Jump to content
Invision Community


  • Content count

  • Joined

  • Last visited


About barney2229

  • Rank

Recent Profile Visitors

2,955 profile views
  1. WhatsApp - Site Promotion - Sharing

    I tried and failed maybe someone with experience. I had the button on my site but I cannot get the skin to display at the same time.
  2. WhatsApp - Site Promotion - Sharing

    I'm looking at creating my first hook it works on android in fact I don't have IOS like I said that was just a quick rough test to see if it worked. I'm thinking about hook with a small floating button in the mobile skin to share the current page via whatsapp
  3. WhatsApp - Site Promotion - Sharing

    Actually looking more into this I have just implemented it quickly to my site via mobile. Needs some work but I added <div class="right"><a href="whatsapp://send?text=JustATest"><img src="//phoneunlockserver.com/images/whatsapp.png"/></a></div> To my mobile skin after {parse template="defaultHeader" group="global" params=""} </if>I think it's better than relying on external websites and javascript
  4. Login with username

    Thank you both
  5. Login with username

    Hello, how can I change the log in from email to username? I cannot find it and I hate the idea of logging in with an email Thank you
  6. Hello, is there any info for server side file/folder permissions? Most of the folders and files have changed so it isn't the same as the ipb3 install instructions. Apologies if I have missed them Love the beta btw Thank you
  7. v3.x & v4 + NGINX

    That is great thank you, and again sorry for posting in an old post. I will be using the posted information as well as other guides/knowledge I've learnt. Best regards
  8. v3.x & v4 + NGINX

