Understanding roles, part five – forum roles

As the name implies, forum roles control the privileges to forums. Forums are the key structure in phpBB and where most of the action happens, so there must be a lot of ways to finely tune access to forums.

Forum roles are most typically used to control forum privileges as they simplify the process. I will also demonstrate a way of circumventing these roles to set more granular forum permissions.

User roles provide a broad set of permissions, many of which extend to work users do in forums. Allowing attachments to posts is one example. Since roles are bundles of permissions, permissions in forum roles may override some user role permissions.

Pre-defined forum roles

The following forum roles come built in to phpBB:

  • No Access. Can neither see nor access the forum. This should be applied when you want to hide a forum from appropriate groups and users. You most typically use it to hide forums from guests and bots.

  • Read Only Access. Can read the forum, but cannot create new topics or reply to posts. You often see this role applied to guests.

  • Limited Access. Can use some forum features, but cannot attach files or use post icons. This role is often applied to newly registered users.

  • Limited Access + Polls. As per Limited Access but can also create polls. This role is also often applied to newly registered users.

  • Standard Access. Can use most forum features including attachments and deleting own topics, but cannot lock own topics, and cannot create polls.

  • Standard Access + Polls. Like Standard Access but can also create polls.

  • Full Access. Can use all forum features, including posting of announcements and stickies. Can also ignore the flood limit. Not recommended for normal users. This is often applied to more privileged users such as moderators and administrators.

  • On Moderation Queue. Can use most forum features including attachments, but posts and topics need to be approved by a moderator. This role can be applied to a problematic poster known for making inflammatory posts.

  • Bot Access. This role is recommended for bots and search spiders. It does allow bots to read the forum, so if you don’t want bots to read the forum, the bots groups should use the No Access role.

  • Newly Registered User Access. A role for members of the special newly registered users group; contains NEVER permissions to lock features for new users. This gets around a quirk in phpBB where newly registered users can start new topics (which have to go through moderation) only because they are also in the registered users group. It’s strange that phpBB is not configured this way by default.

There is one other implied role: No role assigned. As the name implies, it indicates a lack of permissions in the defined context, so other forum permissions if they exist are used instead.

Setting forum roles

Generally, it’s best to attach roles to groups. Attaching roles to users can be done, but it makes it hard to fix permissions issues. Most likely, roles already exist for groups accessing your forums. However, when you create new forums, you often need to attach some roles to the users that will use them, generally through group forum permissions: ACP > Forums > Forum based permissions > Group forum permissions.

First, select the user group whose roles you want to change or add. In the Look up usergroup dropdown, select the group then press Submit.

On the next screen, select the forum or forums you want to add or change roles for, in the appropriate Select a forum select list or dropdown. The dropdown is used to select a set of forums inside a category. Then press Submit.

Finally, you have an interface for changing or adding roles for each forum for the user group selected. See screenshot below. In the Role dropdown, select the role to be applied for the forum and user group. When all are set as desired, press the Apply all permissions button at the bottom of the screen.

Assigning roles to forums
Assigning roles to forums

 

Creating new forum roles

You can define a forum role using similar procedures for user, moderator and admin roles: ACP > Permissions > Permission roles > Forum roles > Create role. In general, the existing roles make it unlikely that you will need to create other forum roles.

Overriding role permissions

While not a good idea generally, I should point out you can override forum role permissions for groups and users. Use either:

ACP > Users and groups > Users > User forum permissions

ACP > Users and groups > Groups > Group forum permissions

Here’s an example of how it can be done for a user’s forum permissions.

In this case, Jane Doe is a teacher and in the teacher’s group, so she has Standard Access role’s permissions to the teachers’ forums. This means she cannot post sticky topics, i.e. posts that stick to near the top of the list of topics in a forum.

We would like to allow her to post stickies but not change her permissions otherwise.

User forum permissions, pick user
User forum permissions, pick user

 


We first enter her name by entering it in the Find a member field and pressing Submit. See screenshot above.

User forum permissions, select a forum
User forum permissions, select a forum

Then we pick the forums where we want the permissions applied. In this case, it makes sense to select the Teachers forums category and the forums inside it. Once selected, press Submit. See screenshot above.

On the next screen, the role shows no role assigned because no user role has been applied. The user still has a group role applied. Click on the Advanced permissions link.

You can then select any permissions you want to grant. In this case, I granted the Can post stickies permission by changing it to Yes. Since multiple forums should be show on the screen, do this for each forum in the category. See screenshot below, which shows only the permissions for the category.

 

User forum permissions, advanced permissions
User forum permissions, advanced permissions

Clicking the Apply permissions button will make the permission stick for this forum, or do all then press the Apply all permissions button at the bottom. Now Jane Doe has the necessary added permission, but it was done outside of the forum role.

