AlexJ

18 hours ago, Marc Stridgen said:

Please ensure your site can be accessed. At present we are getting access denied on your site, on both the front end and admin CP. Also ensure you are using the latest release.

It should be updated now. Had recently moved form to root folder and removed display name login. Please check now. Thank you. 

9 hours ago, Jon Erickson said:

I haven’t seen the screen before. Did you go to the IAM section of AWS and create a new user? If you did, this may be a new screen and I would just use third-party service.

Yes.  I have created new user. Screen seems changed because I google and other tutorials had different screen as well. 

Thanks for quick response. I will ask next step if I get stuck anywhere. - Thank you.

1. You should try this: https://github.com/major/MySQLTuner-perl  - Once you have DB uptime for 2-3 days. Change/tune and monitor. May be share the output of above. Do note: For joins it will ask you to increase join_buffer_size but you can skip that suggestion. Sharing my sample output:

-------- InnoDB Metrics ----------------------------------------------------------------------------
[--] InnoDB is enabled.
[--] InnoDB Thread Concurrency: 0
[OK] InnoDB File per table is activated
[OK] InnoDB buffer pool / data size: 8.0G/5.3G
[OK] Ratio InnoDB log file size / InnoDB Buffer pool size: 1.0G * 2/8.0G should be equal to 25%
[OK] InnoDB buffer pool instances: 8
[--] Number of InnoDB Buffer Pool Chunk : 64 for 8 Buffer Pool Instance(s)
[OK] Innodb_buffer_pool_size aligned with Innodb_buffer_pool_chunk_size & Innodb_buffer_pool_instances
[OK] InnoDB Read buffer efficiency: 100.00% (13346625516 hits/ 13346863880 total)
[OK] InnoDB Write log efficiency: 91.10% (11968155 hits/ 13136819 total)
[OK] InnoDB log waits: 0.00% (0 waits / 1168664 writes)

2. InnoDB - Yes. 

3. Install netdata. It's free and will help you with further details. 

https://www.netdata.cloud/

Example .. to monitor locks, Innodb stats, etc. 

4. Enable slow query logs - This way you can monitor which queries are taking longer.

Thanks! Interesting enough - i tried both yesterday night and didn't work. Today after clearing system cache worked. May be i need to start doing that often after the changes.

Hello,

What do you add as a password? Value or secret ID?  I tried secret ID in password for Microsoft login and it didn't work. 

Also document says - create expiry never..  but i don't see that option. I only see 24 months option.

https://invisioncommunity.com/4guides/members-and-groups/social-sign-in/microsoft-r302/

Is document outdated? Need help pls. Thanks.

Hi..

Which would be correct Access key selection for programmatic access?

6 minutes ago, Afrodude said:

My apologies, I am just helping you and IPS by confirming that we have the same issue. Also, this is a public support community not private. 

Anyway, I won't interfere with your support topic. 🙂 

This one is IPS support section vs community support is this one:  https://invisioncommunity.com/forums/forum/406-community-support/

You and me might be facing same issue, so I am fine with another topic link from this topic, so it's easy to track but I don't want to overlap the issue. Sadly, IPS doesn't have ticket system anymore to save their cost like old days.

Plus new support team, quickly put's issue on other application. I recently faced that during this error: 

https://invisioncommunity.com/forums/topic/471630-your-account-does-not-require-validation-user-login-error/#comment-2922819

Brilliant Discord Integration addon developer - mentioned it's not their issue but helped me to resolve the issue. IPS said it's the app error. Kudos to addon developer for helping to resolve the issue.

For me, as a user, I just need solution and not finger pointing. I hope you understand. Thank you!

Just now, Afrodude said:

If you notice, there are members who didn't validation their email address since 2005 (18 years ago) where we had zero third-party plugins or apps. We started using third-party since 2018. That app you mentioned wasn't even installed and it has nothing to do with background tasks, and it's to follow and track members.

Can i pls suggest to open your own support request? I don't want your issue to get mixed with mine. Thanks.

2 hours ago, Jim M said:

The license wouldn’t prevent it from working like this. 
Are you using CRON to run background tasks? If so, did you update CRON when you moved your site?

Using default since, i don't have much activity on site. Also can you look at license URL update.

I don't see any task processing error and noting in system logs. I have opened contact us to update site license from mysite.com/forums to mysite.com - As i moved content from forums folder to root folder. Does that cause any issue? 

For each users which I would like to delete, I see below message:

" Member has not yet responded to email change validation email "

I had to remove the email ID in screenshot because, I can't expose their email ID even thought they are 90% spam bots. 

Sadly their is no easy multi-select. Any other options to delete users in validating status with zero post? 

