The Main module is the foundation of the system. It is the glue that concretes other modules hence providing the interactive nature of the system architecture. The Main module allows to create, maintain and manage an unlimited number of web sites.
The Main module features include:
- support for multiple sites – the system can support as many sites as you want;
- multiple domains – the system allows for an unlimited number of domains (of any level) for each site created;
- common authorisation system for all sites;
- unlimited number of user groups;
- unlimited number of registered users, possibility to attach users to one or more groups;
- group-based assignment of responsibilities and access permissions;
- simplified template management system; each template can have its own design, set of components, public scripts and other elements;
- unlimited number of templates that can be applied them to one or more sites;
- ability to apply different templates to every site in the system;
- multilingual user interface of the Control Panel;
- automated software updates through the use of the SiteUpdate technology;
- multiple servers: ability to use a separate web server for each site while sharing a single database;
- module management system;
- e-mail message templates to send messages upon an event (new forum post, subscription request, registration information retrieval etc.);
- facility to temporarily lock access to the public section;
- check the technical requirements conformance and the file system access permissions;
- fast dynamic content technology;
- dynamic information caching technology;
- programming interface (API) to create and connect custom modules;
- exporting data from the Control Panel reports to MS Excel ;
- group operations on report elements (deleting, activation, and etc.);
- SQL queries to the database;
- external authorisation. The login and password can be verified locally using a custom algorithm, or on a remote server (the package includes an example of external authorisation for PHP BB and Invision forums);
- sharing authentication between different site domains;
- user-defined event handlers;
- individual user interface customization (default filter fields, elements display mode (table, list or icons); report table columns; default report table sorting; mouse behaviour etc.).
Control Panel
The Control Panel interface
Control Panel Basics (Flash movie)
The Control Panel provides fast access to necessary control sections. It offers five functionally complete groups: Content, Services, e-Store, Web Analytics and Settings.
Pop-up hints will help you get acquainted with the system management tools. To get more information about the current page, you can use the context help that can be viewed by clicking the button the control panel toolbar. You can also send a request to the Bitrix company techsupport service.
Interface customization
Security policy
The security policy is a set of rules allowing to restrict user authorization to provide a website with a particular security level.
The following security rules are available:
- session IP mask - with this protection on, theft of a cookie file containing the session information becomes useless. This type of protection is the most effective in struggle against XSS/CSS attacks.
- maximum session lifetime - limits the maximum session duration. This protection is used to avoid incorrect session lifetime settings in the php.ini file.
- maximum lifetime of stored authorization. This protection makes any XSS/CSS attacks ineffective. This protection makes theft of authorization data stored on a personal computer useless. All data are generated randomly and do not contain the current computer IP address or any traceable cryptographic information.
- maximum number of authorisation storages – this rule define the number of computers on which the authorized sessions of a single user can be stored. For site administrators, the value of 1 is recommended.
- checkword timeout - defines the maximum time during which the password recovery control word is stored; it allows to minimize risks of site attacks via the recovery mechanism by intercepting e-mails.
Security rules are applied to user groups. System administrators can define security rules manually or using of the predefined security levels (High, Medium or Low). By default, the High level is used for system administrators. For users ascribed to several groups the strictest rule for each security aspect is chosen.
File integrity check
The file integrity check allows to verify whether the system files are safe and sound or not. To use this function, you have to enter a unique keyword (known only to you) and calculate the check sum of all files. The keyword is not stored anywhere.
Automatic registration prevention
The Main module supports the essential feature aimed to prevent unauthorised registrations - CAPTCHA (completely automated public Turing test to tell computers and humans apart). If CAPTCHA is enabled, a user must enter a string with the displayed random symbols to register.
Authorization form
This method ensures that the forum forms will not be abused by robots that are not capable to recognise text on images.
Caching
The mechanism has been developed to reduce the server load by saving results of the database requests.
Automatic Site Map
The unique site map generator helps you keep your site map up-to-date. The Site Map always contains only files and folders that the current visitor is permitted to view.
Site map
Multilanguage support
Support for multiple languages enables you to easily publish information in many languages. The Control Panel user interface can be rendered in any available language. Currently, English, German and Russian interface languages are available.
)
)