 

Understanding roles, part four – administrator roles

It’s tempting to think of administrators as one size fits all, but you can have various kinds of administrators. The kinds of administrators are based on the roles they are given.

If you don’t want to be granular about administrator privileges, simply add the user to the administrator’s group: ACP > Users and groups > Groups > Manage groups > Administrators > Members. In the Add Users block, enter the usernames on separate lines that you want to make administrators. Use the Find a member link if needed, and press Submit when done. See the screenshot below.

Adding an administrator
Adding an administrator

These new administrators will inherit the Standard Admin.

There are four administrator roles:

  • Standard Admin. Has access to most administrative features but is not allowed to use server or system related tools.

  • Full Admin. Has access to all administrative functions of this board. Not recommended.

  • Forum Admin. Can access the forum management and forum permission settings.

  • User and Groups Admin. Can manage groups and users: Able to change permissions, settings, manage bans, and manage ranks.

The main role to worry about is the Full Admin role, because if you grant it, then you are giving the administrator virtually complete control of the board. The administrator is not technically a founder but might as well be since they can do pretty much anything a founder can do too except make themselves a founder or create additional administrators.

If you want to make someone a founder, you first must already have founder privileges.

ACP > Users and Groups > Manage users

Enter the user’s name and press Submit. In the Founder field select Yes and press Submit.

You can also create a new Administrator role if you want similar to the process used for moderators: ACP > Permissions > Permission roles > Admin roles > Create role

Large and busy boards might find a need to assign people to the Forum Admin and User and Group Admin roles.

These new administrators get into the Administration Control Panel the same way as you do: by selecting the link in the navigation bar or from the link that appears in the footer.

Understanding roles, part three – moderator roles

In addition to having global versus forum-specific moderators, phpBB allows you to place moderators into various roles. The permissions of the role determine how much power a moderator has. These moderators roles come out of the box:

  • Standard moderator. This type of moderator can use most moderating tools, but cannot ban users or change the post author.

  • Simple moderator. This type of moderator can only use basic topic actions. They cannot send warnings or use the moderation queue.

  • Full moderator. This type of moderator can use all moderating features, including banning.

  • Queue moderator. This type of moderator can use the Moderation Queue to validate and edit posts, but nothing else.

There is nothing to stop you from changing the default permissions for these moderator roles. The process is similar to changing user roles.

You could create a new moderator role. Let’s say you have a popular and busy forum with a lot of topics that are out of place. You want to keep the primary moderator for handling the bigger duties, but delegate moving topics, splitting topics, merging topics and locking topics to another type of moderator via a moderator role.

ACP > Permissions > Permission Roles > Moderator roles

First I create the role called Special Moderator. Since a Full Moderator has all permissions, I’ll start with its permissions and take away permissions I don’t want the role to have.

Create new moderator role, screen 1
Create new moderator role, screen 1

I enter “Special Moderator” in the Create role field, and select Full Moderator from the Use settings from dropdown, then press Submit.

On the next screen, I first went to the Post actions tab and clicked on the No column to disallow all those privileges. I did the same on the Misc tab. On the Topic actions tab, I left these as is. See the screenshot above. Pressing Submit created the role.

 

Create new moderator role, screen 2
Create new moderator role, screen 2

With the group now defined, I can select members to have this role. Since I want these moderators to do this for any forum, it’s easiest to make them global moderators, but with the Special Moderator user role.

ACP > Permissions > Global permissions > Global moderators

Assigning moderators, screen 1
Assigning moderators, screen 1

See screenshot above. The first step is to add the users to get this role in the Add users block, then pressing the Add permissions button. The Find a member link makes it easy to find the usernames, if you don’t know them.

The next step is to assign the moderator role to these users. In the Role dropdown, I select the Special Moderator role I created, then pressed the Apply all permissions button. See screenshot below.

Assigning moderators, screen 2
Assigning moderators, screen 2

Done!

Understanding roles, part two – user roles

User roles bundle sets of permissions that apply to what users can do on your board. There are six built-in user roles:

  • Standard Features. Can access most but not all user features. Cannot change user name or ignore the flood limit, for instance.

  • Limited Features. Can access some of the user features. Attachments, emails, or instant messages are not allowed.

  • All Features. Can use all available forum features for users, including changing the user name or ignoring the flood limit. Not recommended.

  • No Private Messages. Has a limited feature set, and is not allowed to use Private Messages.

  • No Avatar. Has a limited feature set and is not allowed to use the Avatar feature.

  • Newly Registered User Features. A role for members of the special newly registered users group; contains NEVER permissions to lock features for new users.

If you want to create a new role, there is nothing from stopping you. ACP > Permissions > Permission roles > User roles. Enter the new role name in the Create role field, then select the role you want to inherit the permissions from in the Use settings from dropdown. Then press Submit. Change the permissions as desired for each tab.

