Randy Calvert

This can be done with overall online status. For example on this site: https://invisioncommunity.com/settings/account-security/ There is an option to hide online status.

It should not, but you have to manage permissions etc. If it does not run as a privileged user, you’ll have to deal with file ownership etc. It all depends on exactly how it’s setup and managed.

The easiest solution is not to use cron. You could also swap your merchant API keys to use a dev API key on your API site.

When you switched your site to PHP 8.1 did you make sure it has all of the necessary system requirements? It’s not uncommon for different versions of PHP on the server to not match modules and for people to be missing a required module when switching versions.

I’m glad you were able to get to the bottom of the issue!

For your first issue… have the host disable the old shared hosting version. Basically the only place your data should be “active” is the new server. Next… make sure your conf_global.php reflects the correct URL that you want (including http vs https prefix). After that is correct, make sure you clear your system cache in ACP support section. For your second issue, that path mentioned does not look like a default IPB setup. Are you using a 3rd party mail service like Sendgrid? If so, you might need to fix your setup there. If you’re using the default phpmail, you might have some sort of third party resource that is acting up.

You’re thinking in very static terms here. There is not “one cache”. Each physical point of presence in the CDN network has its own cache. This means if a user in Washington DC accesses the content at 12:01 a user in Chicago accessing the same page at 12:09 would not get that cached version as it came from different edge servers. There are over 300 unique physical locations around the world for the CDN that IPS uses. So in reality… most “real” users are not getting old versions of content. And this kind of action is done because a MAJORITY of users don’t gain anything by having shorter periods of time. Even a site with hundreds of users online at a time are not accessing the same page/content AND also coming from the same physical location. You’re paying IPS to manage the infrastructure and to make users get a good experience. Let them do that. Caching is a good thing. For example it helps SEO as Google (a guest) gets a super fast version of the site. It reduces the risk and impact of DDoS attacks as cached content does not generate server load and allows the network to scale more effectively. It also allows IPS to control infrastructure costs and not need to charge you as much to deliver cached content to what in a majority of cases is not even a real human viewing content as a guest. (Did you know that basically 50 percent of ALL web traffic comes from bots?!) The value derived from serving that “live” is even further minimized.

It’s honestly gotten to the point where it’s not worth the effort to try and maintain.

You can put the full IPB system into maintenance mode from ACP - System - Settings - General Configuration. The second option is “Site Online”… set that option as off. You can even control the message users get during the time the site is marked as offline.

There is no sort of workflow management outside of simply selecting Going, Maybe, or Decline (at least that I can find after using it awhile). It would require some sort of customization to add the described functionality.

When you opened the topic did you go to the last page (or the one with the newest posts)?

This specifically is for cloud hosted customers. And no, the times cannot be adjusted up or down for cloud hosted customers as it’s managed at the IPS infrastructure layer.

Actually it's a great way to promote conversions/signups. "Want to see real-time conversations? Signup now for free and join in on the discussion!" Every post is not delayed by 15 minutes... it means the oldest the content for that specific page could potentially be is 15 minutes old. A page inside might have a version only 3 minutes old. Another page might be a "live" page that had not been served from cache at all. It depends on the specific edge server the end user connected to and if someone else in the last 15 minutes requested that same exact page as well. Think of it as a "worst case" scenario. Also... my community has around 400 people online at a time. (Around 500 right now.) There are not THAT many new posts in 15 minutes that it will make a tremendous difference honestly. But given this is the way the system is designed, it's not a bug. The official answer would be to make a suggestion to change this by posting in the feedback forum.

The link appears to embed correctly when I paste the URL into my own site. It's possible Reddit is blocking your server's IP for some reason or there is some sort of firewall preventing your server from reaching Reddit's oembed endpoint. I would start by making sure you don't have any sort firewall rules blocking you. If nothing is blocking you, try disabling all 3rd party resources and try again. It could also just be something on Reddit's side. For example: They might be blocking your server or something similar.

900 seconds...AKA 15 minutes. 🙂

If it is stopping working randomly and starting back again, it’s less likely to do with the code and more to do with the communication between your community and the SSO itself. Either a firewall issue, rate limiting, or something similar. IPB obviously is not changing anything (they can’t in the case of being self hosted) so something else would have to be occurring outside of the software stack for it to randomly start/stop working.

Google has its own cdn. You’re not really going to speed it up much. Can it help with other things that IPS does not have an integration for? Possibly! I’m simply cautioning about making things more complex than they need to be. For GA specifically, I did not see any sort of huge speed difference and I doubt others will. And unless there is some value in doing this in Zaraz vs the simple checkbox area of the ACP… I don’t know why someone would add an additional layer to manage with their site. My recommendation would be to use it if you can’t already do it through the tools you have available to you.

Typically Zaraz is used by those who have problems adding stuff to their website themselves. For example a marketing team who does not want to get the IT or website coding team to add the Google code for them. What are you looking for Zaraz to specifically do for you that can’t be done through using the ACP application to insert GA code? I personally would not suggest using it and just use the native method to do it just to keep things simple and not have to remember it down the road. In addition if you ever have to bypass CF for whatever reason, having it integrated there will cause an analytics gap since the code would stop being injected. Personally I just don’t see any value that it would bring that you can’t already get today.

Check out: It has some example code there for this. 🙂

Question 1… are you using LDAP authentication? Based on your post history, it looks like you are running some sort of automated scanning service against your site. A lot of the things you are describing/reporting sound like false positives. In order for IPS to help however, it needs a LOT more info. “CMS” is a rather large application. Simply saying there is a vulnerability somewhere in it is like saying someone is sick somewhere in the city of New York or London. What specific file? Does it reference what code is problematic? Under what circumstances can the exploit be triggered? I’m almost willing to bet what it is thinking is a vulnerability is actually not an issue and is either the scanner not understanding it or it is detecting a server configuration issue itself.

Personally I would not want this as a user. I use my phone, tablet and laptop all at the same time. There is no sort of built in functionality to prevent this behavior. There have been some third party resources that are designed to try and prevent account sharing but that is outside of the core software.

Jim, If that post was edited to remove the violation would they see the original version that was problematic? What would happen if that post was hidden or moved to a forum the user does not have access to?

That looks like an Akamai error code. It means their edge server was able to reach the origin server but the origin server itself responded back with a file that had no contents (a zero byte object). As noted, that would be a server issue. 🙂