ptprog

Among other things, IPS should provide some options to protect/encrypt personal data such as email and IP address (although I think it is not technically possible to provide any real protection for emails when both web server and MySQL are collocated), or even disable their collection (at least IP address I believe are just collected for logging purposes, so it should be ok to stop collecting them). For IP addresses, anonymization should be another option. Also, I'm not sure about what data IPS stores when using external login methods, but there may exist some personal data here too. Regarding cookies, I think GPDR requires websites to respect Do Not Track headers, and requires affirmative user action for things like accepting cookies. So, IPS should not set any cookie util it has user consent, and it should provide an opt-out mechanism. As far as I know, using embedded content also means the user may get cookies from external sites. So, we may need more control on the embeds we allow, to make sure we don't add more cookies, and to be able to rebuild posts removing external embedded content.

Try rebuilding the cache again. I think this solved the issue for me.

Weird... depending on the browser I use I get different info on the page I linked (either 40000 emails free for 30 days trial, or 12000 emails free per month). Anyways, this is what I can see with Safari (probably it is some language setting that makes the page change, not the browser itself): Here and here you also have additional info about their free plan. I'm not using that free plan, so I cannot really confirm that you get the 12000 emails/month free, but I can confirm the 25000 emails/month for free offered when you signup through SoftLayer.

If you signup for a SendGrid account through Azure or SoftLayer you get 25000 email/month for free. You can also get 12000 emails/month for free if you signup directly in SendGrid. I've used both Sendgrid and Sparkpost, and Sendgrid seems to be much more reliable than Sparkpost.

I think I found the cause of the first two issues: some special characters are being encoded twice. For example, the tag @media has a delete URL containing the parameter "tag=%2540media", which won't work, but if change it to "tag=%40media" it already works.

I just installed this application and I'm trying to clean up the tags using the Manage Tags page. I'm experiencing several issues, however: Most of the tags I try to delete are not deleted. Most of the tags I try to edit name are not edited. I have 1441 pages of tags, but only 207 have tags (the remaining are empty, and every time I run the Advanced Tool to add tags to topics, the number of empty pages increases). Are there any logs where I can check for errors?

That's precisely my point. If you can already filter HTML to make it safe, why cannot we have a safe "Source" button in the editor that we can enable to all users? I agree that we also need a source button for admins that lets them use any HTML (which we already have). However, it would be useful if that button had a "safe" variant, which would enable the HTML filter, the profanity filter (as @The Dark Wizard requested), the URL filter, etc. You say "profanity is the least if your worries if you are allowing people to post raw HTML", but the other "worries" can also be solved. (And you are already solving them except when the "Source" button is available.)

I just did it here: https://invisionpower.com/forums/topic/417428-html/?do=findComment&comment=2654347 (You can see that I used the HTML tag "code", which is not available through the editor.) This example is even more interesting: https://invisionpower.com/forums/topic/417428-html/?do=findComment&comment=2654348 (In this case I was able to use custom formatting through the "style" attribute.)

As far as I know, you just need to disable Javascript to be able to use raw HTML in certain areas (using the browser developer tools is another option). So, even here you allow us to post raw HTML. I still don't understand why we can't have a "source" button in the editor that allows users to use raw HTML without compromising security.

I don't know if there are still CDNs that are origin push only, but those would no be supported by IPS. In this particular case, the Google Cloud CDN imposes restrictions on the origin. Not sure whether Google Cloud Storage is among the acceptable origins, though.

Try putting the following line in your "constants.php" file: define( 'BULK_MAILS_PER_CYCLE', 20 ); You can decrease the value "20", in case it is not working yet. In case it works, you can try to increase the value. (The default value is 500, I believe. I set it to "1", as IPS was sending emails too fast, and even after setting it to "1", I had to send bulk mails in multiple batches, based on registration date. Otherwise I would hit the limit rate for receiving emails at certain ISPs.)

The login page is now using a CSRF key, so I guess this will make it impossible to automate the login.

I notice that after editing some blog entries in my community, those entries were marked as unread for all users. I this supposed to happen, or am I doing something wrong?

The KeepAlive issue can be "solved" editing the file "system/Output/Output.php", and removing the line "$this->sendHeader( "Connection: close" );". @Matt, is there any reason for IPS to disable the Keep Alive?

Does anybody know how to fix this issue?