Once a new role is created, you generally want to assign groups or users to the role. Use one of the following paths:

ACP > Users and groups > Users > Manage users

ACP > Users and groups > Groups > Manage groups

Understanding roles, part one

What is a role?

Roles are one of phpBB’s most useful but most obscure features. It can be a little hard to understand what roles are intended to do.

Roles essentially are a collection of permissions with a name. This collection of permissions can be assigned broadly to users of various types (users, administrators or moderators). For example, the Standard Features user role describes the privileges users with this role have.

You can view and change these permissions: ACP > Permissions > Permission roles > User roles > Standard Features > Edit

User role permissions
User role permissions

The screenshot shows some of these user permissions for the Standard Features role. The permissions comes in four sets, represented by a tab. The Post permissions are shown. It is green because all permissions are set to Yes. Change just one of these to No or Never, and the green turns into blue. The Profile, Misc and Private messages tab are blue, letting you know that at least one of the permissions on these tabs is not Yes. If the color is red, all the permissions on the tab are either No or Never.

Since these are user permissions, any user granted the Standard Features role will get these permissions, such as the ability to attach files. These are the default permissions. Forum permissions may override these settings.

What’s neat about roles is that you can change them at any time. Don’t want to allow this role to attach files? Change it to No or Never and the permission goes away immediately. A No permission might be overridden by a subsequent Yes permission, but a Never permission cannot be overridden.

Types of Roles

Four categories of roles exist:

  • User roles. These are broad permissions that apply to any user of your board.

  • Administrator roles

  • Moderator roles

  • Forum roles. These allow permissions to be finely tuned for individual forums. They are applied after any user role permissions and may override any user role permissions.

You don’t generally need to backup all of your tables before updating phpBB

Updated October 13, 2019 to mention that the phpbb_migrations table is always changed with an update.

When updating phpBB, you should backup your database. That’s the guidance given by the phpBB Group. Updates occur when you are moving from one micro version of phpBB to another, say 3.2.6 to 3.2.7. When moving from minor versions, like 3.1 to 3.2, you are doing an upgrade and different procedures apply.

It’s never a bad idea to backup your database. It can be done manually in phpBB: ACP > Maintenance > Backup. This method though is not foolproof. Particularly on larger forums or on shared hosting, backups can time out. Sometimes you think you have a complete backup and you don’t. The only way to know for sure is to download it, and examine it in an editor. If the bottom of the file shows the phpbb_zebra table is being populated and ends with a semicolon, it should be complete. Web hosts often offer features that make automatic database and file backups for you.

But it turns out that when making updates, generally not much of your forum’s database actually changes. Only two tables are guaranteed to change: phpbb_config and phpbb_migrations. (I use phpbb_ as your table prefix. Yours may be different. You can see your actual table prefix in your forum’s config.php file.) This is because phpBB always tracks the current version of phpBB installed, and it is stored as a row in this table. And with each update, one or more rows are added to the phpbb_migrations table to indicate what migrations were made.

Most updates don’t affect many tables. In fact, it’s typical that only the phpbb_config and phpbb_migration tables are affected.

So there is no point in making a full backup of your database prior to updating if you don’t need to. It’s a real hassle on larger forums.

It turns out that if you look through phpBB’s code you can figure out which tables are updated. The /phpbb/db/migration folder contains a number of subfolders. The programs in these subfolders do the work of changing your database during updates.

For example, there is a v320 folder. This contains the migration programs used to bring phpBB up to version 3.2.0.

There is also a v32x folder. This contains the migration programs used for each version update of phpBB 3.2. You can infer from the file names which these are. For example, v321.php and v321rc1.php are used to update from phpBB 3.2.0 to 3.2.1. “rc” in the file name means “release candidate”. There is typically at least one release candidate before an official release. So it’s a matter of reading these programs to see what tables are actually affected.

That’s what I did, and you can see the results on my Do I need to update page. Or you can examine them yourself. I’ll keep the update page updated as new micro releases occur. You might want to bookmark it and refer to it before doing your own update.

Of course, I do updating as a service. You can see my pricing here and send me a service inquiry if you’d like to get started.

If you do it yourself, follow the official procedures on phpBB’s update page. But you may decide to backup only the tables that are actually changed to save yourself extra hassle. If an error occurs, restore these tables and recover your files.

 

Using unapproved extensions is dangerous

As more phpBB extensions are developed, they are becoming more popular. Extensions add functionality to phpBB beyond what is available by default. Based on my work with clients, most have extensions installed, so I factor them in when updating or upgrading their forums. They often need to be upgraded as well when a forum is upgraded or updated.

The phpBB Group maintains a database of approved extensions. Both the phpBB Group and me recommend that if you install an extension that you only install extensions downloaded from this database. This is because approved extensions are quality checked by the phpBB Extensions Review Team. The team thoroughly inspects the extension and ensures they adhere to all coding standards as well as use best practices to minimize security issues. An extension typically goes through a number of reviews before it is accepted, if it is accepted. So you can have confidence that if you download an official extension it is of high quality and secure.

If you are not familiar with how to install extensions, the instructions are on the Manage extensions page: ACP > Customise > Manage extensions.

Unapproved extensions fall into two categories:

  • Extensions in development
  • Third-party extensions

Extensions in development

Extensions don’t appear out of nowhere. Like all software, they go through a development process. You can see a list of extensions in development on that forum. The topic title is prefixed by the state of the extension in brackets. Links to the extension for downloading are in the first post. If you have feedback on the extension, you leave it as a post on the topic.

The phpBB group has extension authors self-certify the quality of the extension they are creating. This is similar to other software. The levels from most risky to least risky are:

  • [DEV] – Development – the extension is very recent and is being issued for feedback and to refine features. It should only be used on a test board.
  • [ALPHA] – Alpha – The extension is no longer in development. The feature set is largely set and the code quality has been refined. Traditionally an alpha release has meant that it is to be used “within an organization”. Alpha release testers are expected to provide feedback and significant bugs and security issues may be experienced. “Within the organization” has no meaning with phpBB so it simply indicates it’s out of the principle early development phase. Using it on a live, production board is quite risky and definitely not recommended. A download link is usually provided.
  • [BETA] – Beta – The extension is designed to be used and tested by a larger group of people. There may be significant bugs and security issues. It should not be used on a production forum, but the code quality should be pretty high at this point and most bugs should have been addressed. A download link is required.
  • [RC] – Release candidate – Most of the bugs have been found and fixed. The release candidate could be submitted for formal review for inclusion as an extension if no more issues are discovered as a result of testing. The extension should be stable with no more features anticipated. Using it on a production forum is not recommended, but if you choose to do so anyhow it is likely to work as intended and not show any problems. Release candidates are submitted to the phpBB Group extension review team at the author’s discretion.
  • [CDB] – Customise database. You will see this in the Extensions in development forum. It means that the extension is approved. There should be a link to take you to its official page on phpbb.com. The topic is locked.
  • [ABD] – Abandoned. The extension author abandoned work on the extension. It is not approved, should not be used but some other extension author could take up working on the extension. These are placed in their own abandoned extensions forum.

There may be multiple versions of the extension in each phase. Generally extensions in development start with 0.1 and as an extension reaches Alpha or Beta stage it becomes 1.0. But there is no fixed standard for version numbers other than the PHP Composer guidelines. The extension is usually suffixed by the build quality, ex: 0.1.0-dev. The extension is usually downloaded from GitHub.

Third-party extensions

Third-party extensions are usually developed by commercial companies and typically tie into existing products outside of phpBB. Companies can submit their extensions for review by the phpBB group but usually don’t. This is because a review is time consuming. It can take months to get a review, then multiple issues must be fixed, and the extension resubmitted. This is not agile enough for many companies. In addition, the phpBB Group frowns on software that does not use an open source license. Many third-party extensions are issued with open source licenses but tie into products or services that are not.

When you use one of these extensions, you are assuming significant risk. Obviously, these companies don’t want their reputation besmirched, so generally they will take the time to write a quality extension and possibly adhere to the coding standards for extensions. But since in most cases they aren’t approved extensions, they are risky because they were not reviewed by the phpBB group to ensure their quality. They are typically downloaded from the company’s website or from their GitHub page.

Tapatalk

Tapatalk is a smartphone app that allows you to use the same user interface to access multiple forums, phpBB or otherwise. Prior to phpBB 3.1 the Tapatalk modification was widely used because styles for phpBB were not responsive, i.e. did not resize intelligently for mobile devices. Since phpBB 3.1, approved styles must be responsive, so users can use a browser on their smartphone to access the forum without the hassle of the past. Still, many people like the convenience of using one app to access multiple forums, so Tapatalk developed an extension. It creates an interface between phpBB and the Tapatalk app.

This extension is not approved and likely would never be approved by the phpBB Group. Why? When you install the extension, although an interface is seen in the /ext folder as usual, there is also a /mobiquo folder installed in your forum’s root directory. The software in the /mobiquo folder does most of the work of communicating between phpBB and the Tapatalk app. Tapatalk is available for other forum solutions too, and they use a similar architecture. The /mobiquo folder does all the data munging, so it is unique and proprietary. phpBB’s extension architecture requires that all extensions work within the /ext folder. Since Tapatalk doesn’t do this and its data munging is proprietary, it’s unlikely to ever be approved. It’s clear that Tapatalk developers don’t want to try.

