Randy Calvert

If you use sticky sessions on your LB (session persistence) you don’t even need Redis. Users remain on their server unless it fails or is removed.

By the way…. I thought this would be a problem on my community when I first moved to CiC. It literally was the last thing that held me back for 3-4 months. It’s now been more than a year later and with over 8K unique daily users, I have had literally ZERO people ask about it. I also no longer have people who end up complaining that email to them is flagged as spam, etc.

That is not an IPB issue. It’s how the mail client operates. IPS is using the “Sent On Behalf Of” feature of email protocol. This allows them to use their domain and email account without requiring setup of SPF/DKIM, etc. It also means they don’t have to get your domain approved to send email through AWS SES (which is not an easy/simple process). So IPS cannot configure how they’re sending email without making every CiC go through a long and painful process that AWS may reject regardless. Literally there is no configuration of the CiC email service. You either use it or you use your own mail sender. In terms of SMTP, that’s a question for your SMTP provider. You should pose the question to them as it’s outside of the IPB software. I would highly recommend against using free providers like Gmail, iCloud, Hotmail etc. You are likely to end up rate limited and will need to deal with application specific passwords since most of those services now require 2FA.

If you actually click the reply button, you will see it go to your community address. In order for IPB to send the email on your behalf and not get denied by AWS or other email servers, it has to be done this way. There is no way to use the IPB mail server and to customize how it’s sent. If you don’t want this, you will need to provide your own mail server by entering the details for it in the SMTP settings.

It sounds like the table might have crashed or corrupted. From phpMyAdmin, try running a repair on it.

The space is a square. Your image should be also I believe. It looks like that image is a tall rectangle which does not fit within the dimensions of a square.

These are SQL queries that you or your host need to run on your database. If clicking fix it does not solve the problem, you need to run them via PHPMyAdmin or via SSH.

Marc, he can’t because he does not have an active license. I think this topic will need moved.

Awesome! I’m glad you got to the bottom of the issue! Good luck with the migration.

Just because it’s installed on the server does not mean it’s available to the virtual host. You may need to enable it in httpd.conf. The module can be available to some, all, or none of the sites on the server.

When you downloaded the files from the client area, you did not click the option to include the converter files. Just download the files again and this time check the checkbox to include those files. 🙂

Also have you tried disabling all third party plugins and applications? One of those could be interfering with email.

I know for a fact that the CiC email is working as I have tested it with my own site. If it’s not working with another SMTP server you know works or the CIC server, have you considered this is a problem with your own email service? Have you tried having email sent to new/different addresses? If CiC emails were not working, there would be a LOT of people posting about it here. 🙂

Did you make sure you have a fresh .htaccess file uploaded?

Make sure your conf_global.php reflects the correct URL. Afterwards, clear the system cache in the support section of your ACP.

You might also try clearing the browser cache.

An upgrade does not revert you back to the default language. If a new version introduces new strings you might need to update your translation.

Are you using some sort of cloud WAF or proxy?

I guess I’m lost as to what could be done here… If someone forgets their email, what is there that could be automated for recovery in a safe/secure fashion? When someone creates an account, there is a display name, an email address and a password that is collected. If someone does not remember their email address, what good is it to send an email to that address for them to verify? It’s most likely an old address they don’t remember using or would know to check or even potentially have access to. They would have already tried the address they know and most commonly used in the original attempts. And if you create a system to say my display name is X and here’s the email address we have for it…you negate the entire reason for having the display name be different than the login method. (It would also potentially be able to be exploited to extract email addresses for attackers or spammers.) And if you have them create a new account, how do you prevent someone from abusing it to steal another account. I create a new account and claim that I’m really the long term member! Now you have an unhappy user who has lost control of their account and someone else using it. There is nothing that is automated that could stop someone from stealing an account if they can’t verify the info provided at registration. They might be able to prove it to a human based on looking at things like past IP/location info, writing style, etc… but IP and geo are not good tools to use in an automated fashion. But regardless… my guess is this would be most likely better in the feedback forum as there is not any sort of functionality to automate the process today.

That would seem to be what Contact Us link would be good for. 🙂 If they don’t remember or have access to email, that would be a problem regardless of display name vs email. In general, because a user would be using it more often to login… they would be less like to forget or.

DNSSEC basically is used to prevent someone from putting up a DNS server with fake records pointing users that use that resolver to a server different than yours. This matters for banks and major sites that handle high volumes of commerce… but in practical/real life terms, it’s super unlikely to happen. It would be isolated (say a hotel network compromised and routing traffic to fake sites) and in most cases would be targeting sites that are more commonly used. It does not protect the domain itself and does not prevent things like DNS highjacking or someone trying to port your domain without permission. I don’t say this to minimize implementation of a security feature, but instead to help folks realize that should it not be available that there is not a huge hole out there putting you at risk. I have a better chance at winning the Powerball than seeing my site attacked successfully in this manner. But yes, it’s technically possible for it to occur!

You can change the wording yourself by updating the language strings.

This is a hosting issue… however a recommendation would be to use NTP to compare the local time to the server it’s synced with. https://askubuntu.com/questions/1272104/how-to-find-time-difference-between-two-computers#:~:text=The command ntpdate -q <address,of just outputting the difference.

Your core sessions table in your MySQL database is crashed. You need to repair it. You can attempt to fix it by using a program like phpMyAdmin to do it or if you are not comfortable doing so, you would need to contact your hosting provider for assistance.

Copyright © <script>document.write(new Date().getFullYear())</script> YOURNAME