I'm pretty sure my fellow admin has an out of date email address which he used in 2004 to register with, so he won't be able to log in after upgrading to IPS 5.

 

I have lots of active members that registered well over a decade ago using emails no longer in use, and inactive members who may return sometime but won't be able to log in

Just to ease any concern, the email address doesn't need to be active for your admin or members to log in. Your members just need to type their email address into the login form rather than their username. The form will accept any email address, active or inactive, as long as the password matches.

For the sake of security though, updating the email of your fellow admin to an active address would be a good start, regardless of the new login method.

 

How about letting us stay on V4 indefinitely?
Otherwise this just reads as a ticking bomb for many of us as we eventually won't have a choice but to upgrade.

v4 will not operate "indefinitely" neither as a cloud customer (which you are) or a self-hosted customer. The technology within the infrastructure will eventually outgrow v4, rendering it unusable and it would be entirely impractical to continue its development for the long-term.

With that said, we are going to monitor the adaptation rate of v5 before determining the final lifecycle timeline of v4 and we will announce that timeline as soon as we develop it. I assure you, v4 maintenance will continue at least through 2025.

I'm pushing half a century old, I like change less and less with each passing day and am set in my ways (no comments from IPS staff needed!), so I completely understand and relate to the anxiety and discontent with changes. Please understand that we do not take removal of features lightly and such changes are based not on internal personal preferences, but rather, a thorough analysis of actual usage statistics, trends, customer feedback and the alignment of development and business needs. In the case of status updates, for example, I completely understand this is a key feature for some, however, the majority of our customers did not use them. Facebook, Twitter and virtually every other medium is geared towards users and what's going on in their lives and inside their minds; the communities we encourage are (or should be) driven by content and a bit less about what's happening with specific users. Why not both, you might ask? The simple answer is, if we were to retain every feature forever and ever, the platform would fall over. We simply outgrow and shift away from things. BBCode comes to mind. When we removed that, there was hysteria and disdain and I would bet many here have no idea what BBCode is or was.

I would encourage you to simply give it time, avoid panic and explore all of the other ways you can add value to your community at-large. Pages, blogs, clubs, incentivizing active / contributing users, winbacks of infrequent visitors, and the countless new, modern features within v5 and beyond.

@Marco Junior Yes, I will not deny that Classic (self-hosted) -- or any downloadable software -- is not our (or most companies) future and Classic sales have frankly fallen near-flat the past 3 years. That's not at all to say we have plans to discontinue it, but as we continue towards more modern features, including those that require a more advanced infrastructure than the average web host can provide, you will indeed see more of these features appearing in our cloud platform and not necessarily Classic. With that said, I'd encourage you and anyone else interested in converting to cloud to contact our sales team (sales@invisionpower.com) to discuss your specific needs... you may be surprised and the costs may not necessarily be what you're thinking.

I'm extremely proud of what the team has created with v5 and after understandable knee jerk reactions and associated anxiety, I strongly feel most of you will see the out with the old, in with the new is in fact worthwhile. We truly appreciate your continued business, support, and feedback! Enjoy!

 

v4 will not operate "indefinitely" neither as a cloud customer (which you are) or a self-hosted customer. The technology within the infrastructure will eventually outgrow v4, rendering it unusable and it would be entirely impractical to continue its development for the long-term.

With that said, we are going to monitor the adaptation rate of v5 before determining the final lifecycle timeline of v4 and we will announce that timeline as soon as we develop it. I assure you, v4 maintenance will continue at least through 2025.

I'm pushing half a century old, I like change less and less with each passing day and am set in my ways (no comments from IPS staff needed!), so I completely understand and relate to the anxiety and discontent with changes. Please understand that we do not take removal of features lightly and such changes are based not on internal personal preferences, but rather, a thorough analysis of actual usage statistics, trends, customer feedback and the alignment of development and business needs. In the case of status updates, for example, I completely understand this is a key feature for some, however, the majority of our customers did not use them. Facebook, Twitter and virtually every other medium is geared towards users and what's going on in their lives and inside their minds; the communities we encourage are (or should be) driven by content and a bit less about what's happening with specific users. Why not both, you might ask? The simple answer is, if we were to retain every feature forever and ever, the platform would fall over. We simply outgrow and shift away from things. BBCode comes to mind. When we removed that, there was hysteria and disdain and I would bet many here have no idea what BBCode is or was.

I would encourage you to simply give it time, avoid panic and explore all of the other ways you can add value to your community at-large. Pages, blogs, clubs, incentivizing active / contributing users, winbacks of infrequent visitors, and the countless new, modern features within v5 and beyond.

