TC wrote: Whilst the Forum Statistics and User List have been disabled ... [or] hiding the information with CSS ...
It is true that, from
K 3.0.8
, it is not possible for people to access the userlist or attempt to directly go to the URL that generates the userlist (without logging in first) using the forum configuration setting
Kunena Forum: Configuration »
Security »
Security Settings »
Allow Guests to see Userlist = No
It may not be possible to prevent access to the forum statistics page (to restrict access to it to a particular class of user) because there is only one configuration setting,
viz.
Kunena Forum: Configuration »
Users »
User Related »
Show User Statistics =
Yes |
No
Either the statistics page is shown for everyone or for no-one.
TC wrote: registered users can still harvest a userlist by entering a Search, progressing to Advanced Search and using the data-provide typeahead dropdown on the User Name data entry field.
Yes, this is certainly the case. It is also true that the setting
Kunena Forum: Configuration »
Security »
Security Settings »
Allow Guests to see User Profiles = No
prevents people from looking at user profiles by clicking on a username (even if they "discovered" the name(s) with the
Search
feature).
To restrict this kind of access so that only Editors (and above) are the
only ones who can use the
Search feature is a bit more complicated that a "simple" hack to the
Kunena core. Anyway, if you hack the core, you will have to reapply those changes whenever you upgrade
Kunena (so this is not really a good idea).
It's possible to insert changes throughout the Kunena template (i.e. write your own template) to add extra "custom" security over and above what
Kunena already provides, but this is a fair bit of work.
The other so-called "suitable" options are not really very attractive or easily attainable short of, again, revisiting the few thousand lines in the Kunena template and adding extra lines of PHP.
If I was in your position, I would discuss this "requirement" with your client and point out that while
anything is possible,
everything comes at a cost. If the client insisted that this was a mandatory, non-negotiable requirement, my estimate of the time it would take to write a customise Kunena template that included these added security features would take about 3-4 days to complete. At a typically normal rate of between $50-75 per hour, that's an added $1200-2400 to the total development cost. It's not really a question of whether it's possible: it boils down to a question of whether the client is prepared to pay the additional costs and added delay.