    CentOS , PHP-FPM Installation Instructions Debian file, CentOS NGiNX Configuration Now that you have both NGiNX and PHP-FPM up and running, we can move on to configuring the web server. First, let's make some small adjustments to /etc/nginx/nginx.conf, user nginx; worker_processes 4; error_log /var/log/nginx/error.log error; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server_tokens off; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; keepalive_timeout 30; #gzip on; include conf.d/*.conf; } There's not much to say here. Increase worker_processes from the default of 1 to however many processor cores your server has. For example, if your server has a single quad core processor, set this value to 4. I've also changed the error_log directive to only log errors. Now let's move on to configuring your IP.Board website. Use this as your base template for /etc/nginx/conf.d/ipboard.conf, server { listen 80; server_name yourdomain.com www.yourdomain.com; root /srv/http/yourdomain.com/root; # Basic web server configuration. index index.php #access_log off; client_max_body_size 1G; # GZIP static content not processed by IPB. gzip on; gzip_static on; gzip_http_version 1.1; gzip_vary on; gzip_comp_level 3; gzip_proxied any; gzip_types text/plain text/css application/json application/x-javascript application/xml application/xml+rss text/javascript application/javascript text/x-js; gzip_buffers 16 8k; gzip_disable "MSIE [1-6].(?!.*SV1)"; # Set up rewrite rules. location / { try_files $uri $uri/ /index.php; } location ~^(/page/).*(.php)$ { try_files $uri $uri/ /index.php; } # Stub Status module location /server_status { stub_status on; #allow; #deny all; } # Deny access to hidden files location ~ /. { deny all; } # Mask fake admin directory location ~^/admin/(.*)$ { deny all; } # Secure real admin directory location ~^(/nimda/).*(.php) { #allow; #deny all; #auth_basic "Restricted Area"; #auth_basic_user_file $document_root/nimda/.htpasswd; fastcgi_pass unix:/var/run/php-fpm/ipboard.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } # IP.Board PHP/CGI Protection location ~^(/uploads/).*(.php)$ { deny all; } location ~^(/hooks/).*(.php)$ { deny all; } location ~^(/cache/).*(.php)$ { deny all; } location ~^(/screenshots/).*(.php)$ { deny all; } location ~^(/downloads/).*(.php)$ { deny all; } location ~^(/blog/).*(.php)$ { deny all; } location ~^(/public/style_).*(.php)$ { deny all; } # Caching directives for static files. location ~^(/uploads/profile/).*.(jpg|jpeg|gif|png)$ { access_log off; expires 1d; } location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|htm|txt|swf|cur)$ { access_log off; expires 1w; } # Pass PHP scripts to php-fpm location ~ .php$ { fastcgi_pass unix:/var/run/php-fpm/ipboard.sock; fastcgi_index index.php; fastcgi_buffers 16 8k; fastcgi_buffer_size 16k; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include /etc/nginx/fastcgi_params; } } There are a lot of things to cover here. First things first, replace yourdomain.com www.yourdomain.com in the server_name directive with your forums domain name. Include both the www and non-www version of the domain as above, regardless of which you actually use. You'll also need to replace yourdomain.com in the root and error_log directives. Next, let's cover where we're going to be installing the forum to. You'll notice I'm not using a /home/someuser heirachy as you're likely used to. There are two main reasons for this. Neatness and security. If you have your own server, you should keep your personal user account seperated from the actual web server. This is simply good practice in general. /srv/ on the Linux filesystem is for site-specific data which is served by the system. On all of my servers, I use a /srv/http/{host}/{subhost} hierarchy. "root" referrences the domains root. If you ever host another service on your forum (such as a wiki at wiki.yourdomain.com), you could store it in /srv/http/yourdomain.com/wiki Let's go ahead and set this up for your IP.Board website now. Remember to replace yourdomain.com! mkdir -p /srv/http/yourdomain.com/root useradd --system ipboard groupadd --system http gpasswd -a nginx http chown -R ipboard:http /srv/http/yourdomain.com If you want to disable access logging on your site to reduce disk load, just uncomment the access_log directive under the basic web server configuration section. Either way, we'll be setting NGiNX up to not waste log entries for static resources further down. Now adjust client_max_body_size to the maximum allowed file size users can upload to your site. So if your highest allowed upload size for any of your members anywhere on your site is 750 MegaBytes, set this to 750M. Next, we get into configuring rewrite rules. There's nothing you really need to do here. All we have to do with NGiNX is pass a try_files directive, which is better than relying on the rewrite method required with Apache. The Stub Status module allows you to see how many active connections your server has by visiting yourdomain.com/server_status. If you have a static IP address, you can set it up to ensure that only you will have access to this page, though leaving it public isn't really a vulnerability. Next, we want a secure installation, right? So that means we're not going to be using /admin anymore. Come up with something creative that you can easily remember to replace /admin. The example above uses "nimda" (which is just "admin" backwards), so replace that with whatever you come up with. Going a step further, there are two primary ways you can further secure your ACP. The most secure way would be to only allow connections from your IP. Though this will obviously not be feasible if you or another one of your administrators have an IP that constantly changes. If you do have a static IP that you can use, however, uncomment the "allow" and "deny" lines while adding an allow directive for your IP address bellow allow The second option is to use .htpasswd authentication. IP.Board has a built in function to set this up for you in the security center. You can configure this after installing your forum. After creating the .htpasswd file in your ACP, all you will need to do is uncomment the auth_basic directives and restart NGiNX. The