Randy Calvert

When you are running PHP8… Have you confirmed your version of PHP8 meets all of the system requirements (aka run the compatibility checker while actually running PHP8). While running PHP8, have you used the tool in the support section of your ACP to disable all third party plugins, applications? Most often people find it’s a 3rd party application that causes problems.

4.7.4, which is the current release (as of Wednesday) of the IPB software REQUIRES PHP 8. 4.7.3 allows the use of PHP7.4.

It's funny... I used to work at a radio station for a number of years. I can talk to millions of people and not blink. But I'm VERY sub conscience about being seen on video (especially television)!

There is not a way to install an older version. In order to roll back, you would need to work with your hosting provider to install a backup taken prior to the upgrade if one was available.

The compatibility checker is simply checking to see if required PHP modules exist along with certain known settings (such as minimum memory) are met. It does not test to make sure those modules are working as they're expected. Just that they exist. It's assumed if they exist, your host set them up correctly.

Remember… the phpinfo output is not from IPB. It’s from PHP itself. Meaning it’s a server configuration issue. This is one of the challenges associated with supporting multiple concurrent versions of PHP. Some hosting providers have figured it out and do it well while others don’t necessarily do so. Unfortunately, it’s not in IPS’ power to be able to fix the server setup.

Blocks do get cached, and I don’t believe there is a way to disable it.

This was a message sent via the “contact us” button on the bottom of your forum. The default behavior is to send those messages to the admin via email. If you have the Commerce application and use the support ticket system, you could optionally configure the messages to be sent there.

Those are the cookies created by IPB. It would not include ones set by other third parties.

It is an attack attempt but it’s not successful. So it’s safe to ignore unless you’re using a WAF higher up in your stack that should have caught the XSS attempt and you go about tuning the false negative there.

Hi Marc, This was changed, but it looks like it is still not working correctly: My CIC instance shows this, and a fresh vanilla install on localhost confirms it as well.

And I have a sneaking suspicion one of the IPS techs is cursing PHP8. 😄

I would generally recommend to ask your host to disable mod_security for your website. They can turn it off for your site without effecting other sites on the same server if you're on a shared host. If you're on a VPS, it would be even safer as there is no possibility of other impact. Generally mod_security causes more problems than it fixes in my opinion.

You can force an upgrade check by going to ACP - System - Site Features - Applications Click on “Check for Updates”. This will check for core updates as well as for updates to third party resources installed through Marketplace.

Look in the ACP support area. I believe it would log an error there that would contain a more useful set of details of what is going on.

This depends on the logic within the template. The one working may not be accessing the problematic part of the code this never trigger an error. Unfortunately IPS does not offer support regarding custom templates. If you’re not comfortable troubleshooting them, there are 3rd party resources available that have Pages expertise. The link below filters known developers to those that have specific expertise with Pages. https://invisioncommunity.com/third-party/providers/?csrfKey=9c8c2aa561a6c7a9638d13ebd1fce539&advanced_search_submitted=1&sortby=primary_id_field&sortdirection=asc&content_field_124[1]=7 @opentype I know is great with the Pages application… he is able to make it sit-up and do tricks.

That’s what it does… but in most cases, guests don’t need a true “live” view. By setting it to 30 seconds, if you did not have tons of users in the site, that cached page would never get re-used. You spent a bunch of server resources writing that page to disk that never got used because no one was really accessing it within the next 30 seconds. Think of it this way… Google bot comes to your site. It starts on the homepage. That’s now told your server to not just deliver that page to Google but make a version of it for offline use and to hold onto it for 30 seconds. The rest of the time, Googlebot was not on your homepage. They were on the inside content of your pages. Triggering the same thing all over again creating a cached version that no one else ever accessed in the next 30 seconds. Is there some value gained by a guests like Google seeing data “real time”? Having content delayed a few minutes won’t make a huge difference for them. However if you honestly did feel it was critical… Instead of trying to cache at the server level that low, the page experience would be faster by not caching that base page at all. With a CDN, you also have the fact that each CDN POP is unique. Cloudflare has over 300 locations. This means if you have someone accessing content in LA, its cache timer is separate from the servers in Miami. (Each has its own timer based on how long it’s been since that specific server last accessed it.) Super short cache periods for base pages only help if you’re operating a hugely busy site like CNN, Wikipedia, etc. Also remember a CDN has an extra benefit over server caching… the CDN can cache most all objects. This means images, style sheets, JS, etc all can be cached for DAYS whereas the base HTML page might be cached for a few minutes. This can reduce origin bandwidth by 50-90 percent depending on how dynamic the base pages are.

Does that mean you're coming back? You miss being a part of the action and need to be in the thick of things again?!

I personally was able to use the "Auto Minify" JS, CSS, and HTML without issue. This is somewhat dependent on your theme though if it will work without problems, so if you attempt to use it: Enable feature Clear cache Wait a minute Browser around your site a minute Repeat prior step to make sure nothing looks unusual In addition to Auto-Minify, I personally also enabled Brotli and Early Hints. Brotli is a compression algorithm that is designed to make objects smaller before they're transferred from the server over the internet. Early Hints is not going to be a big game changer in its current state. But the future state of the dynamic early hints will make more of a difference. It does not hurt in any way to have it enabled. ANY little benefit that does not have a downside is good. 🙂

Anytime! We have some great developers here... @Adriano Faria and @DawPi have both done great custom projects for me.

You can TRY simply removing the resource from the applications folder. However there is a chance it causes problems with upgrades, etc as it can still have database modifications. The safest bet would be to hire an another 3rd party resource developer to assist you. They can look at the code to see what is going on and the safest way to remove the application You can find several at: https://invisioncommunity.com/third-party/providers/

That’s a question you’ll need to pose to the resource author as they’re the only one that knows how it is setup, if it’s making database calls (if so, what is done), etc.

If you (or anyone in support) used the support tool to disable third party resources, that would have included ads as well. In terms of the ask for better tracking, that would be good to post in the Features and Requests forum so that it is not lost.

As per: BBCode was deprecated in the IPB platform back in like 2020. It is not possible to add custom bbcode, and parsing of bbcode itself is officially depreciated. In fact, if you enable support for parsing it gives the following warning: