2012-03-03, 04:44 PM
I'd like to see the ability to completely hide a user or usergroup. This is for security reasons.
Right now, it is easy to find the username of the forum admin. That is one less detail a hacker needs to start digging. Sure you can hide the admin group from the forum team page, but it still shows in the memberlist.
You can make a change to the memberlist to exclude the admin group rather easily, but everyone knows that UID 1 is the original admin as set during install and most folks don't change that, so it's easy to get the username by directly browsing to the profile page and setting UID=1.
I'd like to have the option to completely hide any user listed in the $config['super_admins'], such as no profile view, no forum team page, no memberlist, no WOL, etc.
It's easy enough to create a second user for actual posting and public interaction so it would be nice to make selected users totally invisible.
Right now, it is easy to find the username of the forum admin. That is one less detail a hacker needs to start digging. Sure you can hide the admin group from the forum team page, but it still shows in the memberlist.
You can make a change to the memberlist to exclude the admin group rather easily, but everyone knows that UID 1 is the original admin as set during install and most folks don't change that, so it's easy to get the username by directly browsing to the profile page and setting UID=1.
I'd like to have the option to completely hide any user listed in the $config['super_admins'], such as no profile view, no forum team page, no memberlist, no WOL, etc.
It's easy enough to create a second user for actual posting and public interaction so it would be nice to make selected users totally invisible.