dtwood01

I'll see if the latest user can supply the info.

We have tried on several occasions to replicate it to no avail. We have even replaced some of the questions with new after the first couple of complaints thinking there might have been some bug. Still receiving complaints every so often.

Over the past few months we have seen an uptick of users reaching out via our contact form and stating that they are unable to complete the Question & Answer challenge. The questions we ask are very simple. Ex: "What is the third letter of the 5th word in this sentence." to which the answer is of course t or T. The users almost always provide the answers in the contact email to us for all of the questions, the language in the emails do not lend themselves to be spam related, and when testing ourselves, we are able to create accounts and successfully complete the security challenge. What could cause users to fail this challenge, even when answering them correctly? Has anyone else had this issue?

Download permissions were turned off for all users within that specific topic for some reason. Thank you for your patience and the information

Thank you for the reply, Marc. Wondering what I'm looking for within ModSecurity to check for issues as this is new to me. This is listed under ModSecurity Configuration in WHM

When users attach a pdf document to a post, no other user can view that document except the uploader. All others, when attempting to access, see the following... "This attachment is not available. It may have been removed or the person who shared it may not have permission to share it to this location." I checked permissions for the group the users are in and I'm not seeing anything regarding ability to download or view pdfs. Images work fine. Does anyone have some guidance on this? Thank you for your time

Great, thank you! We've got backups for sure. We'll put old items into an archive directory before completely deleting to make sure everything is working properly.

Good to know, here is a screenshot of other directories inside public_html/forum.

Hey all, very recently we received a notification from our WHM that there were two file paths to ipb_converge.php files that were flagged as malware utilizing SQL injection. Taking a look at both of these files, they are both identical, and all lines of code seem to be very well documented. They also have not been touched or modified since 2012, so we're wondering if they're in the right place or even necessary. It also seems odd that one of them resides within a css folder structure. Happy to provide any additional information, just seems odd that they're being flagged just now. Paths to files, just to know if they are actually in the proper place: public_html/forum/public/min/ipb_converge.php public_html/forum/public/style_css/ipb_converge.php

I'm receiving the following in my response. My community url is correct, is that not the right path for /core/members? Not Found The requested URL was not found on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.

Thank you for the response. I'm receiving no curl errors with the below. <?php $communityUrl = 'http://poolspaforum.com/forum/api'; $apiKey = 'mtapikey'; $curl = curl_init( $communityUrl . '/core/members' ); curl_setopt_array( $curl, array( CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HTTPAUTH => CURLAUTH_BASIC, CURLOPT_USERPWD => "{$apiKey}:" )); if(curl_exec($curl) === false){ echo 'Curl error: ' . curl_error($curl); }else{ echo 'Operation completed without any errors'; } $response = curl_exec( $curl ); ?> <h1>Hi</h1> <p><?php echo $response; ?></p>

Just want to bump this. I'm still having issues and not sure where I'm going wrong. I'm following the instructions found here: https://invisioncommunity.com/developers/rest-api

I'm attempting to make a basic call to the api using the example code found in the documentation, and I'm not seeing anything resulting in the php echo. Can someone point me in the right direction? I have a basic grasp of php. I also am sure that the api key has access to api/core/hello as set in the AdminCP. <?php $communityUrl = 'https://www.poolspaforum.com/forum/'; $apiKey = 'myapikey'; $curl = curl_init( $communityUrl . 'api/core/hello' ); curl_setopt_array( $curl, array( CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HTTPAUTH => CURLAUTH_BASIC, CURLOPT_USERPWD => "{$apiKey}:" ) ); $response = curl_exec( $curl ); echo $response; ?> <h1>Hi</h1>