More importantly, Tapatalk injects a major vulnerability in that it can bypass phpBB’s functions that do important work like posting to the database. This makes it dangerous. You should encourage your users to use a mobile browser instead of Tapatalk to access your forum. Ideally, you should disable and uninstall the extension.

Cleantalk

Cleantalk is an antispam service. Cleantalk’s extension for phpBB is approved, but it’s very old (2016 as of this writing). It may be that a newer version of the extension has been submitted for review, but the version on phpBB.com probably won’t work on phpBB 3.2. If it does, it’s missing many features. So as a practical matter, if you use Cleantalk you will want to get its most recent published version off of GitHub. Just bear in mind it’s a version that has not been approved by the phpBB Group, so using it may be risky.

Proprietary style user interfaces

Many proprietary (paid) phpBB styles come with a user interface that makes it easier to customize the style, doing things like changing background colors easily, swapping in different logos, changing fonts, etc. Because these styles are proprietary, they are not free and thus not allowed on the list of approved styles for phpBB. Consequently, extensions bundled with their styles are not approved as well. Using a proprietary style incurs some risk by itself. Using an extension used to manage the style adds additional risk.

The phpBB file structure

I try to write at least one “tip” post a month. Today I want to dig into phpBB’s file structure. Looking at the folder and file names, a lot of it is self explanatory, but not all of it is.

To start, the file structure has two parts: data and software. Most of it is software which is replaced with upgrades or updates. But some of it is pure data and must be carefully avoided when upgrading or updating. Note that most of your content is actually stored in a database attached to your forum.

Data folders

There are three data folders:

  • /files contains any files that are uploaded by users, with a few exceptions. Mostly these are images attached to posts, but sometimes they are documents attached to posts if permissions allow. If you go into the files folder though, you will see file names that don’t look the least bit like images and lack the file suffix you would expect, such as a .jpg, .gif or .png. The file names look all scrambled, such as “2_09acd47ea11adef5e4d9cac2903e4ddc”. This is mostly a random hexadecimal file name created by the phpBB software. Its purpose is to hide the intent of the file. If a file represents a thumbnail, it is prefixed with thumb_. phpBB uses a database table, the phpbb_attachments table, and a program called download/file.php to actually render the file. file.php sends HTTP headers that tell the browser how to interpret the file, such as a JPEG image. It’s actually quite clever — security through obscurity! Unless you are on the forum reading a topic, you have no idea what the uploaded file name was, its file type, or who uploaded it. Moreover, you can only indirectly download it. You don’t want to tamper with this folder as it must be consistent with the phpbb_attachments table. Since uploaded files must be stored, this folder must have 777 file permissions.
  • /images contains images, which is not too surprising but not any images users attached to posts, as they are in the /files folder. If you drill down into the folder you will see a bunch of subfolders that describe the content of images placed inside them, such as /avatars, /ranks and /smilies. If you allow users to upload an avatar, they are stored in the /images/avatars/upload folder, which is why this folder should have 777 file permissions. If you add rank images or smilies packs, they must be uploaded with FTP into the appropriate folder to be seen and used. In general, you don’t need to mess with this folder. Just leave it alone. But since there is no software inside it, it’s a pure data folder.
  • /store contains miscellaneous files that may be created by phpBB. It is most often used to store an extract of your database, which you can do: ACP > Maintenance > Backup. If you recover your database, it will read the file placed here using the ACP > Maintenance > Restore function. It has occasional other uses. When upgrading or updating phpBB, lock files are created here. If things go awry you may have to manually delete them. Extensions that store data outside of the database may also write data here. These folders must be identified by the vendor and extension name. For example, my digests extension uses a /store/phpbbservices/digests folder.

Styles folder

The /styles folder can be considered a data folder, but only if you made custom changes to the styles. Your custom changes will get overwritten with a phpBB upgrade or update, or if you update a non prosilver style. As a general practice, you should backup all your folders and files before upgrading or updating. But if you made custom changes to a style, you really need to back these up and reapply them if desired after an update or upgrade. You might want to read my post on creating a custom style to minimize the impact of these changes.

Cache folder

The /cache folder hints on its function: it creates a “cache” of PHP scripts that speed up the process of rendering web pages. For example, your style creates a unique look for your site, so parts of the web page are actually a .php program placed here dynamically created by phpBB.

The cache folder is new since phpBB 3.0, but since phpBB 3.2 there are two major subfolders: /cache/production contains your “production” cache and /cache/installer is used during updating or upgrading phpBB. The cache folder itself must have 777 permissions so they can be publicly written to. The same is true with all folders and files inside it: folders must have 777 file permissions and files must have 666 file permissions.

When you click on the “Purge the cache” button in the ACP, you are destroying files in the /cache/production folder. If you accidentally delete files in the cache folder outside of phpBB, they will get recreated. You will notice a little lag rendering these web pages while the cache files are recreated.

