Avoid hosts owned by the Endurance International Group

As I have noted before, since I work with many clients I have developed hopefully informed opinions about many web hosts. Perhaps I should not paint with a broad brush but I do have one suggestion: avoid any web hosts owned by the Endurance International Group.

Web hosting tends to be a low profit business. With so much competition, customers will shop around for the best deal. This results in many hosts offering cheap plans for $5 or $10 per month. Web hosts can hope to find profitability in volume but since there is a lot of competition profitability usually comes from consolidation. The Endurance International Group buys web hosts. It looks like they find profitability through throwing all these companies under one umbrella and one hosting center.

I used to host with Hostgator. I found their support good and their infrastructure above average, yet their pricing was very reasonable. Then they were bought out by the Endurance International Group. Almost immediately afterward their support became crappy and I noticed delays accessing my domain as well as infrastructure related issues. When my hosting contract was over, I was happy to move somewhere else.

When you call these companies for support, you are immediately placed into a third-level support queue. After you finally connect with a human, these brain-dead support people follow scripts that are designed basically to not solve your problem and make you go away. Moreover, I found myself far more knowledgable about hosting and how to solve problems than they were. They could rarely even cover the basics. If you needed real help I found I had to badger for second-tier support.

All this is to keep their costs low since one support center for dozens of companies is obviously cheaper. But it results in inferior service, as evidenced by my experience with hostgator.com.

Endurance International Group own a lot of hosts, most pretty obscure. Among those they purchased you may be familiar with include Hostgator, Bluehost, Hostcentric, iPage and Site5. You can see a full list of the brands they bought on this Wikipedia page.

Given the low margins, the hosting business is likely to continue consolidating. There is certainly a lot of smoke and mirrors in this business. What used to be good hosting can turn into poor hosting pretty quickly when they get acquired. This is true of MediaTemple, at least it’s Grid Service, based on my latest experience since it was bought by GoDaddy. Right now my recommended hosts include Siteground for most hosting and Rackspace for dedicated and virtual server hosting.

It’s quite clear to me though that you are likely to be unhappy with any hosting owned by the Endurance International Group. So avoid.

Why you might want to use SMTP to make emailing more reliable

Emailing from phpBB is often problematic. In a previous post I looked at various ways to make sending email from phpBB more reliable.

In this post I look at why you might want to configure phpBB to use SMTP (Simple Mail Transfer Protocol) to send emails. If you are using a Windows web server (IIS), this is usually required. You can change these settings in ACP > General > Client communications > Email settings, which can be set halfway down the page.

By default, phpBB hands off email to PHP using PHP’s mail function and hopes for the best. If the mail function returns FALSE, the email should not have gone out. You won’t necessarily be know if it fails, however. Known email sending failures appear in phpBB’s error log: ACP > Maintenance > Error log.

Even if the PHP mail function returns TRUE, it may be a false report. In many cases TRUE only means that the mail was accepted. Whether TRUE means “accepted” or “successfully sent” depends on how your host’s email server is configured.

Once accepted by the email server, the email is likely to be closely examined. If it has some of the markers of being spam, it will probably get blocked from actually being sent out. In this case, you probably won’t know about it. You can greatly improve the odds that emails will go out successfully if you:

  • Create an email account that uses your forum’s domain, ex: admin@mydomain.com
  • Assert this email address in phpBB: ACP > General > Client communications > Email settings. Set this email address for Contact email address and From email address.

By default on Linux web servers (most typical kind of hosting), PHP’s mail function sends outgoing email to a sendmail process. Essentially, emailing is the job of your server’s operating system, so you can’t control it. Because you can’t control it, sendmail will be configured generically. Any other domains on the server you are using will send email out through the same sendmail process.

However, if you use SMTP to send email instead, you have to authenticate yourself with the SMTP mail server. By properly authenticating yourself, emails are likelier to go out. The downside is that it’s a bit of a hassle to set up SMTP. I discovered this on this site when I moved my hosting to siteground.com. It uses WordPress which by default also uses sendmail. Emails weren’t going out. A call to Siteground’s tech support revealed that SMTP was a better way to go. They provided the credentials to use and now my WordPress email notifications go out quickly and reliably. This should work for phpBB too.

Don’t assume that you can use an external SMTP server like GMail. Many web hosts will block outgoing SMTP email. If it’s allowed, by all means go ahead. You should check with your web host for the proper email settings to use.

One possible downside is that outgoing email quotas are likely, but that’s probably also true if your host uses sendmail. Your web host can tell you what policies if any apply to your hosting. See the previous post for instructions on how to properly set your email package size and to set up a system cron, if necessary. Make sure it works by sending a test email, an option available on the email settings page.

Cleantalk extension for phpBB can remove spam posts, plus its spam firewall feature is very useful

This is an update on an earlier post on removing spam posts.

Removing spam posts is hard because it requires actually reading the post and deciding if the post is spam or not and then using moderator tools to remove these posts. If your forum is overwhelmed with spam posts, this is a Herculean endeavor. Ideally though posts could be “read” by software and it would make the judgment on whether it is spam or not.