@Marco Junior Yes, I will not deny that Classic (self-hosted) -- or any downloadable software -- is not our (or most companies) future and Classic sales have frankly fallen near-flat the past 3 years. That's not at all to say we have plans to discontinue it, but as we continue towards more modern features, including those that require a more advanced infrastructure than the average web host can provide, you will indeed see more of these features appearing in our cloud platform and not necessarily Classic. With that said, I'd encourage you and anyone else interested in converting to cloud to contact our sales team (sales@invisionpower.com) to discuss your specific needs... you may be surprised and the costs may not necessarily be what you're thinking.

I'm extremely proud of what the team has created with v5 and after understandable knee jerk reactions and associated anxiety, I strongly feel most of you will see the out with the old, in with the new is in fact worthwhile. We truly appreciate your continued business, support, and feedback! Enjoy!

My (community) is not a virtual business where I make money from it.

I chose to purchase IPS to support development, as I do not agree with (nulled) versions.

Even if I were interested in contacting the sales department to negotiate something that would suit me, the price charged for your infrastructure is still high.

Given that I have the necessary knowledge to create my own dedicated or even shared infrastructure.

This is the point I am making, INVISION is becoming a management software, not a software for communities.

But as mentioned, I and many other customers, considering the context, discussions and information that arise over time, are already preparing to find an alternative in the future, an alternative that really focuses on community resources, not (business) resources.

It is a very high-quality software, but the amount charged for the monthly fee for your infrastructure is unfortunately frightening.

Assigned topics (This is a brilliant community feature and you guys at IPS know this, so much so that you will only make it available to cloud customers whose monthly fee is estimated at almost 600 dollars).

I know all the effort required to manage a (cloud) infrastructure but this is really too much for me.

So what I have to say, to the customers who are questioning the removal of features and the like, the future will bring new fantastic features, I am sure of it.

But you will need to be a (cloud) customer & if it is viable for you, get in touch with the team and have the best resources from IPS.

Unfortunately for my community model it is not viable.

 

This is the point I am making, INVISION is becoming a management software, not a software for communities.

I do not think this is true. I would consider management software to be thinks like Monday.com and Clickup. Those manage timelines and projects very well but are not places for discussions.

We are building the very best community software possible. And as Lindy said, that means leveraging technologies that are not readily available on your standard Linux/Apache/MySQL/PHP servers. We have gone over this a lot in the past, but we leverage CDNS, SQS, node, react and more.

More to the point that the days of "sell it cheap, stack it high" self-hosting licenses are well and truly over.

I think what you really mean is that we are becoming an enterprise community platform, and that has some truth in that if we can't sell lots cheaply, then we have to sell few more expensively to keep the same income to pay our team and bills. Also enterprise communities are one of few areas of growth in this industry.

But that does not mean that we focus all our efforts in that direction. We have many communities of all sizes using Invision Community. We are not trying to make it unaffordable. You mention $600/month but that comes with a lot of business-level functionality, for $89/month you get a lot of functionality on our Creator package.

Again though, we have committed to the self-hosting option to make Invision Community as affordable as possible for as many people as possible. Our efforts to move into the enterprise market makes this possible.

While you may have to look at our Business package to get Assigned Topics, everyone gets the new UI, new Theme Editor, new Page Editor, dark mode and so much more. I would say less than 10% of all that we have built in 5 is not available to those on the Invision Community Classic license.

Without Invision Community Cloud, there would be no self hosting license. The self hosting model is no longer sustainable for anyone in this industry.

 

I chose to purchase IPS to support development, as I do not agree with (nulled) versions.

Even if I were interested in contacting the sales department to negotiate something that would suit me, the price charged for your infrastructure is still high.

Given that I have the necessary knowledge to create my own dedicated or even shared infrastructure.

☝ THIS!!! Exactly me... No income from site, hosted price out of my budget, knowledge and skill set! Get out of my head!

I get a VPS for $15/mo., I have total control, and I can install anything, with 26 years' experience as a developer and system administrator for the USAF.

 

CDNS, SQS, node, react

If you’re referring to CDNS as CDNs (Content Delivery Networks), I would strongly advise against using them for production servers. All of my production servers, both professional and personal, are restricted or entirely blocked from accessing external web sources due to significant security risks.

For example, on CodeNameJessica.com, I allow inbound HTTPS traffic (port 443) to serve content securely. However, all outbound traffic is blocked to prevent the server from fetching or sending data to external sources. All necessary assets (e.g., JavaScript libraries, CSS files) are hosted locally, ensuring full control over the server environment and eliminating the risk of supply chain attacks or unexpected third-party failures.

