic on which they made their problematic post (this also works on comments).

Change a member's usergroup (useful to de-rank them)

Automatically delete recent or violating content / posts posted by the member

Charge points from the member's balance (also affects rank points to penalise their ability to rank up)

Reverse recent point transactions members made in abuse

Save and load explanatory messages for future use

Automatically generate punitive action text in the Private Topic sent to the member

Members can view their account standing on their profile, including any active punitive actions and their warnings history

Staff can view full details of individual warnings including an action log and options to undo some of the individual punitive actions

Develop your own cns_warnings hooks to define additional punitive actions that can be used with the warnings system

Use one of the several pre-defined "reasons" for a warning in the dropdown to include the warning in your site statistics (for number of warnings issued by reason).