The Cleantalk extension for phpBB 3.1.x and 3.2.x can do just this as well as lots of other really cool tricks. My customers love Cleantalk, but the service is not free. However, it is so inexpensive that it easily justifies spending $8/year for the service. You can subscribe on the Cleantalk website. As of this writing, you can try it for free for 7 days. After 7 days, it won’t bring down your forum but it will stop working.

What is Cleantalk?

Cleantalk is essentially a huge database of addresses of known spammer sites. While it’s not perfect, based on the experience of my clients it is about 99% perfect. I originally recommended it as a spam registration solution for my clients. It still does that but is less necessary since phpBB 3.2. This is because since phpBB 3.2, version 2 of Google’s reCaptcha is supported. Unless it gets hacked, as long as you have it properly configured as a spambot countermeasure it should prevent virtually all spam registrations.

However, it has two powerful features that still keep it relevant for phpBB forums.

Cleantalk ACP Interface
Cleantalk ACP Interface

Installing and enabling Cleantalk

Cleantalk is installed like any other extension. While it can be downloaded from phpbb.com, you should download it from Cleantalk instead or from its GitHub page. This is because as of this writing the version on phpbb.com does not include the spam firewall feature, and you will probably want to enable this feature. You can access it through the Administration Control Panel: ACP > Extensions > Antispam by Cleantalk. Before you can do much with it you have to enter your Cleantalk key which you can get from their website or by pressing the button in the extension that should retrieve it for you.

Removing spam users and spam posts

As you can see from the image, once the extension is enabled and the key is properly configured there is a prominent Check users for spam button on its page within the Administration Control Panel. If you have lots of users, it may hang. Based on my experience though the next time you go into its interface you will see a list of potential spammers.

As I said, it is not perfect. So I recommend that for users with posts to check these out these users topics to make sure their posts are spam before deleting them. For those you want to delete, check the boxes next to their usernames and then press Delete marked. You can also press Delete all to remove all users and their posts. You may have to go through many pages to delete all spam users and their posts, but this is obviously much faster than doing a visual inspection of all your posts.

Spam firewall

This is a new feature which as of this writing is not available if you download the extension from phpbb.com. It keeps almost all spammers from hitting your site at all. Instead, Cleantalk’s servers grab it first. In the event the user is legitimate, there is a link that will take them to your website.

Why is this useful? Because it reduces the stress on your server by limiting it to legitimate traffic only. It speeds up the performance of your forum and makes it less likely that you will have to pay for the cost of a higher class of hosting to handle your traffic. Isn’t that worth $8 a year?

Stopping contact form spam

Cleantalk has one other useful feature: the ability to stop contact form spam. Of course you can disable the contact form (ACP > General > Contact page settings) and that will solve that issue. Or you can have Cleantalk essentially moderate it for you, passing on only valid contact forms to you. Simply check that option on the extension’s page and submit the form. Somewhat oddly, the phpBB group did not tie the contact form to the spambot countermeasure feature of phpBB. Perhaps that will come in a future release.

In any event for forums that get lots of spam and/or lots of traffic, using the Cleantalk service with the Cleantalk extension for phpBB is a no-brainer providing you know about it. Now you do!

MediaTemple grid service no longer recommended

It’s sad for me to say this, but I can no longer recommend MediaTemple’s Grid service as a hosting option. For the last 18 months or so I’ve been using this service and have gotten increasing dissatisfied and exasperated by it. Today I started the process of moving my domains off of it to Siteground.com even though I have four and a half months left on that hosting contract. This domain should now be coming to you from siteground.com servers and hopefully in a reliable and maybe spiffy fashion.

MediaTemple.net was known as one of the premier providers of business-class hosting. It was acquired by GoDaddy with the promise that it would be separately managed. It appears from my experience with their Grid service that they broke that promise with their customers. Sometimes I have to wait a minute or more to retrieve pages from my own site. It sure looks like they are overloading their servers and/or managing them very badly.

I used UpTime Robot to test whether my domains are up. Pretty much every day I will get one or more emails telling me it is inaccessible. So it was likely costing me money, motivating me to move to Siteground.com instead.

I do have clients using MediaTemple’s virtual servers and they have no complaints about that service so far. Definitely avoid their Grid service now and if you have an option you might choose some other host for your virtual or private server needs. I don’t have experience with Siteground’s, but it’s likely fine. A company like Rackspace.com is likely doing it right.

Another annoyance was revealed simply in moving my site. An old phpBB forum I have with about 50,000 posts could not be downloaded. I had to break it down into multiple downloads, including the posts table into two separate downloads. The Grid service simply cut me off when I hit some sort of resource limitation. The whole database is only 80MB or so. Shame!

How to rehost your forum

It can be hard to break up with your web host, particularly if you have phpBB on it. phpBB consists of files plus a database, and the database is stored separately. phpBB does have a knowledge base article on rehosting. You may want to refer to it. In this post I add my own thoughts and document my own processes, since I do a lot of this for a living.

Ask your new host to do it

Some hosts will move your forum along with your whole website for free for you to get your business. If they don’t, you might ask them if they will. This is a great way to go, providing they do it properly. Some hosts will move the files and forget the database, or leave that part for you. Some will do both but won’t integrate the two by fixing phpBB’s config.php file. There are sometimes other issues. File and directory permissions may change moving to a new host, that might cause issues. Of course you can always hire me to do it for you.