All servers that I manage have explicitly has iptables rejecting outbound connections before going live:
sudo iptables -A OUTPUT -p tcp --dport 80 -j REJECT && sudo iptables -A OUTPUT -p tcp --dport 443 -j REJECT

As Invision Community evolves, I strongly advocate for continued (or even enhanced) support for self-hosting all required resources. This approach aligns with best security practices and aids in maintaining compliance with standards like PCI-DSS and ISO 27001, both of which recommend minimizing unnecessary external connections.

Regarding SQS (Simple Queue Service), I find it puzzling that a commercial software solution with a significant price tag would rely directly on third-party services like this. While AWS is robust and its downtime may seem improbable, history shows that even the most trusted providers (e.g., CrowdStrike, Microsoft) have faced significant outages. Dependence on third-party SaaS or PaaS can introduce unnecessary points of failure, which, in my view, isn't in the best interest of Invision Community.

As for NodeJS and ReactJS, I’m a developer experienced with both, and they’re straightforward to install, maintain, and use. In fact, my previous forum software, NodeBB, is built entirely on NodeJS. I understand the concern might stem from users on budget-friendly shared hosting environments (e.g., $2/month plans), which often have limitations. However, for those using affordable VPS solutions (like my $15/month VPS for CodeNameJessica.com), these technologies run perfectly without issue.

For context, I run:

• A Splunk Agent for log management,

• A NetData Agent for real-time monitoring,

• Fail2Ban for real time blocking

• Custom PHP, Python, and BASH scripts to maintain server

• A 94% OSSEC score for intrusion detection,

• And Invision Community securely without performance issues.

I’d love to hear how others manage this, particularly in environments where security and compliance are top priorities.

We use CDNs as a caching layer. Without them, our bill would be roughly a zillion times more expensive. It's common practice.

 

☝ THIS!!! Exactly me... No income from site, hosted price out of my budget, knowledge and skill set! Get out of my head!

I get a VPS for $15/mo., I have total control, and I can install anything, with 26 years' experience as a developer and system administrator for the USAF.

Congratulations, you are in the 1% of our customer base.

 

I find it puzzling that a commercial software solution with a significant price tag would rely directly on third-party services like this. While AWS is robust and its downtime may seem improbable, history shows that even the most trusted providers (e.g., CrowdStrike, Microsoft) have faced significant outages. Dependence on third-party SaaS or PaaS can introduce unnecessary points of failure, which, in my view, isn't in the best interest of Invision Community.

Literally every single scalable service in the world (Netflix, Disney+, Amazon, etc) uses micro services from an upstream provider like AWS.

 

Literally every single scalable service in the world (Netflix, Disney+, Amazon, etc) uses micro services from an upstream provider like AWS.

I can’t fully agree or disagree with that statement because I don’t manage those services. However, it’s important to recognize that companies like Netflix, Disney+, and Amazon operate on a scale far beyond most organizations. They own massive data centers and have contracts with external providers like AWS to support their infrastructure.

Even if we consider a guess of the top 1% of your customer base, those with financial resources comparable to Netflix, Disney+, or Amazon, it’s understandable that managing microservices through an upstream provider wouldn’t pose much of a challenge for them.

However, for the vast majority, if I had to guess, around 95% of your customer base, they likely don’t have the same resources. Most don’t have dedicated Cybersecurity, Server, or Development departments, nor do they have layers of management to oversee such complex operations. While this approach might work for large-scale enterprises, it’s not necessarily practical or feasible for smaller organizations with limited infrastructure and staff.

I make a very comfortable living working for a global company where my sole focus is Linux security and administration. We deal with extremely sensitive data, and while I’m sure most of your customers don’t, including my own personal website, security is more than just a "what if."

I’m sure Invision has more resources than many of your clients, and microservices likely work well for your company. But I can only speak for myself, and frankly, the $500 price tag on the software alone gave me serious pause (and possibly a small stroke).

I welcome change, evolution, and enhancements, but I want changes that don’t compromise security, safety, or compliance. Everything else is noise, so I have to change how people log in, or I have to change my page layouts, whatever.

Someone in another post mentioned, "You had since 2022 to bring up these concerns." Well, this is me ringing the bell now before it’s 2028, IPS v6 is out, and AWS has its own CrowdStrike moment.

Just my two cents. And yes, I know where the door is if it comes to that.

 

Someone in another post mentioned, "You had since 2022 to bring up these concerns." Well, this is me ringing the bell now before it’s 2028, IPS v6 is out, and AWS has its own CrowdStrike moment.

