friendica/friendica
6
0
Fork 1
mirror of https://github.com/friendica/friendica synced 2024-05-13 14:49:39 +02:00
Code Issues Packages Projects Releases 1 Wiki Activity

Updated Running a public or community server (markdown)

MartinFarrent 2012-05-25 00:44:25 -07:00
parent 3191cc68f3
commit 6813212d82
1 changed files with 17 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
Running-a-public-or-community-server.md

@ -50,53 +50,39 @@ After choosing the right environment and installing Friendica, you need to do so
3. _System Language_: On a public server, the system language should _normally_ be set to English, even if you're not English. Friendica will attempt to auto-detect the language specified by your visitors' browsers. If you have a translation installed for that language, the site will select the correct one automatically. Only if this fails, will the language fall back to the default specified here. English is the de-facto language of the internet and the usual choice here. But if you are targeting people from a particular country, go ahead and set their language as the default. If you're a community server, you should set this to the language your particular community speaks.
4. _System Theme_: This specifies the default theme for visitors to the website and members who are not logged in. Diabook is the most "newbie-friendly" theme, but it has a drawback - it doesn't yet work in Internet Explorer. The Duepunto themes are the most basic, and should work in most browsers, but they're also the least 'shiney'. The Comix font is missing from some systems, though the theme still looks nice without it. Other than these considerations, your system theme is a matter of taste. Remember, for some reason, many users never seem to find the theme options. You should therefore select the theme you think most people will find easiest to use, not necessarily the one you personally use. For example, a lot of admins like Dispy for themselves, but that their users need less help if my system theme is Diabook. _Users can later switch to any theme you have activated in the ``Themes`` menu._
4. _System Theme_: This specifies the default theme for visitors to the website and members who are not logged in. Diabook is the most "newbie-friendly" theme, but it has a drawback - it doesn't yet work in Internet Explorer. The Duepunto themes are the most basic, and should work in most browsers, but they're also the least 'shiney'. The Comix font is missing from some systems, though the theme still looks nice without it. Other than these considerations, your system theme is a matter of taste. Remember, for some reason, many users never seem to find the theme options. You should therefore select the theme you think most people will find easiest to use, not necessarily the one you personally use. For example, a lot of admins like Dispy for themselves, but that their users need less help if my system theme is Diabook. Users can later switch to any theme you have activated in the ``Themes`` menu.
5. SSL policy. If you allow SSL and Non-SSL connections, which you shouldn't for the reasons explained in the earlier section, you should set this to no SSL policy. If you do this, you need to provide a way for users to switch between the two. I use two small padlock icons - one open, one closed - in the Banner/Logo area to achieve this. If you don't have SSL at all, you should also use this option. If you mandate SSL, select the Force all links to use SSL option.
5. _SSL policy_: If you allow SSL and non-SSL connections despite the advice issued earlier in this document, you should set this to 'No SSL policy'. If you do this, you may want to provide a way for users to switch between the two. You can, for instance, use two small padlock icons - one open, one closed - in the Banner/Logo area to achieve this. If you don't have SSL at all, you should also use this option. If you mandate SSL, select the 'Force all links to use SSL' option. If you use a self-signed SSL certificate, don't run a public or community server - so the self-signed policy isn't relevant to this document.
If you use a self-signed SSL certificate, don't run a public or community server.
6. _Register text_: This is a plain text field that will be place prominently on the register page. If your site requires approval, you might like to point it out here. Likewise, if ban certain email domains (like gmail) or have problems with a particular email supplier receiving your emails, you could add that here. If you are a _community_ server, you should use this field to remind people which community you accept members from. If you have a _public_ server, consider something like this: "Before you sign up, remember the best way to protect your data is to host your own. Hosting your own Friendica account is both easy and rewarding. For more information, visit: http://friendica.com/download". After all, Friendica is _supposed_ to be decentralised, and public servers are supposed to be a last resort.
6. Register text. This is a plain text field that will be place prominently on the register page. If your site requires approval, you might like to point it out here. Likewise, if you have forbidden email domains or problems with a particular email supplier receiving your emails, you could add that here. If you are a community server, you should use this field to remind people which community you accept members from.
7. _Register policy_: This is self-explanatory. 'Open' means people can register and sign up. 'Closed' means you do not accept sign ups at all. 'Requires Approval' means members can sign up, but their account will remain pending until you review and accept their registration (this is the option community servers should choose). On a public server, this option is to help you deal with bot sign ups and spam, not to cherry pick users. If you do have criteria for accepting or rejecting users on a public server, make your requirements clear on your website, and when you refuse an applicant make sure they know why, and that they get a link to find other public servers - no email is ever sent to a rejected member unless you do so manually.
I use the following text in this field: "Before you sign up, remember the best way to protect your data is to host your own. Hosting your own Friendica account is both easy and rewarding. For more information, visit: http://friendica.com/download". Let's not forget, Friendica is _supposed_ to be decentralised, and public servers are supposed to be a last resort. Of course, community sites should not include this text.