The process

The general steps are:

  1. Buy and setup new hosting
  2. Disable the forum
  3. Download a copy of the forum’s database
  4. Download a copy of the forum’s files
  5. Optional: change your hosts file so you can access your domain on the new host
  6. Upload your files to the new host
  7. Recreate the database
  8. Reconfigure the config.php file
  9. Test
  10. Recreate any email addresses
  11. Change the domain to point to the new host
  12. Monitor and fix settings as needed

Buy and setup new hosting

You have probably done this already. I have recommendations on my rehosting page for new hosts if you are still shopping. In some ways figuring out who deserves your business is the hardest part because the new host must be able to handle your forum’s traffic without breaking a sweat, including during spikes of traffic.

After paying for the hosting, make sure you can access it. Typically the host will provide access credentials to a web host control panel, usually cPanel or Plesk. Test your access. You need to do three things:

  1. You need to know the name of the nameservers to use. You will need this for the final step. There should be two of them, and they usually start with “ns”. They are often in an introductory email you get when you pay for hosting.
  2. Create FTP credentials. Often these are created for you, in which case make sure they work by testing them with your FTP program. Because your domain has not moved yet, you usually access FTP using an IP address.
  3. Make sure you can create a database. Look in the web host control panel for database options. In cPanel look for a “MySQL databases” option.

Disable the forum

For consistency you should disable your forum (ACP > General > Board settings) before backing up anything. You might want to first send out a mass email or post announcements indicating that the forum is being moved, so your users aren’t alarmed.

Download a copy of the forum’s database

Use a phpBB database backup

phpBB has a database backup program built into it. You can often backup your database successfully this way with this option. ACP > Maintenance > Database > Backup. For action, select Download. Press Select All to ensure all the tables in your database are backed up. When you submit the form your browser should soon note a file being downloaded.

Use a backup generated by phpMyAdmin

In your web host control panel, phpMyAdmin should be available. You can use it to export your database. Again, you want to download the result. Check the first link to see how this is done. If you are not using MySQL or MariaDB, consult your database tool to figure out how to get an appropriate backup. I recommend downloading the database as a .sql.gz file.

Backup your database from the command line

In some unusual circumstances you may need command line (SSH) access to backup the database. In addition to SSH credentials, you will need credentials to login to mysql from the command prompt. Describing this procedure is too lengthy for this post, but you can use a search engine to learn how to do this. It is challenging!

Check the integrity of the backup

This step is critical. On some hosts (shared hosting in particular) you may not get a complete backup due to resource limitations. Open the archive using an unarchive tool. Use an editor to view it. Look at the bottom of the file. It should end with the phpbb_zebra table. For MySQL/MariaDB, the last character should be a semicolon(;). If you don’t have a complete backup, you will have to get one. This may require an awkward call to your old web host for help.

Download a copy of the forum’s files

I am assuming that your do not have a larger website to move. When moving a domain you need to move all web accessible files for the domain. If you have WordPress as a front end, you will need to move WordPress too, using a procedure similar to the one for phpBB.

You can use your FTP program to download your files. This approach is often very time consuming, particularly if you have lots of files in the forum’s files folder or you need to move an entire website. For phpBB only, make sure you only download the folder containing your forum.

A better way is to use your old host’s file manager. Select all the files in the forum’s folder, or for an entire site select all the files in the web root folder. Click on the first file, scroll to the bottom then while holding the shift key click the last file. This should get all files and folders. Look for a compress option. It will create a .zip or .tar.gz file. Once the archive is generated, download it with your FTP program.

Optional: change your hosts file so you can access your domain on the new host

While this is optional, it’s almost required as it makes the rest of the work so much easier. You want your computer to use your new domain name transparently even though you have not pointed your domain to your new host yet. Instructions for Windows are here, instructions for Mac are here. You need the IP of your new host to make this trick work. When done when you use your domain name in the browser it should see your new hosting. In most cases you will see a default web page for the domain.

Upload your files to the new host

  1. Create the directory for your forum. It should be named the same as on your old host. Where to place it? It must be in a web accessible directory for your domain. Your web folder will vary but it’s usually in a html or public_html folder.
  2. Upload your files. If you have an archive, simply upload that to your forum’s folder, otherwise upload the thousands of files that comprise the software and data for your forum. If uploading an archive, use the file manager on the new host to unarchive it.
  3. Double check that the files uploaded are in the correct folder and that nothing is missing. You can delete the archive file now if you want.
  4. Check your file permissions. On Unix-based systems the following folders need to be world-writeable (777 permissions): cache, files, store and images/avatars/upload. Fix if necessary. All other files should have Unix 755 permissions.

