• Security

  • Performance

  • Using Multiple Domains

    See:

    Additionally:

  • Intranet setup

    Using b2evolution on an intranet isn’t much different from a regular internet installation. However, in some cases there might be specifics, which we will list below.

    During Setup

    The installer screen has a checkbox for intranet installs. Make sur to check it, it will preconfigure some things correctly for you.

    Server behind a firewall

    If your b2evolution server is behind a firewall, it will not be able to periodically "call home" and check if there are updates (especially security patches) that can be applied. This will result in timeouts (typically 60 seconds) every time you access the back-office and periodically on the front-office.

    We would recommend you let b2evolution ping out (through port 80), but if that is not an option, you can disable these pings by adding the following in one of your configuration files, for example at the end of /conf/_basic_config.php:

    $allow_evo_stats = false;

    Additionally, there are some plugins that ping the world (blog directories, twitter, etc..) to let the world know when you have just published a new post. Make sure you disable/uninstall these ping plugins or they will also generate unwanted timeouts.

    Finally, you may also want to delete the "Poll the antispam blacklist" scheduled task, as it will not be able to fetch the anti spam updates from the central black list.

    Users behind a firewall

    Some versions of b2evolution load common libraries such as jQuery, Bootstrap or Font-Awesome from their public Content Distribution Networks (CDNs) in order to optimize load times (the idea is that these libraries are so common that they are probably already in the users’ browser cache.

    If you cannot allow access to these CDNs, then you can change the b2evolution configuration to load all its libraries locally.

    There is a setting in /conf/_advanced.php to disable CDN use:

    /**
     * Would you like to use CDNs as definied in the array $library_cdn_urls below 
     * or do you prefer to load all files from the local source as defined in the array $library_local_urls below?
     *
     * @global boolean $use_cdns
     */
    $use_cdns = true;
    

    Change this to :

    $use_cdns = false;
    

    Disabling AJAX comment forms

    By default, b2evolution has a paranoid approach against comment SPAM. Therefore, comment forms are loaded through AJAX by default. This makes life harder for spambots.

    On an intranet, you typically don’t have to worry about spambots, so you may turn off AJAX forms which will slightly enhance performance.

    Disabling encrypted logins

    By default, b2evolution has a paranoid approach against password sniffing. Therefore, passwords are encrypted by javascript in the login form, which is especially useful for internet servers without SSL.

    On an intranet, this may be less of a concern. In this case, you can also simplify the login form by disabling Javascript password encryption in the login settings. (Note: javascript encryption cannot be used with LDAP anyways).

    Disabling gravatar

    Gravatar will fall back to loading a default image from your server, which may have a private intranet address and will fail. Therefore, it’s best to disable gravatar for user profile pictures when using b2evolution in an intranet setup.

    Single Sign-On / LDAP

    If you already have a user base configured on a Directory Server, you can access it by LDAP Integration instead of having to manually re-create usr accounts on b2evolution.

    In order to do this, just download and install the LDAP Plugin. (Make sure you obtain the latest version.)

    Using a Reverse Proxy

    A reverse proxy will often translate URLs in 2 directions. If you can avoid that by having only IP translation, things will be easier.

    We will try to list typical URL translation issues here. If you find more, please leave a comment.

  • LDAP Integration

Comments on this chapter


Form is loading...