The Old Man

I just finished AHS:1984 last night and felt so old after watching this perfect homage to the 80's. In fact I found out afterwards that I can't go to the 'fortress of solitude' (the bathroom) for some peace and quiet without hearing Billy Idol's "In the midnight hour, she cried... more, more, more..." in my head, over the tinnitus. (Now you have to suffer that 80's ear worm 👂🐛 too). Then I read this blog, and now I feel, even older!
Great entry Matt and perfect way to finish the year and decade.
With you since Ikonboard. For better or worse.

I just finished AHS:1984 last night and felt so old after watching this perfect homage to the 80's. In fact I found out afterwards that I can't go to the 'fortress of solitude' (the bathroom) for some peace and quiet without hearing Billy Idol's "In the midnight hour, she cried... more, more, more..." in my head, over the tinnitus. (Now you have to suffer that 80's ear worm 👂🐛 too). Then I read this blog, and now I feel, even older!
Great entry Matt and perfect way to finish the year and decade.
With you since Ikonboard. For better or worse.

Example better layout for commerce shop. 
bigger item image, with left and right arrows to switch through the item images when open in Lightbox.
commerce needs an overall to be more modern looking store.

Hope they've added RSS Import into Clubs to generate activity!

Hope they've added RSS Import into Clubs to generate activity!

Thanks for this, yes I think we've asked for RSS Import into Pages with proper image handling since IPContent was probably released! It's great to see it finally arrive. Nice.
Combined with services like Zapier and Feedly, there must be a lot of great possibilities aside from importing news feeds.
 
The only thing I can see is that Gallery is missing out on the integration party, it would be a nice workaround for the lack of a backend bulk import tool and you could combine Image RSS feeds with Gallery in some good ways, such as selective Flickr or DeviantArt, featured background wallpaper site feeds etc. Once they are in Gallery or Pages it would be nice to be able to feed them into the IPS Carousel/Slider. 

Thanks for this, yes I think we've asked for RSS Import into Pages with proper image handling since IPContent was probably released! It's great to see it finally arrive. Nice.
Combined with services like Zapier and Feedly, there must be a lot of great possibilities aside from importing news feeds.
 
The only thing I can see is that Gallery is missing out on the integration party, it would be a nice workaround for the lack of a backend bulk import tool and you could combine Image RSS feeds with Gallery in some good ways, such as selective Flickr or DeviantArt, featured background wallpaper site feeds etc. Once they are in Gallery or Pages it would be nice to be able to feed them into the IPS Carousel/Slider. 

I am very happy. We have written extended RSS for our needs that includes images and it seems that we can abandon it soon in favour of core functionality. Just perfect.
By the way, RSS is NOT dead. It's a magic way to get more traffic on your site, if you know how  Both ways: import other RSS channels into your project and export your own. 

Thanks for the welcomes! Can't wait to start implementing some nice updates into Invision Community for everyone in future versions. Stay tuned! 🙂 

We're listening and discussing internally.

As above, when Chrome is set to dark mode, the ACP looks great already.

We're ahead of the curve. In MacOS 11.0 they are going to add an "UltraBrite" mode to combat eye degeneration caused by squinting at black screens.

If you set Chrome (I've not tested others) as dark mode, here's what the ACP looks like.

True. I forget. 😞 FA 6 will be out by then though!

Outrageous! I'll have you whipped with your own Ipad charging cable.
 

True. I forget. 😞 FA 6 will be out by then though!

iOS users logging into the ACP like....

Vampire
But the sparkly cool ones, like from Twilight.  

Invision Power Services: Making ACP warp speed look blindingly good. Or something.  
@Matt promised me that he had enough vegemite to feed the team to do a couple more updates in 4.5.      
Also, I recommend that you be promoted to our sound mixer for releases.  Your "BUM BUM BUM!!!" was on point.  Most people will be blind by then due to the ACP, but at least we can listen to you.

Congrats @Ehren H on the new theme for the ACP!  Can't wait until they let you loose on the front-end!  🙂  

Probably. 

True. I forget. 😞 FA 6 will be out by then though!

True. I forget. 😞 FA 6 will be out by then though!

They already said that this won’t come in points or releases like that. Wait it for IPS5.

I think I'm fortunate and the exception. All I ever seem to get via the Contact Form is 99% spam, and 1% genuine enquiries if I'm lucky!

The disabling PHP functions bit is pure security theater and does not increase the security of your site. If an attacker is capable of running arbitrary PHP code on your server due to some vulnerability, it's already game over. Restricting those functions does not in any way, shape, or form prevent them from doing whatever it is they want to do. Using functions that are required to be enabled just to make pieces of Invision Community function, an attacker can read/write files, read/write the database, and open sockets (network connections). The combination of these is plenty to establish a persistent backdoor and/or gain a foothold into your network to launch attacks elsewhere.
open_basedir is potentially a good idea though, depending on your setup. In places where you can safely enable it and enabling it won't break anything, it's a good idea to do so.
A better setup for securing PHP would be ensuring that the user account PHP is running as for your Invision Community install is unprivileged (i.e. not root) and is dedicated to your site (i.e. not a shared apache user). If you have multiple sites, run each site under a separate user account. Then, set up file permissions appropriately so that the user accounts have read-only access to their own files and no access to the files of other users. Directories that must be writeable, such as cache and uploads, should have script execution disabled via server config. This ensures that a compromise is unable to write backdoor scripts to your filesystem (although they can still manipulate the database), which will limit the damage an attacker can do. By manipulating the database, an attacker can still establish persistent backdoors into your site with certain configurations (for example, by manipulating cache entries if they're stored in the db or by creating a new admin account), so this is not foolproof. As I wrote above, if an attacker is able to execute arbitrary PHP, it's game over. The setup I described in this paragraph blocks some of the ways they can do that, but not all of them.

Nice blog article. This is a really good example of a useful, general best practice blog article which is great in particular for newbies, but can serve as a reminder in terms of more experienced admins, to perform a quick review as well. Things are always changing.
In fact I'd say IMHO its a little break from the trend of marketing/PR technobabble, although elements of that too are of course genuinely useful and sometimes food for thought.
One thing I've found in running a VPS using CentOS and WHM  in terms of point 8 and disabling dangerous functions is that disabling popen and proc_open can prevent server side software updates (like PHP Pecl/Perl/Pear extensions) from successfully updating. I find it handy to have 2 of 3 lines in my WHM > Software > MultiPHP INI > Editor config which can be quickly uncommented/commented out again when necessary (say updating an extension that requires proc_open), it saves on a lot of typing and remembering the list of functions especially when using a mobile device.
; This directive allows you to disable certain functions for security reasons. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = "show_source, system, shell_exec, passthru, exec, pcntl_exec, proc_open, popen" # disable_functions = "show_source, system, shell_exec, passthru, exec, pcntl_exec" # disable_functions = "show_source, system, passthru, pcntl_exec"  (My list here is probably different to the one in the Blog article.)
Re perhaps increasing the HTTP Content Type options in IPS, they could be useful but if you've set them server-wide already, I'd be wary in case its possible that you could be overwriting the http.conf server level config.