Recreate the database

  1. In your web host control panel, create a new database for your forum. Sometimes you can specify the database name, sometimes you can only specify part of the database name. Write the name of the new database down.
  2. Next, create a database user that will be allowed to access the database. You also have to assign a password to the database user. Make it a complex password and write it and the database user name down.
  3. Give the new database user permissions to the database. Make sure you grant ALL permissions.
  4. Determine the name of the database server. It is usually on the same machine as your web server and can be referenced as localhost. But if it’s something different, write it down.
  5. Try importing the database using phpMyAdmin (for MariaDB or MySQL). Select the import tab for your database. Point it to your database extract and let it be uploaded. Once uploaded it should be read, recreating your forum’s tables. If the file is too big to be uploaded, you got to be more creative. In most cases you need a staggered importer, which generally means uploading and configuring bigdump.php. If the database was partially loaded, make sure you drop all tables in your new database first using phpMyAdmin. bigdump.php must be edited with the correct database settings before being run. Upload the database extract archive to the same folder as bigdump.php. Run bigdump.php by specifying the correct URL based on where you uploaded it. If you didn’t change your hosts file, you will need the IP of your new server. In addition, you may have to specify a folder in the URL after the IP. Often the letter you get with new hosting will contain this information, otherwise ask you new web host.
  6. Check that everything is moved. You should use phpMyAdmin on your new host in one tab, and phpMyAdmin on your old host in another tab. Make sure all tables in the old database are in the new database and that each table in the new database contains the same number of rows as in the old database. Check a few tables to make sure the structure of the table looks reasonable. In most cases there should be a primary key and one or more indexes for a table.

Reconfigure the config.php file

Most likely the config.php file you copied over won’t work as is. Most likely the database name, the database user name and the database password are all different. You can usually edit this file with your web host’s file manager. Bonus tip: if you are running PHP 7.0 or higher, you may need to change the line:

$dbms = 'mysql';

to:

$dbms = 'mysqli';

Test

Hold your breath. Using your browser, enter the URL for your forum and hope it comes up. There may be a delay of several seconds as new cache files are recreated. Fix any errors you find, which can be challenging. Your web host can help or you can hire me. Reenable the forum and test it. Make sure your style looks right, your logo is properly placed, all the forums are on the index and you can make a test post successfully.

Recreate any email addresses

When you move your domain, you should also recreate any email mailboxes and email forwards you set up for the domain. Unless email for the domain is hosted elsewhere, you should recreate these email boxes, such as your board contact email address. If you had any email forwarders, set these up too.

Change the domain to point to the new host

You are ready to go live! Go to your domain registrar. Enter the new nameservers carefully in the appropriate fields for the domain. Then wait for the DNS changes to propagate. These days most changes happen in 1-3 hours. Your users will know they hit the live forum because the forum is disabled message will not appear. Also, if you changed your host file, undo those changes.

Monitor and fix settings as needed

There are often minor hiccups in the software on a new host. Sometimes you may have to upgrade or downgrade the version of PHP used. There may be some PHP settings that have to be tweaked. Expect a few of these and you may need some help from your web host. Things generally settle down within a few days.

End phpBB update styling rework with a custom style

Updated February 15, 2018 to add a few things.

Has this happened to you? You update phpBB to the latest version and find out that your custom logo or various style changes that you tediously made to phpBB are gone, or partially gone. It’s a common problem and one reason many forum owners defer updating phpBB.

You can end this hassle by creating and installing your own custom style. Using this approach your custom style inherits most of its styling from a primary phpBB style. You then selectively override the primary style’s CSS, HTML or Javascript with your own changes. This way when the primary style you use is changed, you don’t lose your custom changes. This also ensures that your styles and templates use the most current and approved code, which often includes security patches.

In this tutorial I will show how you can do this. I will keep my example simple by using my custom style to swap out the default phpBB logo with my own logo, sized to the new logo’s dimensions. In principle though you can go way beyond this simple use. For example, your custom style can overwrite the inherited style’s colors, padding and margins, or container widths and heights. You can also overwrite HTML and Javascript files.

Overview of steps required

The basic approach is:

  1. Make a note of all the changes you made to your style
  2. Reload your preferred style
  3. Create a custom style that inherits from your preferred style
  4. Override the preferred style’s stylesheet directives. This is best done by creating a stylesheet.css file for your custom style and placing your style customizations there.
  5. If you changed some templates, place the custom version of these templates in your custom style’s template directory. Frequently, forum owners will make changes to overall_header.html and overall_footer.html.
  6. Install the custom style
  7. Make the custom style the primary style
  8. Test and refine

Let’s delve into each step to see how this is done.

Make a note of all the changes you made to your style

You probably know what these changes are, but if you have any questions you can use a file comparison tool like WinMerge (for Windows) or kdiff3 (for pretty much any operating system) to compare your files with a reference version.

  1. Download your current style folder where you made all your custom changes, such as /styles/prosilver
  2. Download a reference version of your style for your current release of phpBB. phpBB keeps a list of its releases here. If your styles are based on prosilver then you would use the reference /styles/prosilver folder for your current release of phpBB. If using a different style, find the style version you used. You may have to download it from phpbb.com or from the style author’s website.
  3. Run the file comparison tool and note the changes you made so they can be reapplied in the custom style.

Reload your preferred style

  1. Make certain you have documented all the changes you made to your style. Once they are overwritten, you may not be able to recover them.
  2. Since you made changes to your preferred style, it’s a good time to undo them. The simplest way is to upload the reference version of your style, replacing anything that’s there. Purge the cache. If you don’t see the style changes afterward, clear your browser’s cache and reload the page.

