PPlanet

It would be good to be able to ignore all topics that share a particular tag. For example, imagine if there was a NSFW (Not safe for work) tag, and people would be able to ignore all topics that contain said tag somehow. In fact, I'm somewhat surprised such a feature does not exist even as a third party app.

13 minutes ago, Adriano Faria said:

This app doesn’t control the “time” it sends the email. That’s up to the server (queue, etc). You click in button, it runs the script and the email is sent. That’s the end of this resource flow. What happens after that, isn’t controlled by this resource. Btw, the version before the latest only added a checkbox in the form. Nothing else changed.

I tested and I received the email. Will test it again later and will reply back.

Sorry, I didn't express myself correctly. I simply meant to say that it doesn't send an email as well, even if it's selected to do so in the settings. I also configured it to send emails without creating a topic in the forum, and no luck either.

Now, I'm still running 4.7.6, so maybe that's the problem. I can wait until I upgrade and try again.

I hate to bother again so soon but I think there's something still not working at least for me.

As it happens, it does work well creating topics in a subforum, but it doesn't seem to send emails at the same time to the selected group nor to any additional email address you could add in the admin settings.

8 hours ago, Adriano Faria said:

 

What's New in Version 1.3.7:

• Fix: https://invisioncommunity.com/forums/topic/419306-contact-us/?do=findComment&comment=2925589
• Fix: https://invisioncommunity.com/forums/topic/419306-contact-us/?do=findComment&comment=2925880

All good now for me. Thanks for the update.

Hi @Adriano Faria, it looks like since the upgrade to 4.7.6, two weeks ago or so, my Contact form is not working and I had not realised. It shows a confirmation as sent to whoever sends the message but it doesn't come through.

I'm using it with topics created in a subforum and an email notification to admins.

I don't have any extra field.

Cheers.

3 minutes ago, Randy Calvert said:

That most likely means the post was moved somewhere non-public or was hidden. The folks in the community won’t know why. 

Yes, (I think it's just an old "community support" style forum) but maybe someone here knows a solution to the main question which is: How to search posts made by guests?

I'm trying to access this old topic of mine:

https://invisioncommunity.com/forums/topic/379256-how-to-search-posts-made-by-guests/?do=getNewComment

(How to search posts made by guests?)

It says that I have to log in as a client, which I have but it still doesn't let me see it.

I remember that the solution was pretty good by moving all guest posts to a particular subforum via a database query. If anyone knows the (or a) solution I'd appreciate if you could post it here. Thanks.

17 minutes ago, Luuuk said:

Yes, we already know that the old previously legit accounts suddenly are "re-used" in the attack.

Yes but I understood that Marc was saying that they had been created for this purpose  (spam). Hence why I mentioned the case of one of my users with many posts from before whose account appears legit. 

2 hours ago, Luuuk said:

@PPlanet

Actually one the spammers IP is classified as doing "brute force" attacks (scroll to the log sample) on many available forum platforms so it not only related to Invision.

Yes, I know it’s not exclusive to IPS. But I don’t think it’s a case of spammers creating accounts at different years and leaving them dormant until now. They are gaining access to someone else’s accounts. There was a failed attempt of brute force on my site where the legit owner of the account confirmed it wasn’t him. But I think that this scale of log ins across so many sites corresponds more to some dump of credentials somewhere.

1 hour ago, Marc Stridgen said:

Not unless they actually had the password to an account of course. ie, it has been on a list from someone using the same password in multiple places. The best way to prevent this is to use 2 factor authentication, and force those users to change password

I believe that’s the case, people using the same password across many sites, and there has been a leak in one of them.

That said, it has stopped on my site. I had like 5 cases in total. I forced those accounts to change passwords and banned the IP in question. 

5 minutes ago, Marc Stridgen said:

I would ask first of all, what leads you to believe they were hacked? As you can see in the message above, it does seem dormant accounts were registered on a lot of sites, which were all posted from in the last few days.

I wonder though, as one account of these on my site had a history of normal posting with 31 posts between February 2017 and August 2020. All posts are on topic. No spammer would go into that trouble.

3 hours ago, Xeite said:

I have similar problem since like a week or two, same type of spam. From old and recent forum users. I'm not sure what to do, and why I have this.

I'd say, ban that IP address to start with (They may get another one though but it will slow them down). If you don't use Cloudflare you can ban IP addresses in your .htaccess file.

Also force the users whose accounts have been hacked to change password (click to change their passwords yourself and there you'll find that option)

6 hours ago, Grant_B said:

We had the same start at the backend of last week prior to updating to 4.7.6 so I don't think it's linked to the update, just coincidental timing.

That's correct, I can confirm that too. It started before I upgraded to the latest version.

I have the same on my site. Maybe just a coincidence but one legit member whose account got locked for failed attempts replied to the automatic message to say it had not been him, so that made me think of brute force, but people using the same password elsewhere with a leak sounds more probable. 

I’m afraid that I’m not familiar with that layout. If it’s a theme you bought from someone, you may want to ask the author.

6 hours ago, Kalum Cavazos said:

Thank you. I think I finally figured it out. 
 

you wouldn’t happen to know how to make the home page where it spans the whole page?  For example I have a block on the left or right (sidebar) that I can not get rid of in the home page. I jut want that to either move down or not be in the page. 