If AWS has a Crowdstrike moment, then 60% of the internet will be down including government agencies, police, fire, ambulance dispatch, banks, etc. A forum would be the last thing on people's minds.

We used to run our own servers in a data centre and it was nice owning all that hardware and not relying on anything else, but not so nice when a drive failed taking hundreds of customers offline and we had to drive out to a location and switch it out.

 

I can’t fully agree or disagree with that statement because I don’t manage those services. However, it’s important to recognize that companies like Netflix, Disney+, and Amazon operate on a scale far beyond most organizations. They own massive data centers and have contracts with external providers like AWS to support their infrastructure.

We operate at a large scale, and we have contracts to support our infrastructure.

One thing I can speak on is banks, government agencies, ambulance, and enforcement dispatch. None of those facilities have CDNs in any way shape or form. I know, 26 years Air Force as Security Compliance Officer for Linux System Administrations. Now 4 years with Global Banking administration and Trust Services. About 70% of North America's banking.

In any case, we're going off at a tangent here. This isn't really the place to debate hosting infrastructure. We've made our choices, we're happy with them. Likewise you've made your choices and are happy with them.

 

One thing I can speak on is banks, government agencies, ambulance, and enforcement dispatch. None of those facilities have CDNs in any way shape or form. I know, 26 years Air Force as Security Compliance Officer for Linux System Administrations. Now 4 years with Global Banking administration and Trust Services. About 70% of North America's banking.

Ok. I guess you're talking about internal systems, and not external systems because web/app interfaces for banks certainly do use CDNs to ensure the JS/CSS and images don't hit origin on each request.

...and you are correct about this tangent, so this will be the last thing I say just so you know I know what I am talking about.

Most external-facing systems for banks, such as their web and app interfaces, do utilize Content Delivery Networks (CDNs) to optimize performance with a caveat.

CDNs help serve static assets like JavaScript, CSS, and images closer to the end-user, reducing latency and ensuring faster load times. This offloads traffic from the origin servers, enhancing both speed and reliability without compromising security. There are fallback situations in the event of failure to these CDNs for locally hosted options.

However, internal systems, especially those dealing with sensitive operations like core banking systems or transaction processing, (I want to say typically, but...) do not rely on CDNs, as they are usually hosted within tightly controlled air gap environments for security and compliance reasons. Hence the PCI-DSS (Payment Card Industry Data Security Standard).

So, your statement is mostly accurate if you're referring to the distinction between external web/app interfaces but also consider their fallback methods which are internally hosted, this leaves safety for failures.

 

However, internal systems, especially those dealing with sensitive operations like core banking systems or transaction processing, (I want to say typically, but...) do not rely on CDNs, as they are usually hosted within tightly controlled air gap environments for security and compliance reasons. Hence the PCI-DSS (Payment Card Industry Data Security Standard).

Yes, this makes sense. From my point of view, I was talking on behalf of how Invision Community is put together as a public facing platform.

 

My (community) is not a virtual business where I make money from it.

I chose to purchase IPS to support development, as I do not agree with (nulled) versions.

Even if I were interested in contacting the sales department to negotiate something that would suit me, the price charged for your infrastructure is still high.

Given that I have the necessary knowledge to create my own dedicated or even shared infrastructure.

This is the point I am making, INVISION is becoming a management software, not a software for communities.

But as mentioned, I and many other customers, considering the context, discussions and information that arise over time, are already preparing to find an alternative in the future, an alternative that really focuses on community resources, not (business) resources.

It is a very high-quality software, but the amount charged for the monthly fee for your infrastructure is unfortunately frightening.

Assigned topics (This is a brilliant community feature and you guys at IPS know this, so much so that you will only make it available to cloud customers whose monthly fee is estimated at almost 600 dollars).

I know all the effort required to manage a (cloud) infrastructure but this is really too much for me.

So what I have to say, to the customers who are questioning the removal of features and the like, the future will bring new fantastic features, I am sure of it.

But you will need to be a (cloud) customer & if it is viable for you, get in touch with the team and have the best resources from IPS.

Unfortunately for my community model it is not viable.

It's getting annoying to talk about this a lot, the owners of this site are free to sell their product as they please, and we as users are free to stay with them or look for an alternative, so look for an alternative or simply hire a developer to add the feature you desperately need as your code does not include encrypted files.

Personally, I see that version 5 made Invision Community the best forum platform among competitors.

I've been told there's no option for lazy loading now

I always kept this off, but a while back after when it was first introduced I turned it on but I was having to wait for tweets to load and it was frustrating, even after I turned it off there was a clear delay so I had to import an old database where I'd never turned it on. Has the choice gone now too?