Create a custom style that inherits from your preferred style

  1. First review phpBB’s Creating & Modifying Styles page.
  2. Create a folder in the styles folder for the name of your style. In this example I keep it simple and call the folder “custom”, i.e. /styles/custom.
  3. Create a style.cfg file in this folder. Copy the style.cfg contents from your parent style’s style.cfg file. Below is the code in /styles/prosilver/style.cfg for phpBB 3.2, which I used because my “custom” style inherits from prosilver.
#
# phpBB Style Configuration File
#
# This file is part of the phpBB Forum Software package.
#
# @copyright (c) phpBB Limited <https://www.phpbb.com>
# @license GNU General Public License, version 2 (GPL-2.0)
#
# For full copyright and license information, please see
# the docs/CREDITS.txt file.
#
# At the left is the name, please do not change this
# At the right the value is entered
#
# Values get trimmed, if you want to add a space in front or at the end of
# the value, then enclose the value with single or double quotes.
# Single and double quotes do not need to be escaped.
#
#

# General Information about this style
name = prosilver
copyright = © phpBB Limited, 2007
style_version = 3.2.0
phpbb_version = 3.2.0

# Defining a different template bitfield
# template_bitfield = lNg=

# Parent style
# Set value to empty or to this style's name
# if this style does not have a parent style
parent = prosilver
  1. In my example I changed “name = prosilver” to “name = custom”. Since I want to inherit from prosilver I left the “parent = prosilver” line unchanged. If you are changing a style other than prosilver as the primary style, you need to change the parent style to the correct style name. It must match the parent folder name in the styles folder. You might also want to edit the copyright, style_version and phpbb_version lines. If it’s only for your own use, this is not necessary. Here are my changes:
# General Information about this style
name = custom
copyright = © Mark D. Hamill
style_version = 1.0.0
phpbb_version = 3.2.2

# Defining a different template bitfield
# template_bitfield = lNg=

# Parent style
# Set value to empty or to this style's name
# if this style does not have a parent style
parent = prosilver
  1. Save the file, making sure it is in the root folder for the custom style, e.g.: /styles/custom/style.cfg.

Override the preferred style’s stylesheet directives

  1. Create a theme folder for your style. In my example, this would be /styles/custom/theme.
  2. Create an images folder inside the theme folder. In my example, this would be /styles/custom/theme/images.
  3. If changing the logo, upload the logo you will use to /styles/custom/theme/images. Make a note of the image’s height and width as you will need this later.
  4. Create a file called stylesheet.css in the theme folder.
  5. To inherit styles from your parent style, you need an @import statement at the top of this file. For example, if prosilver is the preferred style, this line would be at the top of the file. Generally you just need to reference the stylesheet.css file in the parent style. You will have to amend the path so it finds the parent style’s stylesheet files. In my case for the @import line, I added “../../prosilver/theme/”. The ?v=3.2 indicates the version of phpBB expected, so it may have to be changed.
@import url("../../prosilver/theme/stylesheet.css?v=3.2");
  1. Any style changes that you want to override should now be appended to the end of this file. In the example of replacing the logo, in the prosilver style you would normally edit the .site_logo class in colours.css and common.css. In my case I added these lines at the end of my /styles/custom/theme/stylesheet.css file, which provides the correct image to use for the logo and its proper dimensions:
.site_logo {
    background-image: url("./images/mark.jpg");
    width: 181px;
    height: 229px;
}
  1. I then saved the file stylesheet.css with my changes.

Changing templates

In my example, since I am only replacing the logo so no template changes were needed. If you need to change templates there are two approaches.

  1. The simplest is to copy the template, for example, /styles/prosilver/template/overall_header.html to /styles/custom/template/overall_header.html. Then make the changes that you need to make and save the file. This has a downside: if there are changes made to this template with an update, your version won’t have them unless you manually inspect for any changes and apply them to your custom version.
  2. In many cases you want to insert some HTML or Javascript rather than change existing HTML or Javascript. In this case it’s better to use template events, if you can “hook into” an appropriate event. This way if the parent style is changed with an update, you don’t have to worry about replicating any changes to it in your style. For example, overall_header.html has a template event in it marked as <!– EVENT overall_header_head_append –>. In this case you could create an event folder in your template folder then create a file called /styles/custom/template/event/overall_header_head_append.html. Add whatever HTML you want inserted when this event is encountered into this file. A list of template events can be found here.

Install the custom style

  1. ACP > Customise > Style management > Install Styles
  2. Select the new style you created (“custom” in my example) by pressing the corresponding Install style link.

Make the custom style the primary style

ACP > General > Board configuration > Board settings. Generally you set the default style to your new custom style, the guest style to your new custom style and you may optionally want to set the override user style option to Yes. Submit the form.

Test and refine

You should not need to purge the cache if you make any stylesheet changes. However, if you make subsequent changes to any templates first purge the cache then test.

Approach when upgrading

This approach is unlikely to work correctly when upgrading. An upgrade is when you go from one minor release of phpBB to another, such as from 3.2 to 3.3. You can of course go through the process of creating a new custom style again. As for updates, this should work.

Enjoy!

Professionalizing your forum, part two

Since I wrote my first post about professionalizing your forum, I realized there are some other actions that will up your game in this area.

