Jump to content

G17 Media

  • Posts

  • Joined

  • Last visited


About G17 Media

IPS Marketplace

  • Resources Contributor
    Total file submissions: 3

Recent Profile Visitors

4,573 profile views

G17 Media's Achievements

  1. The issue is still very current; see Kreb's on Security's post here, from last month: https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/ We get a lot of mail rejections from corporate domains from SendGrid, deliverability to Google is still quite high, although read rates are much lower. We are using our own custom e-mail stack now and hardly ever deal with rejections. Either way, if SendGrid is still working great for you, I wish you the best.
  2. SendGrid's shared IP pool is being blacklisted at an increasing amount of places. It's no longer a great place for deliverability. See here for more information: https://news.ycombinator.com/item?id=14202068
  3. Well, the idea of at least making it an int would make it consistent to how dates are stored elsewhere in the framework. The indexing would be useful for particularly for our use in putting edits in the activity stream so they are searchable by date/time, so probably isn't needed in the core framework (but might be useful if IPS wants to count/filter these by date/time) -- I'm happy to make our database inconsistent with an extra index.
  4. We are putting CMS database edits into the All Activity feed.
  5. Is it possible you can change the revision_date in cms_database_revisions from a varchar(13) to an int? And maybe index it? We are working on a working on a way of showing Wiki edits and this is a bit of a blocker without us changing it manually. Thanks.
  6. In the case of China, usually it's your ISP has hosted content and they have just banned the whole ASN or large block, not your site personally. You sometimes see offers for China optimized servers or hosting that try and work around this.
  7. I think there was some talk about IPS not permitting encoded files on the Marketplace but I could be wrong. As for IPS, there is a hardcoded license check. It can be removed by commenting it out, and there are numerous sites that offer pirated versions. Like a lot of PHP projects, they mostly work on ordinary users not knowing how to remove the license check, copyright enforcement and the honour system.
  8. Is it deliberate that these posts show in the ACP or is that an oversight?
  9. I ran into a problem recently that took me some time to figure out. Basically, we show a CAPTCHA to users to protect against automated downloads. Recently, we added a system where they only have to do this every 30 minutes (and we set a $_SESSION['download_captcha_last_completed'] variable). This didn't seem to work for me randomly, and upon long investigation, I realized I had my PC was also on the website. I suspect what was happening is that my PC was making requests for notifications, which would cause my laptop's session to be wiped out. It isn't noticeable to users (I guess they get logged in via pass hash or something else?) but the $_SESSION array seems to get completely wiped out, which means my system is unworkable for users which are logged in via multiple devices (or their phone or another device is checking for notifications). When I closed my PC browser my system worked as designed. It looks like this is related: Is it possible you can allow multiple sessions per member ID - or - as a compromise, perhaps save the $_SESSION array?
  10. This is not a responsibility for IPS. You can configure a proxy yourself at the machine level by using iptables and routing tables. (e.g. have a GRE tunnel to a protected host to/from your origin and tunnel outgoing port 80, 443 and SMTP connections through this GRE tunnel). This is difficult and these setups prove tricky, but quite frankly if you are skimping on proper DDoS protection this is your responsibility. CloudFlare's free (and even Pro) packages are not catch-all solutions to DDoS attacks, and you need some protection for outgoing traffic too, even just to disguise or hide the origin IP. The easiest way if you don't have experience with this would just to have a DDoS protected origin in the first place.
  11. This is most likely an issue for your web host to resolve. Possible issues are: problems with their peering with AT&T, firewall block on AT&T ranges, etc If you have any .htaccess blocklist, check that it doesn't block those ranges.
  12. It's passing vital data so the warning system knows where you have clicked their profile from. It must be visible due to the nature of the data.
  13. Since CloudFlare only proxies traffic to your server, and not traffic instigated from your server, I don't see how this could be caused by CloudFlare. I'd wait for the support ticket to be resolved, as it may be an unrelated issue.
  14. I sent in a support ticket for this, but we didn't get any useful response. Haven't yet dug through the specifics of the task code to do this ourselves but if I discover anything useful I'll share. This really is integral for big forums, I'm sure a lot of us have a custom setup which could deal with processing a lot more per cycle.
  15. We'll try to make this compatible with 3.3.4 and update you if we do. It may be already compatible, although I'd much rather test it in a 3.3.4 board before saying it is.
  • Create New...