Tip: if you get weird error messages that seem to lock up your board, use your FTP program or web host control panel file manager to delete the files and folders in the /cache/production folder. Often, the site will come back up with a page refresh!

config.php file

This is a critical file in your forum’s root folder that is essentially a data file and should not normally be messed with. Why? This joins phpBB software to your database, so it contains your database host server, name and the credentials of the account (including the password!) to your database. Consequently, don’t mess with this file unless you know what you are doing and do not allow it to be publicly readable. Ideally, the file will have 600 file permissions.

Tip: if you move from PHP 5.x to 7.x and you get a message saying mysql drivers are not supported, edit the line in this file:

$dbms = 'mysql';

changing to:

$dbms = 'mysqli';

and your forum should come up! PHP 7 does not support older mysql drivers and requires the newer mysqli (i is for “interactive”) drivers.

Software folders

With the exception of the above files and folders, all the other folders and files are software. I use the term “software” liberally. Technically, only PHP programs and Javascript files are “software” in that they implement programmatic logic. In reality though there are a host of technologies used to render phpBB including HTML, CSS, jQuery and XML. 

For the most part the folder name describes what they do, so I’ll concentrate on important folders.

  • Principle programs. The principle programs are in the forum’s root file. For example, index.php renders the index and viewtopic.php assembles and presents all posts in a topic. Obviously you don’t want to edit any of these.
  • /adm contains the styles used inside the Administration Control Panel. The actual ACP software is in /includes/acp.
  • /ext folder contains extensions. Extensions are additional functionality that developers write that does not come “out of the box” with phpBB. They are placed in an ext/vendor/package folder. For example, my digests extension if installed is in the /ext/phpbbservices/digests. The vendor is phpbbservices and the extension name is digests. These must be uploaded with FTP then enabled: ACP > Customise > Manage extensions
  • /includes contains key support programs used by the principle programs.
  • /language contains various language translations. British English is provided. If you install one or more language packs, they are uploaded to this folder. For example, a French language translation will be in a /language/fr folder.
  • /phpbb contains a set of phpBB objects and services that “object-orient” phpBB. This object-orientation became system-wide starting in phpBB 3.1. Most programs in the /includes folder as well as the key programs use one or more objects or services in these folders.
  • /vendor contains third-party software than phpBB needs to run. Since phpBB 3.1, phpBB has depended on a number of high-quality, 3rd-party software solutions. If you look inside the /vendor folder you can see all of them. For example, phpBB uses the /vendor/twig folder’s software for handing its templates, i.e. inserting dynamic data into web pages.

Hopefully this gives you a good idea of how phpBB’s file organization works.

 

Your web host may be virtual

Introduction

I recently wrote a post about putting phpBB in the Google Cloud. I learned that it’s not too hard to do if you have decent technical skills or even if they are more modest. There could be some serious upsides to putting your forum in a cloud like Google’s, Amazon Web Services (AWS) or Microsoft Azure. (There are other cloud vendors out there.) These could include lower costs, higher uptime, and scalability if you forum gets suddenly popular.

Most of us though contract with web hosts. For example, I use Siteground. Web hosts have server rooms somewhere where they keep all the equipment they need to host your forum plus lots of other websites. Most web hosts have multiple server rooms in various countries. The closer these are to their customers and their site viewers, the better. For example, Siteground has server farms in Chicago, London, Amsterdam and Singapore. They have incentive to organize their data centers to be fast and reliable because they control them. Siteground does this not only with four server farms, but by having an end-to-end solid state infrastructure. They figured out that although solid state drives (SSDs) were more expensive, they were heaps more reliable and faster than filling their server rooms with mechanical disk drives. It’s been key to their success as a company.

Virtual hosting

These days though some web hosts are figuring out they don’t need to bother with the actual hosting anymore. There are two ways they do this. One is old, the other is new.

The first way is to be a reseller. For example, ABC Hosting may actually rent servers in (hypothetically speaking) a Rackspace server room. Becoming a reseller is not hard. Siteground will let you be a reseller. Resellers are often people like me who have multiple clients and as a convenience to their customers also provide hosting. I don’t want to bother setting up a server farm, particularly if I can lease one. If I did, I would probably choose to become a Siteground reseller, since Siteground’s spiffy servers sold me on being their client. Siteground would provide a front end console for me to use, and consoles that my customers would use too to which I would apply my own logo and some custom pages. From the customer’s perspective, it looks like I have my own server room. The downside is that I would become responsible for any hosting issues. I would essentially be the support department, and I’m not available 24/7. I don’t want to get involved in the minutia of my client’s hosting, so I don’t expect to ever become a reseller, even though it would generate a good deal of passive income for my business.