caching directives are split for user avatars and everything else not processed by IP.Board. I have avatars set to expire after one day. For everything else it's one week. Feel free to adjust this to your own personal prefference. PHP-FPM Configuration On to PHP-FPM! First, let's go ahead and get rid of the default/example configuration we don't need. This is /etc/php5/fpm/pool.d/www.conf on Debian and /etc/php-fpm.d/www.conf on CentOS. Now, create a new file replacing www.conf with ipboard.conf and using this as the base template: [ipboard] ; Set the prefix directory and the user/group to run under prefix = /var/run/php-fpm user = php-fpm group = http ; Configure listen(2) directives listen = ipboard.sock listen.backlog = 4096 listen.owner = php-fpm listen.group = http listen.mode = 0660 ; Set up the process manager pm = static pm.max_children = 10 pm.max_requests = 250 pm.status_path = /fpm.php ; The timeout for serving a single request. Prevents runaway scripts. request_terminate_timeout = 5m ; Only execute .php scripts. chdir = /srv/http/yourdomain.com/root security.limit_extensions = .php ; Environment variables. ;env[HOSTNAME] = $HOSTNAME ;env[TMP] = /tmp ;env[TMPDIR] = /tmp ;env[TEMP] = /tmp env[DOCUMENT_ROOT] = /srv/http/yourdomain.com/root ; PHP flags and security directives for just this site php_flag[display_errors] = off php_admin_value[open_basedir] = /srv/http/yourdomain.com/root:/tmp:/usr/bin php_admin_value[disable_functions] = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink php_admin_value[upload_max_filesize] = 1G php_admin_value[post_max_size] = 1G First, replace all instances of "yourdomain.com" accordingly again. Next, let's go ahead and set up everything we need for PHP-FPM to run properly, mkdir /var/run/php-fpm useradd --system php-fpm chown php-fpm:root /var/run/php-fpm You can skip creating the directory on CentOS, as it will have already been created, but you will still need to apply the new permissions. Finding the optimal setting for pm.max_children is a bit of trial and error. I have it set to 10 as a default. You may need to increase or lower this setting depending on how constrained your server is and how much traffic your site receives. IP.Board tends to use an average of about ~52MB per process for me. So if you have 2GB of memory to spare on your server after accounting for MySQL and any other services you run, you could probably safely support up to 35 static processes, though you may not need nearly this many. Setting this too high may result in your server running out of memory, so be careful. At this point, let's go ahead and test to make sure everything works. (Use /etc/init.d/php5-fpm restart for Debian) /etc/init.d/nginx restart /etc/init.d/php-fpm restart No problems? Good! Problems? Double check your work and check your error logs. Let's create /srv/http/yourdomain.com/root/test.php as a test file with a simple phpinfo() call, <?php phpinfo(); ?> Now visit yourdomain.com/test.php. You should see a PHPINFO page containing the open_basedir and other directives we set. If you don't, you did something wrong. Go back and review. If all is well, delete the test.php file. (Really, delete it. Security audit tools scan for files like this, and you don't want to needlessly expose your server information to malicious parties.) Setting Up IP.Board If you're setting up a new IP.Board website, you'll need to install mysql-server, set up a new database and so on. There are plenty of resources available for learning how to do this if you don't know how already. After you copy your entire forum directory into /srv/http/yourdomain.com/root, we just need to set up proper permissions, chown -R ipboard:http /srv/http/yourdomain.com httproot=/srv/http/yourdomain.com/root find $httproot -type d -exec chmod 0750 {} ; find $httproot -type f -exec chmod 0640 {} ; find $httproot/{uploads,cache,downloads,hooks,screenshots,blog,public/style_*} -type d -exec chmod 0770 {} ; find $httproot/{uploads,cache,downloads,hooks,screenshots,blog,public/style_*} -type f -exec chmod 0660 {} ; If you haven't already, rename your /admin directory to whatever you chose earlier. Afterwards, create the following constants.php file in your forums root, replacing "nimda" appropriately, <?php define( 'CP_DIRECTORY', 'nimda' ); ?> Update the permissions, chmod 0640 constants.php chown ipboard:http constants.php And that's it! IP.Board should be up and running. If you're having trouble, review all of the above steps and check your error log (/var/log/nginx/error.log). If you need help setting things up, feel free to shoot me a message as well. I can try and help in my free time. Hello, I know that this is an old post (Blame Google & SEO ;)) However is this information still valid? I am going to reactivate my IPB licence in the next couple of days due to 3.4.7 release and besides the point in february I am going to start hosting my own site at home. (Sick of hosting restrictions) I am doinga lot on research on this at the moment and for me Nginx seems the way to go. I will be doing testing next months onwards to get ready for the February switchover so if there is any out of date information in this would be good to know :) I will be doing things slightly different I will be using Ubuntu 12.04 but still Linux :) Best regards
  9. Does anyone have the images which we're hosted on imageshack? Thank you
  10. 3.4.2 Fixed

    Just want to say thanks for the recent update. I refrained from opening a support ticket as I was aware 3.4.2 was just round the corner. The latest update fixed my bbcode issues and other issues I was having. Thanks again :)
  11. Fake AdminCP

    Is this not compatible with htaccess password? When I have htaccess password on my /admin_secret/ then I cannot access the fake acp When I rename the /admin/ folder then I get htaccess password prompt on accessing /admin_secret/ Thanks
  12. Fake AdminCP

    Don't worry about "Unauthorized" It was because my .htaccess password :) Is this mod compatible with .htaccess passwords?
  13. Fake AdminCP

    Where can I download 2.2? There is only fake admin, 2.0 and 2.1 Also when I log out of the forum and try to see error page it just says "Unauthorized" No ACP or anything Thanks