Monitor your domain for blacklisting

Blacklisting happens when users report to one or more blacklist sites that your site is sending out spam or contains malware. Generally you don’t get put on a blacklist inadvertently, so your site may have been hacked. It’s also possible that some email sent or reportedly sent from your domain were judged as spam or spam-like. It’s also possible of course that someone is falsely reporting your site to a blacklist. In any event being on a blacklist is not a mark of distinction. You need to monitor blacklists and take corrective action if your domain shows up on a list. Being on a blacklist can get your dropped from search engines or move way down in the rankings, as well as dramatically reduce site traffic.

Since you probably don’t want to check all the blacklists out there individually, there are services out there that can help you. If you have just one domain and getting one email a week is sufficient, you can use this site for free. They offer paid plans for multiple domains and more frequent checks, and there are other similar services so shop around.

To get yourself off a blacklist usually requires some explicit action on your part where you appeal or prove that the content does not or no longer exists.

Monitor, find and fix issues with Google Webmaster Tools

Google of course is constantly searching the web and indexing as much content on your site as you allow it to index. Google Webmaster Tools can find security issues with your site too, as well as tell you of issues like links that are bad that should be fixed.

To see reports about your domain you must take the time to register the site with Google, which can be done using a number of methods. Google will tell you if there are any critical issues but to do things like fix broken links you have to dig into their reports. Since most links on your site are going to be in posts posted by users to your forum, fixing these links is probably not worth the effort. However, there may be other links that are worth fixing.

Periodically check your WOT Rating

Browsers generally support a Web of Trust (WOT) extension. The extension allows users to easily say whether they trust your site or not. Since it’s an extension, you can install it in your favorite browser and when you are on your site monitor your reported trust status. If you notice your site trust level going down, you might want to see if there is a root cause and take appropriate actions.

There is some controversy about whether WOT can itself be trusted, since it was reported its developers were collecting your browser history without identifying information.

Use a sitemap

A sitemap indexes your forum’s content into a file that search engines like Google can read. It’s an authoritative way of describing the content on your site to search engines. There is a sitemap extension that works for phpBB 3.1 and reputedly 3.2 as well. Since it is simple to install, installing this one should be a no-brainer, providing you know about it!

Moderate, or take out the trash

A lot of administrators don’t even read their forums, or not all parts of it. It could be because the forum gets a lot of traffic and it’s a lot to keep up on. All forums should at least be moderated, either by an administrator or one or more global or forum-specific moderators. The moderation tools in phpBB are pretty good. They let users do a lot of the moderation for you by at least being able to report a post as inappropriate, spam or whatever. They won’t do this though unless you encourage them, so if this is important to you post a global announcement to this effect.

Disk space is cheap these days so moderation may seem like a lot of work. Why not just let people post whatever they want in whatever rambling way they want? For many forums this is fine, but for certain forums it’s not appropriate. You want the content to be relevant and that can be done by removing posts and topics that aren’t relevant.

Posts that seek to troll other users, inflame conversations and such are rarely desired. Here’s where you moderators can be of help, perhaps by empowering them to set up moderation guidelines for their forums setting the rules and then letting them wield the power. Hopefully this will translate into a better reputation for your forum and topics as search engines decide the content is more relevant.

As long as your moderation rules are clear, a well moderated forum where irrelevant stuff is regularly pruned is a good idea. It’s unlikely your readers want to read irrelevant content anyhow.

You might want to set up an off-topic forum for general banter, so your main forums can stay clean. Moderators may choose to move these topics into such a forum rather than remove them.

Consider pruning

phpBB has a rarely used pruning feature. It lets administrators throw out old content. This is rarely used for obvious reasons: old content is not necessarily irrelevant and it’s unlikely that you will hit some sort of quota for the size of your database. It’s possible that search engines will rank you higher if the old stuff is regularly pruned. Global pruning is an administrator responsibility. Topics can be pruned on various common sense criteria: days since there was a posting and days since someone last viewed the topic. You can prune announcements, stickies and old polls as part of pruning or not. To prune: ACP > Forums > Manage forums > Prune forums.

There is likely more to this topic that may generate future posts.

 

Professionalizing your forum

For many forum owners, their forum becomes a bit more than important. It may be a big feature of their website. It may be their website. It may contain crucial information to a very specific community. It may generate income. Or maybe its purpose is pure vanity but for whatever reason it means a lot to them. If you are one of these forum owners, you want it to gleam, seem always new and shiny, serve lots of users robustly and be reliable 24/7/365. How do you take your forum to the next level? How do you professionalize your forum?

This is not a discussion of how to better market your forum. I leave that for SEO experts with more expertise in the topic than I have. In truth most phpBB forums serve very specialized markets so they probably won’t grow beyond a certain size. Most of the forums I work on have under 100,000 posts, even if they have been around for a decade or more. I get plenty of forums in the 200,000-300,000 posts range, but it’s rare to see a forum with 500,000 or more posts.

You may already be doing some of these practices. If you have the time, energy and money you might want to implement all of these suggestions.

Styling

Your style presents a first impression. The default style for phpBB is prosilver. It looks nice, if you like a blue style with a hint of grey. There are plenty of free styles to choose from, but also paid styles as well. The paid styles may be worth investing some money in. Some are extra slick, using advanced CSS practices so that styles not only look good, but are applied quickly and intelligently. For more information, see my styling post. Going the extra mile here might be to pay one of these style vendors to custom fit a style so that it integrates slickly into your larger website or to give your forum a unique look. It may be worth the extra cost.