The second way is that some web hosts are becoming virtual by using cloud providers. Who’s the number one host on the web? You probably don’t have to think too much: GoDaddy. You may be surprised to learn that in 2018, GoDaddy decided to move much of its hosting inside AWS. You can read why here. Basically, GoDaddy realized that AWS built a much better infrastructure. They can resell Amazon’s cloud services under their own label for less than they can maintain their own hosting centers. AWS has a sophisticated set of services and they have the fast connection and high reliability thing all figured out. This is not good news for GoDaddy’s hosting staff. Presumably most of them will be laid off at some point.

All this suggests that web hosting will be undergoing a fundamental transformation as hosts ditch their own hosting centers to find better reselling deals in the cloud. In short, your web host may become a virtual web host. If you host on GoDaddy, there’s a good chance it’s already virtual hosted on AWS.

Should you host in the cloud?

This does raise the question: why not just buy your hosting from a cloud vendor like AWS and skip a middle man? If you read my posts on cloud hosting, you’ll realize the main issue is that cloud hosting tends to be complicated to set up, maintain and troubleshoot, at least from the perspective of someone trying to get some web space without a lot of technical skills. Virtual web hosts like GoDaddy essentially become front ends for optimizing the hosting experience for people likely a lot like you who want the process to be simpler. So they offer 24/7 support, domain management and basic customer handholding while putting up a virtual front end that suggests they are doing all this themselves when in fact the technical infrastructure is outsourced to a major cloud vendor.

My bet is that at some point Siteground will do the same, in which case I will have less reason to use them. If I know a suite of virtual web hosts are all using AWS, for example, I can get choosier and choose a virtual host based on their support and the ease by which I can do things via their control panels. I can assume the reliability and speed will all be excellent since they are hosted in a professionally managed commercial cloud. Since I do have the technical skills to put my sites in a cloud like AWS, at some point I will probably just do that. I pay a premium primarily to call someone on the phone to resolve some technical issues. Right now the $20/month I pay for Siteground hosting for my domains is reasonable, even though I am guessing I could pay $10/month or less putting my sites in the cloud. I’d just have to fix any technical problems myself, and right now the cost difference doesn’t make it worth my time.

For most of you, this is probably true too. Price is certainly important when you decide who to host with, but ready support, easy interfaces to managing your sites and fast page load speeds probably matter more. At some point you either won’t know or won’t care if your web sites are actually in a major cloud vendor’s facilities somewhere. Virtual web hosts aren’t probably going to advertise this either.

If interested in Siteground hosting, use my affiliate link

If you are intrigued about my discussion of Siteground for web hosting, learn more on my rehosting page. If you decide to host with Siteground, please use my affiliate link. You won’t pay anything extra and I will earn a small commission.

Installing phpBB in the Google Cloud

Introduction

In this post I’ll go through the steps for installing phpBB in the cloud, Google’s cloud in this case. More specifically, I will show how to do it using their Google Compute Engine, which offers Infrastructure as a Service (IAAS). In this example I use the prebuilt (and free) Bitnami solution. It won’t get into advanced topics, like fine-tuning phpBB to run on the Google platform.

If you haven’t read my two posts on cloud computing, you should before trying any of this.

Creating a virtual machine on the Google Cloud

The first step is to create a virtual machine on the Google Cloud. This is your personal web server, but it is virtualized so that you have complete control over it, but it’s actually on a machine shared with many others. To create a virtual machine on the Google Cloud, you first need to have a Google Cloud account. No sweat there. Google will give new users a $300 credit to play with its infrastructure. Or you can use a micro instance at no cost. Here I show installing a micro instance of a virtual machine.

  1. Go to Google Cloud at https://cloud.google.com/.
  2. Create an account on the Google Cloud platform if you haven’t already. You might want to click on the Get started for free button if you are new to the Google cloud. If you have an account already, then click on the Console link near the top right corner of the page.
  3. On the blue navigation bar near the top, if you have any projects defined you will see a list of them. Regardless, open the dropdown to the left of the search field. Then select New project.
  4. Enter a project name in the field. I entered “My phpBB forum”. This is only for your reference and isn’t seen by the public. You probably don’t want to attach the project to an existing project since you are probably new to the Google Cloud. If so, ignore the Organization field. Then press the Create button.