8. _Block multiple registrations_: This stops users creating a second account with the same email address to be used as a community forum/page, or a second personal account. If you're trying to maximise resources, limit your users to one account each, and disallow the creation of forum pages. Pages are lower in resources than user accounts by a long way, but they soon add up if you've got a lot of them.
7. Register policy. This is self-explanatory. Open means people can register, and sign up. Requires Approval means members can sign up, but their account will remain pending until you review and accept their registration (this is the option community servers should choose). Closed means you do not accept sign ups at all. Note there is the possibility of a further option here - the back end code allows for an invitation only system. This has not been implemented yet, but if you have a resident geek, it would be fairly easy to create a plugin or module to bring this about.
9._ OpenID support_: If this option is turned on, users will be able to create an account and log in using their OpenID. Warning: Depending on providers, this may not work with mixed SSL policies.
It is very poor form to be listed on the public server list with a "requires approval" setup if you reject members arbitrarily. This option is to help you deal with bot sign ups and spam, not to cherry pick users. If you want to cherry pick users, you should not ask to be listed as a **public** server. Yes, I've got people I really don't want on my server too - but that's the price you pay for serving the **public**. If you have criteria for accepting or rejecting users, make your requirements clear on your website, and when you refuse an applicant make sure they know why, and they get a link to find other public servers - no email is ever sent to a rejected member unless you do so manually.
10. _Full Name Check_: This will ensure users enter what looks like a full name - actually, any two words 'look' like a full name to the system. What this is really for is stopping bots creating spam accounts. Leave it turned off unless you have a problem with bots.
8. Block multiple registrations. This stops users creating a second account with the same email address to be used as a community forum/page, or a second personal account. If you're trying to maximise resources, limit your users to one account each, and disallow the creation of pages. Pages are lower in resources than user accounts by a long way, but they soon add up if you've got a lot of them.
11. _Maximum Image Filesize_: This is, as the name suggest, the maximum image size in bytes. The default size offers a good compromise between image quality and resource demands. If you've got a lot of disk space, you might like to turn it up, but remember, uploaded images can very quickly use lots of space. If you turn it up significantly, you might have to adjust the maximum file size in your server's ``php.ini`` too.
9. OpenID support. If this option is turned on, users will be able to create an account and log in using their OpenID. Warning: with mixed SSL policies, you shouldn't allow OpenID as it causes some providers to fart.
12. _Allowed Friend Domains_: Leaving this field empty will allow your sever to connect with any other sites (default Friendica behaviour). A reason for changing this would be special protection of your members - e.g. if you are running a site for children. If you want your members to only connect to people on the same site fill in your own domain name. Further sites entered into this box are whitelisted, enabling people on your site to connect to other people on your site, and on sites listed here, but nobody else. Use a comma to separate white listed domains: ``example.com,example1.com,example2.com``
10. Full Name Check. This will ensure users enter what looks like a full name - any two words "look" like a new name. What this is really for is stopping bots creating spam accounts. Leave it turned off unless you have a problem with bots.
13. _Allowed email domains_: If you leave this field blank (default) registrations from any email domain are allowed. You can restrict this to whitelist email domains, similar to option #12 - one reason may be to make double sure that no strangers register on a specially protected community site. Adding an email domain to this field allows only the whitelisted domains. To include more than one domain, provide a comma separated list: ``yourmail.com,othermail.info,moremail.net``
11. Maximum Image Filesize. This is, as the name suggest, the maximum image size in bytes. The default size offers a good compromise between image quality and resource demands. If you've got a lot of disk space, you might like to turn it up, but remember, images can very quickly use lots of space. You (might, I don't actually know, since mine is quite large anyway - somebody else verify this in the edit) have to adjust the maximum filesize in php.ini too.
14. _Block Public_: This will block public access to your directory and member profiles, and make sure only your front page will be indexed by search engines. This is probably bad for public servers. Community servers - especially those whose users are minors - may find this a useful option.
12. Allowed Friend Domains. Leaving this field empty will allow your sever to connect with any other sites. If you want your members to only connect to people on the same site fill in your own domain name.
15. _Force Publish_: This forces all members to be listed in the sites local directory. This will probably be viewed negatively if used on a public server. However, on a community server it allows everybody to know who else is a member, and therefore, who can potentially see their posts. Force Publish also _disables_ submissions to the Global Directory by default.
