ptprog

Any plans for adding solved content to leaderboards?

Do we really need to do anything about that? It would be like forbidding users to mention the other user name, which does not make sense to me. I'm not a lawyer, but I have serious doubts the GDPR gives users this right.

SPF should only whitelist whatever servers you use to send emails with your domain. So, unless you use Google to send emails for your domain, you are not supposed to add Google servers to your SPF records.

@Adlago if you replace the line you show with <link rel="manifest" href="{url='app=core&module=system&controller=metatags&do=manifest' seoTemplate='manifest'}" crossorigin="use-credentials"> the new connection issue is solved. (I tested this, and it solved the issue in my case.) BTW, after start using SSL and HTTP/2, my tests (using RUM) showed that the use of cookie-free domains was only slightly beneficial when I was using a CDN. Otherwise it was degrading performance, despite most of the synthetic tests (like YSlow and Webpagetest) giving better result

Regarding performance, my experiments show a small degradation of performance (15% ~ 20%, measured with a RUM script) during the period I used the preload setting.

Has anybody tried to use '<link rel="preload" ...>' to load fonts? Any idea if this improves performance?

That option is enabled. The problem is the primary group 🙂 Thanks!

Aren't admins supposed to receive notifications when there is an account deletion request?

Does this means that we can choose between keeping the username or anonymizing member's content, as when we delete a member from AdminCP?

Hashes are not difficult to reverse when you have a small set of possible unhashed values (the number of IPv4 addresses is small enough that you can hash all of them quickly, to create a lookup table; for IPv6 may take a little longer, though). Also, actual IPs may be useful in proofs of consent (to prove somebody subscribed a newsletter, for example). In case you don't need actual IPs in any case, you can easily anonymize IPs adding a few lines of code your constants.php file, I believe. (I had this kind of solution in place, until I realized I needed actual IPs in some cases.)

This plugin seems to be adding some additional tag&prefix settings for blogs, which I'm trying to use. I want to override the "Minimum Tags Allowed" of a group blog in its "Blog Settings" (AdminCP). I removed the check from the "Default" option, and put the value "1", for example, in the input field. However, after saving and going again to the settings page, the value I set disappeared, and the "Default" option is checked again. So, it seems there is a bug preventing the changes made from being persisted.

For contact forms probably only Privacy Policy is relevant. For guest posts I believe both are important. (In general I agree with you that this is stupid, and it is unlikely anybody will have problems with this. But I wouldn't be surprised if this is indeed required.)

As I mentioned in other post, at least in the European Court, the decision was favorable to the use of legitimate interest as a reason to store IP addresses, even though they were classified as personal information. But I agree when you say that storing IP addresses is risky,

Note that you can use the contact form without agreeing to the ToS, I believe. Probably there are other guest forms in a similar situation. I'm checking European Commission websites to see how they are complying with GDPR, and their contact forms (or at least some) have the consent checkboxes. So, even though I'm not particularly concerned with this issue, I think it would be wise to add this to contact forms and some other guest forms (maybe put it in the same places where you may place a CAPTCHA for avoiding guest spam messages).