 

Creating a new project on the Google Cloud platform
  1. Generally it takes a minute or two to create the project. Eventually a dashboard page appears for your new project.
  2. Under Getting Started, select Deploy a Pre-built solution.
  3. In the search field, type “phpBB“. One or more pre-built solutions may appear. If you click on a prebuilt solution, it will give you the estimated cost per month to run the solution. The actual cost depends on the traffic your site gets, how much you use in the way of Google’s resources, and whether your prebuilt solution comes with a monthly charge. I suggest picking “phpBB Certified by Bitnami“. Note that Bitnami does not charge a monthly usage fee, so your costs are solely based on the resources you use. The package contents on the left shows you what is installed by the solution. The operating system should be Debian (a version of Linux) and phpBB should be the most recent version. You will get an Apache webserver, a recent version of PHP, a MySQL community edition database as well as a few other tools, most noticeably phpMyAdmin, which lets you manipulate the database directly.
  4. Click on the Launch on Compute Engine button. You will get a screen that lets you configure the instance of your virtual server, which will include phpBB.
  • The Deployment name doesn’t matter, but should be something you will recognize
  • Zone is where the server hardware is physically located. Generally pick a zone close to you or where you expect a majority of your users will be.
  • Machine type directly affects cost. This can be changed later. The default micro instance is fine for getting started but probably not sufficient unless your forum is very lightly trafficked. You can choose micro, small, or a number of variations based on the number of virtual CPUs you need.
  • Boot disk size defaults to 10GB for the micro instance
  • Change other settings if desired, but it’s likely that the defaults are okay.
  • Finally, click the Deploy button. It will take a while for your virtual server to be deployed, but it will be created with phpBB installed.
Deploying a virtual machine on the Google Cloud platform
Deploying a virtual machine on the Google Cloud platform

Accessing the forum

After deployment, a number of useful links are on the right sidebar. Your phpBB forum is installed, but is only accessible by an IP address, ex: http://35.245.145.32/. Click on the Visit the Site button to login to phpBB, which is in the web root folder. The username to use is probably “user” and is in the sidebar. The password is below it. Write these down. You can get into the Administration Control Panel with the same username and password.

Accessing the virtual terminal

SSH (Secure shell) access is provided, but it is rudimentary. Click on the SSH dropdown button. It will open a pop up terminal window. You can enter any Linux commands here to administer your virtual server, as well as upload or download a file using the little wheel icon at the top right corner of the window. This is a convenient way to issue commands on your virtual server for occasional use. Since you can only upload or download one file at a time, it’s not a very practical interface for daily use.

Setting up SSH remotely

To use FTP productively, you will need to access SSH more easily using a terminal application on your local machine. This video may help in setting up a SSH connection.

Using FTP with a FTP client

Once your virtual machine has a set of SSH keys, you can access SSH remotely from your machine. But also you can now use Secure FTP to transfer files. The attached screenshot shows Filezilla configured for my virtual machine instance. Notice I’ve linked it to a key file created in the last step. This assumes you set up a BitNami instance of phpBB. You will find phpBB in the /opt/bitnami/apps/phpbb/htdocs directory

Filezilla setup with Google cloud
Filezilla setup with Google cloud

phpMyAdmin access

You may need to directly manipulate your database. You can do this from SSH if you are Linux savvy with the mysql command.

It is generally more convenient to use phpMyAdmin, a web-based tool for accessing MySQL and MariaDB databases. It takes some configuration to use it remotely, however. This article shows how to set up remote access to phpMyAdmin using the key file you acquired in your last step. The approach requires a proxy command like this that seems to work only as long as the process remains active and will look similar to this example:

ssh -N -L 8888:127.0.0.1:80 -i google-cloud-phpbb google-cloud-phpbb@35.245.145.32

To access it, you use the localhost IP of 127.0.0.1, essentially http://127.0.0.1:8888/phpmyadmin. To login use the credentials in your forum’s config.php file. You will have to sudo su root in the Google console to see the contents of the file.

To kill your local process, type CTRL-C.

Getting a static IP address

You start out with an ephemeral IP address that could change. If you want to attach a domain to your IP address, you should convert your ephemeral IP address into a static IP address. This document describes how to do this.

Creating nameservers and attaching your server to your domain

Next, you need to create some nameservers for your virtual server. This video documents how this is done:

Once you have nameservers defined, you go to your domain registrar and point the domain name to the nameservers created in the Google Compute Console. Then wait a few hours until the changes are broadcast to your local DNS server.

Next steps

Generally at this point you want to get phpBB configured. I won’t document here how to do these steps. Some of these might be:

  • Moving phpBB into a subdirectory. This is pretty easy to do with SSH access if you know Linux commands. You will need to change phpBB’s server settings, and possibly the cookie settings as well.
  • Add styles
  • Add extensions
  • Create forums, permissions and policies. phpBB’s documentation is voluminous but will tell you what you need to know.
  • Set up HTTPS. You may have to pay a bit extra for this service. See this page.

If you want to move your existing forum now to the Google Cloud platform, I can help. At this point though I don’t consider myself competent at tuning the Google Cloud for phpBB.

Basically you need to move the files and the database. Use FTP to move the files and an extract of the database. phpMyAdmin can be used to load the database in many cases. There are things that can trip up this process, such as if the PHP version is not the same between systems. I am happy to help in the process. See my rehosting page.

There is more to using the Google Cloud platform in phpBB that I may cover in future posts.