Sites entered into this box are whitelisted, enabling people on your site to connect to other people on your site, and on sites listed here, but nobody else. Use a comma to separate white listed domains. Eg
16. _Show Community Page_: This will create a new tab that displays recent public posts by members of your website and comments to public posts on your website from remote users. This is good for giving new members instantly accessible content (though they themselves won't be able to comment on anything until they have the respective thread initiators as contacts), but it costs in bandwidth and CPU as the page gets indexed by search engines.
example.com,example1.com,example2.com
17. _Enable Ostatus support_: This allows your members to connect to Ostatus members using other systems (StatusNet, identi.ca etc.). All Ostatus posts are public, and so this option can be a privacy hazard. If you have a public server, you probably need to leave this on - we do tend to get a lot of users with Ostatus contacts. If you're a community server, or are particularly privacy-conscious, you may wish to turn it off.
13. Allowed email domains. Similar to Allowed Friend Domains, this whitelist allows you to accept only email addresses for signups from certain providers. Leaving this field blank allows registration from all email domains. Adding an email domain to this list allows only the whitelisted domains. To include more than one domain, provide a comma separated list, as above, eg:
18. _Enable Diaspora support_: This allows your users to connect to Diaspora members. This comes with privacy concerns - posts do not get deleted or edited on the Diaspora network. It can also prove a nightmare with support requests. Users often cannot connect to the larger Diaspora pods due to problems at Diaspora's end... and then blame you. However, quite a number of new Friendica users come from the Diaspora network and want a way of keeping in touch with their Diaspora contacts. You should probably enable Diaspora support on a public server. On a community server, you may not need it.
hotmail.com,gmail.com,mail.ru,bol.bg
19. _Only allow Friendica contacts_: Exactly what it says on the tin - users can only add other Friendica contacts. No Diaspora, Ostatus, RSS, or email. Just Friendica. This is wonderful for resources, you'll save a lot. Community servers should really consider this option. However, if you're hosting a _public_ server, the chances are you doing so to help the project - and that your members will still want their Diaspora and Facebook contacts. Not using this option is a sacrifice, but probably one worth paying in the long term.
If you're running a community server rather than a public server, or if you're a teacher, you can use this to restrict registration to people who have email addresses with your organisation.
14. Block Public. This will block public access to your directory and member profiles, and make sure only your front page will be indexed by search engines. This is probably bad for public servers. Community servers - especially those whose users are minors - may find this a useful option.
15. Force Publish. This forces all members to be listed in the sites local directory. This will probably be viewed negatively if used on a public server. However, on a community server it allows everybody to know who else is a member, and therefore, who can potentially see their posts. Force Publish also _disables_ submissions to the global directory by default.
16. Show Community Page. This will create a new tab that displays recent public posts by members of your websites, and comments to public posts on your website from remote users. This is good for giving new members instantly accessible content (though they won't be able to comment on anything until adding the posters as a contact), but it costs in bandwidth and CPU as the page gets indexed by search engines.
17. Enable ostatus support. This allows your members to connect to ostatus members (statusnet, identi.ca, etc). All ostatus posts are public, and so can be a privacy hazard. If you have a public server, you probably need to leave this on - we tend to get a lot of ostatus users. If you're a community server, or are particularly privacy conscious, you may wish to turn it off.
18. Enable Diaspora support. This allows your users to connect to Diaspora members. This comes with privacy concerns - posts do not get deleted or edited on the Diaspora network. It also proves a nightmare with support requests. Users often cannot connect to the larger Diaspora pods due to problems on Diaspora's end, then blame you. However, a lot of new Friendica users come from the Diaspora network and want a way to keep in touch with their Diaspora contacts. Think carefully and weigh up the pro's and con's for yourself. Allow only Friendica contacts will override this setting.
19. Only allow Friendica contacts. Exactly what it says on the tin - users can only add other Friendica contacts. No Diaspora, ostatus, RSS, or email. Just Friendica. This is wonderful for resources, you'll save a lot. Community servers should really consider this option. There is no lying - public servers would benefit from this too, but if you're hosting a public server, the chances are you doing so to help the project, and sadly, your members will still want their Diaspora and Facebook contacts. It's a sacrifice, but probably one worth paying in the long term.
20. Global Directory Update URL. This is the URL of the global directory you would like members of your site who opt in to be listed in the global directory to use. There is only one global directory at the moment. Either leave the field as it is, or leave it blank to disable profiles being submitted to the local directory.
20. _Global Directory Update URL_: This is the URL of the global directory you would like members of your site who opt in to be listed in the global directory to use. There is only one global directory at the moment. Either leave the field as it is, or leave it blank to disable profiles being submitted to the local directory.
21. Verify SSL. This turns on strict SSL checking, which will make your site check it's communicating with sites using certificate authority SSL certificates. This means sites using self-signed SSL certificates will not be able to connect to your site. This might arguably be a good thing. Self-signed SSL certificates will generate warnings that users just don't understand and in many cases, make them leave immediately. On the other hand, you'll miss out on some perfectly good contacts who refuse to bow to the SSL cartel, even with a free certificate from StartSSL. If I had to make the call? Unless you really know what you're doing, or you have particular security concerns, leave this unselected.