 

I've been told there's no option for lazy loading now

I always kept this off, but a while back after when it was first introduced I turned it on but I was having to wait for tweets to load and it was frustrating, even after I turned it off there was a clear delay so I had to import an old database where I'd never turned it on. Has the choice gone now too?

In v4 we used a JavaScript solution for lazy loading images and other content, it wasn't perfect so it had the option to be disabled. In v5 we migrated to the browser native lazy loading which is much more reliable https://caniuse.com/loading-lazy-attr. This is something the browser now controls and will lazy-load based on your usage, it cannot be disabled.

 

I realize having to manually change their email address for them can be cumbersome but, what ya gonna do.

a transition page where old members are prompted to update their email and are informed that is their new log in ?

 

You probably already understand this but the best way to go about it would be to create an Alert that goes out to everyone

Alerts are useless foe older members who haven’t logged in for a while and no longer have access to their email, its these members we need to cater for on older communities

 

a transition page where old members are prompted to update their email and are informed that is their new log in ?

Alerts are useless foe older members who haven’t logged in for a while and no longer have access to their email, its these members we need to cater for on older communities

Put some extra information in the failed login messaging perhaps? Or just on the login page. Make your contact options very visible and so on. If someone has been a member of a community a long time and come back after a while, you can assume they'll be fairly motivated to get logged in, so I don't suppose an extra step of sending an email will put too many off? Alternatively, (as we've found at times on our community), people will start a fresh account if they can't login and will probably then use that to ask about their old one.

The change really isn't the end of the world, although we did spend over 12 months notifying people in varying ways before switching off the username login.

Edited February 5Feb 5 by Dll

Can someone confirm or deny if posting with HTML is gone or not?

 

Can someone confirm or deny if posting with HTML is gone or not?

There was mention of a plugin, but by default, you cannot, I don't believe.

 

There was mention of a plugin, but by default, you cannot, I don't believe.

Ugh...

What about the classic forum layout and themes that we still have to this day?
There's no way this will be removed, right? =>

All the recent videos/images of V5 look so different that I am getting worried...
Please can someone confirm they're not gonna force a changed layout?

Edited February 6Feb 6 by Aldro

 

Ugh...

What about the classic forum layout and themes that we still have to this day?
There's no way this will be removed, right? =>

All the recent videos/images of V5 look so different that I am getting worried...
Please can someone confirm they're not gonna force a changed layout?

No, you can set it to the classic forum view still. The toggle on the community index page is gone, but there's a setting in user preferences now.

I haven't checked yet, but I showed my father my dev site, and his account didn't have access to the layout change. I believe there is a permission for it that he might not have. As an admin, I could change it.

 

One thing I can speak on is banks, government agencies, ambulance, and enforcement dispatch. None of those facilities have CDNs in any way shape or form. I know, 26 years Air Force as Security Compliance Officer for Linux System Administrations. Now 4 years with Global Banking administration and Trust Services. About 70% of North America's banking.

As someone who works with major banks for a living, I can definitely say this is this is incorrect. In fact, banking regulators such as the OCC highly recommend financial institutions use CDNs as a security and safety tool. Caching helps reduce the risk of DDoS (reducing attackable surface), and helps improve performance. This is not just for marketing sites, but for critical applications such as online banking, mobile banking, etc.

You can see this by doing a nslookup for major sites like Capital One, PNC, Chase (online banking not marketing), Truist, Wells Fargo, US Bank, TD Bank, Citizens Bank, and more. In fact, more major banks use CDNs than don't.

The US military is also heavy users of CDNs as well for their security services (DDoS, WAF, bot, etc) along with most major cabinet level agencies. Most major CDN companies such as Akamai and Cloudflare have dedicated groups that work with governments, including with their secure networks.

While caching is one aspect of a CDN, there are a bunch of capabilities that enhance enterprise applications.

One question regarding Sendgrid:

I rely heavily on Sendgrid – thus removing this function is for me a dealbreaker.

Will you integrate Sendgrid later? Or provide an alternative?

I made the move with Invision from Mandrill (?) to Sendgrid – and never looked back.

But I need a functionality to send out 20k personalized mails quickly…

Andreas

 

As someone who works with major banks for a living, I can definitely say this is this is incorrect.

I think you missed this part:

 

However, internal systems, especially those dealing with sensitive operations like core banking systems or transaction processing, (I want to say typically, but...) do not rely on CDNs, as they are usually hosted within tightly controlled air gap environments for security and compliance reasons. Hence the PCI-DSS (Payment Card Industry Data Security Standard).

I work with the internal servers. But again, it is a dead horse.

Edited February 6Feb 6 by Code Name Jessica