1 hour ago, Jim M said:

Rather than manually performing SQL query (which would be at your own risk and may invalidate future support of related items) I would recommend setting the value to automatically prune validating members in ACP -> System -> Login & Registration -> Registration tab -> Remove unvalidated members

 

It's set to 7 days. Somehow i still see members from 2022. So i don't think it's working. 

On 1/19/2023 at 11:52 AM, Li3D said:

Hi,

Sill have this error when for requires a prefix :

Default theme, app and core up to date 😞 

Have to agree with above - for prefix problem still exist. @Makoto 

Thanks! This worked.  Appreciate your help.

<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /
RewriteRule ^forums/(.*)$ /$1 [L,NC,R=302]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(js|css|jpeg|jpg|gif|png|ico|map|webp)(\?|$) /404error.php [L,NC]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

4 minutes ago, Randy Calvert said:

Try that rule without the first slash BUT right after the rewrite engine on directive. I think you’re hitting an order of operations issue. 

Sorry, I don't want to screw up.. so checking. Something like this?

<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(js|css|jpeg|jpg|gif|png|ico|map|webp)(\?|$) /404error.php [L,NC]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^forums/(.*)$ /$1 [L,NC,R=302]
RewriteRule . /index.php [L]
</IfModule>

I have 10 pages of validating users.. any easy way to delete them?

Sorry - it didn't work. Need from:

https://site.com/forums/files/file/38-silent/

TO:

https://site.com/files/file/38-silent/

1 hour ago, Randy Calvert said:

This was fixed in 4.7.6 which is already released. 

https://invisioncommunity.com/release-notes/

• Fixed an issue where Twitter Emoji no longer loads (The CDN providing the images shut down).

Make sure you’re running the latest release. 🙂 

Yup - already updated first day 🙂

2 hours ago, Randy Calvert said:

Step one is figuring out where the problem exists. If you remove cloudflare, does the problem exist?  If so you need to look in CF. If not, it’s something either in your server or software. But at that point you’ve cut your list of possible issues in half. 

To share an update: Issue was coming from Emoji's with maxcdns erroring out (resolved in latest version) and another issue is for profile. So I have to wait it out till IPS resolve the issue. 

Also your note in PM about additional calls for Profile Stats - helped. So thanks to you as well. Cheers. 

On 1/19/2023 at 10:23 AM, teraßyte said:

In an earlier reply I suggested testing with a version up to 4.7.3 and PHP 7.4 (as long as they had the files). With PHP 8 being much more strict, legacy upgrades are throwing all kinds of new errors for code that previously simply failed and/or worked silently.

I have marked your suggestion as solution, so it help others. Long live developers like you and the Angel on this forum who helped with 4.7.3 version, while I had given up because impossible to achieve without older version. I am not going to name him or else support team, might go after him. 

The whole problem is with PHP 8.1. Downgraded PHP cli to 7.4 and apache mod php on 8.1 so other sites worked fine. Rest all went smooth - not a single issue. 

Suggestion which you made should have come from IPS and little help with older version is what all I had asked for. Sad but true, IPS give run around for a simple solution. 

Moving the site from 'forums' folder to root folder. Can anyone help with htaccess 301 redirect, so old index content by google doesn't get mess up? Thank you. 

This is the current htaccess:

<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule \.(js|css|jpeg|jpg|gif|png|ico|map|webp)(\?|$) /404error.php [L,NC]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Most of the things are not applicable. I am not sure if you are trolling... or trying to help with odd suggestions.

Site is online, server location can't be changed - CF picks location nearest to you, caching is enabled (Redis), PHP is 8.1 with latest IPS version and I use dedicated server. 

10 hours ago, Unleashed2k said:

I am curious if anyone came up with a SQL query that is easy that can reset all user passwords not logged in since 2021?

Sometimes people don't have access to their email and password is stored in browser for many folks. U should avoid doing that. It will cause pain for a lot of members. 

4 hours ago, Randy Calvert said:

Yes, in that case...  it was most likely the user using the same password across multiple sites where another site had a data breach.  

+1 OR I see brute force attempts on week password from this IP's. I noticed that for 2 user accounts on our forums. When I asked them they had very week password, even though IPS default is moderate i believe. So we changed after 3 attempts account gets locked for 12 hrs. 

6 hours ago, Thomas Hop said:

We where thinking that a Google Captcha on Login maybe would solve te problem. Bot can't automatically login then (or maybe less). But is this possible in Invision?

That would be hard because Google Login in itself is direct auth - you are good to go. Only 3 options:

1. Word/URL filter based moderation

2. IPTable

3. If you have cloudflare - ASN bans. 

2 hours ago, Arthmoor said:

They tend to have IP addresses associated with registration from the same part of the world.

This is why you ban ASN. Banning CIDR's will do no good and eventually it will take toll on CPU consumption on your server. However, if you do ban IP address, make sure to block at PREROUTING / RAW so it's quick and fast.