v6 Feature request - Delete password required

[Barkley]

I'd like to request a feature please.

I think it would make good sense, to have a safety password, to prevent either the forum, or custom pages from being deleted, as opposed to just writing 'Are you sure you want to delete the "" custom page?'.

This way, a site owner can offer admin status to those wishing to add to a site, without running the risk that they could delete the site, and it would also protect the site should a hacker get access.

[theclash]

As I understand it, only the main admin can delete the forum, so you concern is unwarranted

[Scott]

Barkley
There have been no issues of hacking. Compromised accounts generally occur due to weak passwords or account sharing. If the user uses a weak password for their email or forum account it's rather unlikely that they'll use a more secure password for a custom page, so in this case it's doubtful another weak password would stop someone with such intent.

Only the main admin has the power to do a forum deletion, and there is not a permission for this that can be given to another member. Also since account sharing is a TOS violation, this shouldn't be an issue. Plus if an admin does a forum deletion, it essentially just 'turns it off', which is why we are able to restore forums easily to the state they were in when the admin deletes the forum. (Exception to this are older forums generally pre-v5)

I understand your forum heavily utilizes custom pages. In general good practice, I might recommend structuring the pages solely via the HTML tab and not use the widgets. This would allow you to easily copy the code for each page into a text file that can used as a back up for any deletion or any coding errors that causes the page to go wonky. This is something I do for any of the custom pages I create.

Have you read this Help Guide article on Preventing Forum Content Deletion? While it doesn't deal directly with custom pages, it does offer protection solutions for the rest of the forum.


This all said, I will still mark this as feature request.  Just wanted you know you do have protection options now.

[Barkley]

Jun 10, 2017 7:34:43 GMT -8 theclash said:

As I understand it, only the main admin can delete the forum, so you concern is unwarranted

And custom pages?

[Barkley]

Jun 10, 2017 7:52:55 GMT -8 Scott said:

Barkley
There have been no issues of hacking. Compromised accounts generally occur due to weak passwords or account sharing. If the user uses a weak password for their email or forum account it's rather unlikely that they'll use a more secure password for a custom page, so in this case it's doubtful another weak password would stop someone with such intent.

Only the main admin has the power to do a forum deletion, and there is not a permission for this that can be given to another member. Also since account sharing is a TOS violation, this shouldn't be an issue. Plus if an admin does a forum deletion, it essentially just 'turns it off', which is why we are able to restore forums easily to the state they were in when the admin deletes the forum. (Exception to this are older forums generally pre-v5)

I understand your forum heavily utilizes custom pages. In general good practice, I might recommend structuring the pages solely via the HTML tab and not use the widgets. This would allow you to easily copy the code for each page into a text file that can used as a back up for any deletion or any coding errors that causes the page to go wonky. This is something I do for any of the custom pages I create.

Have you read this Help Guide article on Preventing Forum Content Deletion? While it doesn't deal directly with custom pages, it does offer protection solutions for the rest of the forum.


This all said, I will still mark this as feature request.  Just wanted you know you do have protection options now.

Scott, my website has about 500 custom pages, each that can be deleted in the space of a few seconds by any admin.

It would be cool if there was password protection on them.

All my pages are backed up, but can you imagine how long it would take to rebuild should it become compromised?

[Scott]

Barkley, Does your staff need access to the custom pages? You can choose to exclude them from this area of the admin panel.


Note: And I am not unsympathetic to your concerns. I did mark this as a feature request.

[Barkley]

Jun 10, 2017 8:17:06 GMT -8 Scott said:

Barkley , Does your staff need access to the custom pages? You can choose to exclude them from this area of the admin panel.


Note: And I am not unsympathetic to your concerns. I did mark this as a feature request.

Firstly, I 'do' know you have my back Scott. 

Eventually I want to take a back seat, as it's too much for me to do as one person, and so in order to do that, I need to allow others to be able to update, or add to the site. I 'was' going to close the site, as not being mobile responsive in the year 2017 has meant our members have all but left, and probably less than a dozen remain out of over 800. Although v6 will come, I'm of the belief that it is still a very long way away, and too far off to save the site, and so I want to allow a few other members to give things a go, without the risk of them being able to delete 4 years of work, should they have a bad day.

A password protection would be perfect.

[Scott]

Jun 10, 2017 8:29:40 GMT -8 Barkley said:

Jun 10, 2017 8:17:06 GMT -8 Scott said:

Barkley , Does your staff need access to the custom pages? You can choose to exclude them from this area of the admin panel.


Note: And I am not unsympathetic to your concerns. I did mark this as a feature request.

Firstly, I 'do' know you have my back Scott. 

Eventually I want to take a back seat, as it's too much for me to do as one person, and so in order to do that, I need to allow others to be able to update, or add to the site. I 'was' going to close the site, as not being mobile responsive in the year 2017 has meant our members have all but left, and probably less than a dozen remain out of over 800. Although v6 will come, I'm of the belief that it is still a very long way away, and too far off to save the site, and so I want to allow a few other members to give things a go, without the risk of them being able to delete 4 years of work, should they have a bad day.

A password protection would be perfect.

FYI - We take the approach of releasing a quality product, we don't rush things out the door half done.

[Barkley]

Jun 10, 2017 8:56:11 GMT -8 Scott said:

Jun 10, 2017 8:29:40 GMT -8 Barkley said:

Firstly, I 'do' know you have my back Scott. 

Eventually I want to take a back seat, as it's too much for me to do as one person, and so in order to do that, I need to allow others to be able to update, or add to the site. I 'was' going to close the site, as not being mobile responsive in the year 2017 has meant our members have all but left, and probably less than a dozen remain out of over 800. Although v6 will come, I'm of the belief that it is still a very long way away, and too far off to save the site, and so I want to allow a few other members to give things a go, without the risk of them being able to delete 4 years of work, should they have a bad day.

A password protection would be perfect.

FYI - We take the approach of releasing a quality product, we don't rush things out the door half done.

I know you do Scott, but my situation is what it is, and a password would be useful.

Appreciated.