Well, generally the sidebar only shows if you have any blocks or widgets there. I don't know if you use IPS default theme, but in that case you can edit the blocks on the page. To the left of the page there's a little rectangle with an arrow inside pointing sideways. Click on it and the page switches to edit mode, and you can delete the blocks on the sidebar.

Not sure if that's what you are asking though.

8 hours ago, Kalum Cavazos said:

How do i set the main landing page of my site to not be the fourm page.

 

What is your landing page? Is it part of the Pages App or is it the app actually called Landing Page?

In any case, go to Applications and find the app in question. To the right you'll see there are stars icons, click on it. Please see example below:

Just now, All Astronauts said:

Let me brain this a bit...

Thanks!

And to add more complexity to the question, I'd need the above but also the capability your app gives to move the "Mark site read" link to the dropdown menu. 🙂

Hi @All Astronauts, I'm upgrading my forum, so I'm also making the switch from the plugin version to the app one, which I bought a few minutes ago.

Is there a way to avoid the native breadcrumbs template being replaced? Reason being is that I've edited IPS breadcrumbs template to have three links there like this here below:

I can't remember how we solved this with the plugin version (as surely I ran across the same problem) but in the back of my mind I seem to remember you sent me an alternative version. But gone are the days of that being possible with the new installation method; so anything you could think of to make this possible?

Cheers!

3 hours ago, Marc Stridgen said:

No probelm at all 🙂 Hope you manage to get sorted

All sorted with the new version of the app. Cheers!

13 minutes ago, Marc Stridgen said:

Only the author can answer that question, but yes it should do. The issue is that its not compatible with PHP 8

Okay, thanks Marc. I have already contacted the author. Cheers!

1 minute ago, Marc Stridgen said:

There is a fatal error being thrown with the reviewsystem application, despite it being disabled unfortunately

Okay, it's not the sort of app I can uninstall as I'd lose all the content. You reckon that if I upgrade it, that could solve the problem? (I would need to ask the author for a new version in any case for it to work with 4.7.6, so no harm in trying I guess).

18 minutes ago, Marc Stridgen said:

The admin details there appear to be incorrect. Please could you check these?

Sorry for that, I have saved them again and logged in to the ACP with them successfully. Please try again. Thanks.

1 hour ago, Marc Stridgen said:

We would need to look further into this for you, however the access details on file appear to be incorrect or missing. Could you please update these details by visiting your client area, selecting the relevant purchase, then clicking "Review/Update Access Information" under the "Stored Access Information" section. 

We look forward to further assisting you. 

 

Thanks Marc. I have updated the info. Any problem please let me know.

2 hours ago, Jim M said:

I would suggest contacting your hosting provider to assist in obtaining the 500 Internal Server Error log. Often, these can be outside of cPanel, depending on the host.

Hi Jim, this is what they sent me:

[Wed Jan 11 11:33:24.142989 2023] [:error] [pid 3981413:tid 47183587997440] [client 1XX.69.62.6:31730] SoftException in Application.cpp:261: File "/home/xxxxxx/public_html/forums.xxxxxx.com/index.php" is writeable by group
[Wed Jan 11 11:33:28.384657 2023] [:error] [pid 3981408:tid 47183609009920] [client 1XX.69.62.7:45302] SoftException in Application.cpp:261: File "/home/xxxxxx/public_html/forums.xxxxxx.com/index.php" is writeable by group
[Wed Jan 11 11:33:28.387403 2023] [:error] [pid 3981408:tid 47183609009920] [client 1XX.69.62.7:45302] SoftException in Application.cpp:261: File "/home/xxxxxx/public_html/forums.xxxxxx.com/index.php" is writeable by group
[Wed Jan 11 11:33:29.842050 2023] [:error] [pid 3981412:tid 47183604807424] [client 1XX.69.62.7:45318] SoftException in Application.cpp:261: File "/home/xxxxxx/public_html/forums.xxxxxx.com/index.php" is writeable by group
[Wed Jan 11 11:33:29.845165 2023] [:error] [pid 3981412:tid 47183604807424] [client 1XX.69.62.7:45318] SoftException in Application.cpp:261: File "/home/xxxxxx/public_html/forums.xxxxxx.com/index.php" is writeable by group

I made the permissions identical to the index.php file of my live site which is 644, but unfortunately that hasn't solved the problem.

9 minutes ago, Jim M said:

I would suggest contacting your hosting provider to assist in obtaining the 500 Internal Server Error log. Often, these can be outside of cPanel, depending on the host.

Okay, I'll try. Thanks.

Actually I found the server errors logs in CPanel, and there's nothing from today (after the upgrade) either.

It has two parts, in the one that says Latest web server error log messages: the latest error is from yesterday and concerning another subdomain.

And in the part that says Latest suEXEC event log messages: it has some entries from today like:

[2023-01-11 11:32:37]: uid: (1003/xxxxxx) gid: (1005/xxxxxx) cmd: ea-php80

(I've replaced here the account name with x's, and I don't know if those are from before or after the upgrade. Not sure if they have any relevance or if they are just entries)