Collect metrics

If you are not collecting metrics on the usage of your website, you probably should be. Yes, you can see the number of new topics and posts by visiting the forum but it doesn’t tell you (at least not easily) which topics are most popular or answer other questions. Google Analytics is the 800-pound gorilla in the web analytics area. There is an extension you can add to phpBB that will report your forum’s usage to Google Analytics. But there are plenty of alternatives. Some like to keep it simple, using a service like Statcounter. Quantcast offers a more Google-Analytics experience. There are plenty of other analytic services you can use too. However, to add the code needed to capture this information usually requires editing your forum’s overall_header.html template, overall_footer.html template or both.

Understanding these reports can be too much information, but all handle the basics such as showing popular posts, visitors and common search engine terms. A careful analysis may reveal trends that you may want to exploit. For example, popular search term might suggest creating additional topics in this area to help build site traffic.

Extend your forum

phpBB Extensions allow you to offer additional functionality beyond what comes “out of the box” with phpBB. Installing extensions isn’t hard and official extensions are free and rigorously tested by the phpBB group, so you know they are unlikely to have vulnerabilities. You might want to read my post on extensions. While you should not install extensions willy nilly as they comes with some cost and risks, there are many top-notch extensions such as the recently released Advertisement Management extension that makes it easy to place ads on your forum.

Change your hosting

If you are happy with your hosting and neither users nor you are noticing any issues with performance or page speed, by all means keep your current host. Rehosting a forum is not simple as it involved moving both files and the database, plus changing your DNS to point to the new hosting. There are also costs to acquire a new hosting contract. The phpBB group has a rehosting knowledge base article if you want to try it yourself.

I have some hosting recommendations on my services page. The phpBB group has some more, but bear in mind they get some revenue if you get hosting by following their links. New hosts will often move a forum for free to get your business, at least if you ask them nicely. I also offer a rehosting service with prices starting at $50.

Monitor your forum

You obviously can’t be on your forum all the time to see if it is up and working correctly. You might want to know if there is a problem accessing the forum. Site monitoring services can do this for you. Some are free, some not, and the features vary a bit.

I like Uptime Robot because it is free and has proved reliable, but it checks at a maximum of every five minutes. It sends me emails when my site is down and another email when it is up. Most of these services provide basic tests, with the most basic test being does the index page come up. It’s possible that there problems might affect a particular part of the website, like posting or the Administration Control Panel. These services can’t usually be configured to do these kinds of tests, but they do provide some basic service to let you know if the site is up or down.

I have found many of the times my site is “down” it comes “up” minutes later. These are usually problems related to brief patches being applied by the web host and they are hoping no one will notice. If there is a major incident underway, these services will at least let you know. Your web host may not know there is a problem.

Hint: make sure you choose a HTTP test if offered. You want to know if a web page can be returned, like the index.php page. Simply having a service ping your domain is a poor test.

Update the forum regularly

Just like it’s a good idea to get your car’s oil changed regularly, it’s a good idea to update your forum when new micro versions are released. Bugs get fixed but more importantly there are occasional security issues that get fixed too. The phpBB group keeps trying to simplify the update process but it seems to be an uphill climb. There are little landmines that can trip you up. You can read the official update instructions. An upgrade is moving from one minor version of phpBB to another (like 3.1 to 3.2). Here you don’t need to be one of the first to upgrade. Upgrades sometimes have issues with the first version, so lagging a bit behind may be a virtue. You might want to wait for the 3.x.1 release.

Most of my business is upgrades, so I am happy to do these for you if you want. Or you can try the official upgrade instructions.

When you go into the Administration Control Panel, it will tell you if there is a new update or upgrade to phpBB. If you don’t often go into the ACP, you may prefer to get official notifications instead. You can subscribe to the phpBB blog with your favorite newsreader where new releases are announced. phpBB also has a Twitter feed and is on Facebook.

Keep your web server properly maintained

Typically you do not own and manage the web server on which your forum resides. If you have shared hosting, it’s the responsibility of the web host to update the software on which phpBB depends. You can monitor the key software needed to run the forum and complain or rehost if the web host gets too far behind. A lot of this information is available in the Administration Control Panel under PHP Information. Check your version of MySQL (if you are using it as your database) with the current generally available community edition available from Oracle and complain if you are a few versions behind. If using MariaDB, you can see community editions here.

If you have a virtual server or a dedicated server, you may need a hosting contract to provide these updates as a service. This can get pricey. A good system administrator will keep your operating system, database, control panel and PHP up to date and regularly patched.

One easy way to increase performance if you have phpBB 3.2 or above is to use PHP 7. It should add about a 50% increase in performance compared with PHP 5.x. You can usually change this in the web host control panel, but it may require a support ticket with your web host. Be careful though to ensure that other software you use on your site can handle PHP 7.

Backup your files and database

Most web host control panels provide built-in solutions for backing up your site, including your database. Sometimes this can only be done manually. Ideally you would like an automated backup, storing multiple versions. At a minimum, back up your site monthly and ideally keep two other previous versions.

phpBB does let you backup your database manually: ACP > Maintenance > Database > Backup. You can store the backup on your server or download it. This won’t backup your forum’s file too. There is a useful extension to backup your database using phpBB’s cron process. As of this writing though it works on phpBB 3.1 only.

