Svetozar Angelov

Thanks! I installed the patch.

Yes, I understand this well, but I can't log into the forum because google authenticator is not working and has blocked access.

Could you tell me how to log in to the forum?

Exactly. It's not a big hole, it's a small hole that exists super annoyingly on a paid platform. When there is a problem, it should be canceled, not determined how big it is. Isn't that what we pay for? Do we have to totally crash the whole forum to accept a hole in the IPS software. Or are we writing on a WORD platform that is infested with spam? Please, read carefully before writing. There are many people with this problem. Did you write the IPS software to assert if there are holes or not? How will you respond to an attack on user accounts only? Maybe spam bots are choosing between admins, moderators and regular members with emails? Or are you saying that admin emails are very special and absolutely secure? Exactly. It's not a big hole, it's a small hole that exists super annoyingly on a paid platform. When there is a problem, it should be canceled, not determined how big it is. Isn't that what we pay for? Do we have to totally crash the whole forum to accept a hole in the IPS software. Or are we writing on a WORD platform that is infested with spam? Please, read carefully before writing. There are many people with this problem. Did you write the IPS software to assert if there are holes or not? How will you respond to an attack on user accounts only? Maybe spam bots are choosing between admins, moderators and regular members with emails? Or are you saying that admin emails are very special and absolutely secure?

Can you specifically say what exactly you have seen on our forum that makes you think the problem is not with your software.

It's good that you're taking a stand in the conversation without knowing what it's about at all. It is good that before you write things that do not concern me about banking spam, you should carefully read what the problem is, which I will describe again for the slow under-stander. The problem is from the month of March, affecting many forums and colleagues, and before that we did not have such a problem before the last update. The breach is on existing accounts that actively participate in the forum. If it's spam/bot it will come in and spam the whole forum in minutes. How to prevent users who are active from changing their passwords. That, of course, didn't help. Now I have logged out all users at once and request all of them to reset their PW. How coincidental that many colleagues who are customers of IPS have had this problem since March. Probably the spam/bots have agreed to do this since March. What we suspect, along with a lot of people, is that the IPS are telling us generalities without really understanding the issue, which is a breach with the March security update, and they're probably buying time to figure out exactly what's going on.

We have taken enough measures, I ask that you now take measures and look very carefully at the code from the beginning of March, because we have not had such problems before. It is clear that precisely from this period the problems with spammers on the IPS platform started massively. I can't sit all day and clean the forum of spammers after the version is paid for and obviously the problem is yours.

Despite all the measures taken, today there was again spam in our forum, which is extremely annoying to me and the users. I'm sure you have a bug in IPS that occurred after an update from the beginning of March. Our problems continue. 😣

As a result of my post, I received the following messages from fellow IPS users: Surely IPS should check our case thoroughly. As I have been a customer of IPS for over 10 years, and I am sure there is a problem.

Strange, when registering I get the following message:: hCaptcha has failed to initialize. Please see the developer tools console for more information

Thanks. All spam measures have been taken since before. We also moved on hCAPTCHA. I hope this scourge stops.

Ok, so what solution do you propose specifically? How can we protect ourselves from this and fix the problem that depends on us?

Your example with the policeman is absolutely irrelevant! This is about an exploit in user accounts. And how many forums have already complained about it. Do you want to register in Cyrillic with a question who wrote the national anthem? Since the last update in March, the breakthroughs started. It is clear where the problem comes from. When your forum suffers, you will know about the problem. I'm sure.

I asked quite a few software professionals. They claim the opposite of your opinion, because we changed the passwords to very difficult ones and they are still breaking into user accounts. We suspect Exploit. Please, check your code, because this problem appeared in early March and quite a few people from Invision Community are complaining about the problem.

We had the same problem in our forum. Please give a solution.