The key items to backup are the /files, /images and /store folders and the config.php file. The rest of the files and folders are software and can be recreated from a reference if needed.

 

Hiding your phpBB forums

Introduction

Not every forum administrator wants their forum to be public. Some want to have a members-only forum. In fact, it’s not unusual to want the forum to be completely hidden or wholly inaccessible by the public. Some forum administrators realize it’s important not only to keep humans out, but search engines as well.

The good news is that phpBB can keep your forum private, although there are some steps you might want to take outside of phpBB. The bad news is that the procedures for doing so are pretty obscure. Let’s look at some common ways of limiting access.

Keeping everyone out using your web server’s security system

Pros: about as secure as you can get

Cons: shared passwords are often used, ugly interface, and it works separately from the forum

The most effective way to keep everyone out but specified users is to use a security mechanism that is built into your web server. The technique originated with the Apache web server. Not all web servers use Apache, but most do. IIS is Microsoft’s web server, if you are using Windows hosting. nginx (pronounced “Engine X”) is another web server gaining in popularity that is slowly replacing Apache.

With this approach, the first step is to determine what web server software you are running. This site makes it easy.

The idea is to use the web server to challenge the user trying to get into the forum’s folder by requiring the user to successfully provide some credentials, usually a username and password. Typically you get an ugly black and white screen with these fields and a submit button. So this approach is not pretty, but it is highly secure.

If you want to go with this approach, first look at your web host control panel. Control panels like cPanel often have a feature that lets you password protect folders, in this case your phpBB root folder. Here are cPanel’s instructions. Failing that you can do this yourself.

You can use these instructions if you are using Apache and these instructions for nginx. IIS being a Microsoft product operates quite differently. You can use these instructions for IIS.

You can make it easy and use a shared username and/or password or create one for each member of the forum. Note that this happens outside of the forum, so any usernames and passwords used with this approach will probably not be the username and password used to login to the forum. You will have to pass the username and password to use to the user, perhaps using email. This approach simply allows access to the forum so a second step is needed: you must also login to the forum.

This approach not only keeps out humans, but also search engines.

Although not covered here, there are even more secure ways to limit access if you limit access to specific IP addresses. A search engine query will provide instructions if this approach interests you. Since most IP addresses are generated dynamically, this approach usually requires allowing a range of IP addresses and is somewhat fragile.

Stopping search engines from indexing your site with a robots.txt file

Pros: Simple and probably 99% effective

Cons: Malicious search engines can choose to ignore your policy

You can instruct search engines not to search your site. While you can provide instructions, this approach doesn’t keep malicious search engine agents from indexing your site anyhow. Essentially you create a robots.txt file in a plain editor like Notepad and upload it to your forum’s root folder. Its contents should look like this:

User-agent: *
Disallow: /

Disallowing search engines using phpBB

Pros: Effectively stops search engines that phpBB knows about, which are most of them. With the permissions properly set these search engines cannot index your content because the permissions won’t allow it.

Cons: Limited to the 46 search engines that phpBB handles by default

Procedures:

  1. ACP > Permissions > Permission roles > Forum roles
  2. Click on the green wheel on the Bot Access row
  3. Go to the bottom of the page and select the Actions tab
  4. Click on the No column header link which easily makes all these permissions no. Then Submit.

By changing the properties of the Bots role it will affect all existing bots plus any additional bots you create manually later on.

If you want to add bots manually, you can do it this way: ACP > System > General tasks > Spiders/Robots. Where would you discover new robots that might be hitting your site? You would need to periodically review your web server access log.

The phpBB group periodically adds new robots so when you update or upgrade these new robots will appear and will inherit privileges for the bots role.

You can certainly add a robots.txt file disallowing access to your forum root folder and use these procedures too.

Disallowing guest access to forums

Pros: Removes guest read privileges

Cons: A little complex to set up and message to guests is misleading

Procedures:

  1. ACP > Forums > Forum based permissions > Group forum permissions
  2. Select the Guests usergroup and press Submit
  3. Select the forums that you don’t want guests to read or access. For all, check All Forums. Then press Submit.
  4. If you want guests to neither read the forum nor see its name, for each forum change Read Only Access to No Access then the press the Apply All Permission button at the bottom of the page. Note: if all forums were changed then at this point guests accessing the index will see a “No forums” message. This is misleading because the forums are there, you just have to be registered, logged in and have appropriate permissions to see them.
  5. If you want guests to see the forum name but not be able to see or read any topics, first complete step 4. Then for each forum click on Advanced permissions, select the Actions tab and select Yes to Can see forum. When applied to all applicable forums, press the Apply All Permission button at the bottom of the page.

Bonus tip

If security is a concern, consider also using HTTPS to encrypt all traffic going to and from your forum. More is on this post.

New official Advertisement Management extension announced

I have installed the Advertising Management modification for phpBB 3.0 countless times. It’s very popular to serve ads, obviously and to have easy ways to place them within phpBB. There was a development extension for phpBB 3.1 that I was able to get working for some clients.

Now an extension for phpBB 3.2 is available but even better it’s being supported as an official extension of the phpBB group. So from now on it should always be available. It has a slightly different name but was obviously built on top of the old modification. It’s now called the Advertisement Management extension.

See the announcement and video here.