Jump to content

Community

G17 Media

+Clients
  • Posts

    75
  • Joined

  • Last visited

 Content Type 

Profiles

Downloads

IPS4 Providers

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Forums

Store

Posts posted by G17 Media

  1. 39 minutes ago, Paul E. said:

    That link has a discussion from 2017. We use sendgrid, and haven't had reports of any issues. Deliverability seems to be just fine. I'm sure there are others with issues, yet this has not been an issue for us (or at least one we've been made aware of).

    We have made attempts to reduce the amount of outbound mail significantly by defaulting members to notifications only unless they opt-in to e-mail notifications, but this makes sense for our community and may not work for yours.

    We use @stoo2000's bounce email management application to address any bouncing addresses with great success (though it's not yet upgraded to 4.5).

    The issue is still very current; see Kreb's on Security's post here, from last month: https://krebsonsecurity.com/2020/08/sendgrid-under-siege-from-hacked-accounts/

    We get a lot of mail rejections from corporate domains from SendGrid, deliverability to Google is still quite high, although read rates are much lower. We are using our own custom e-mail stack now and hardly ever deal with rejections.

    Either way, if SendGrid is still working great for you, I wish you the best.

  2. Well, the idea of at least making it an int would make it consistent to how dates are stored elsewhere in the framework.

    The indexing would be useful for particularly for our use in putting edits in the activity stream so they are searchable by date/time, so probably isn't needed in the core framework (but might be useful if IPS wants to count/filter these by date/time) -- I'm happy to make our database inconsistent with an extra index.

  3. 42 minutes ago, Unlucky said:

    @asigno

    Are you having any problems with member IP addresses?

    We are getting the Ezoic servers IP's instead of the member IPs registered in the CMS

    We have logged a call about this with invision but the only support we have is a suggestion to switch on the setting -Trust IP addresses provided by proxies?

    This has made no difference unfortunately and invision say any more support is outside the scope of their support.

    I just wondered if any Ezoic users have found a solution?

    Ezoic have offered the following support to help but we have no idea which file we would need to add this code in.

    By implementing the XFF header, Ezoic will send the IP address of the original web visitor through to your server in the X-Forwarded-For header.

    How to Add the XFF?

    • In PHP it is available in: $_SERVER['HTTP_X_FORWARDED_FOR']
    • You need to put the code above in a file that all of your pages access (e.g. header.php, init.php or config.php)
    • You should see $_SERVER['REMOTE_ADDR'], which you can replace with$_SERVER['HTTP_X_FORWARDED_FOR']

     

    • In .NET it's available in:  HttpContext.Current.Request.Headers["X-Forwarded-For"]

     

    Thanks in advance if anyone can offer any help or suggestion

     

     

     

    It's definitely outside the scope of IPS support if you are self-hosted -- this is something your sysadmin can advise on.
    I'm assuming Ezoic's solution is acting as a reverse proxy -- like CloudFlare, and so the situation is not too dissimilar.

     

    Changing 'Trust IP addresses provided by proxies' isn't hugely advisable because then anyone can spoof IP addresses (if your webserver is contacted directly).

    You will need to configure your webserver (nginx or apache) to accept the X-Forwarded-For header from a trusted proxy list that Ezoic specify. 

     

    That may not fix your other issues that you described in the first post though (certain things not working). It may be that Ezoic is caching too aggressively and isn't meant for a dynamic community like Invision. This is something you'll have to explore with your sysadmin or Ezoic's support.

     

  4. 27 minutes ago, Jon Erickson said:

    How does IPB protect their software? Do you know if they support encoding such as ioncube?

    I think there was some talk about IPS not permitting encoded files on the Marketplace but I could be wrong. As for IPS, there is a hardcoded license check. It can be removed by commenting it out, and there are numerous sites that offer pirated versions. Like a lot of PHP projects, they mostly work on ordinary users not knowing how to remove the license check, copyright enforcement and the honour system.

  5. I ran into a problem recently that took me some time to figure out.

    Basically, we show a CAPTCHA to users to protect against automated downloads.
    Recently, we added a system where they only have to do this every 30 minutes (and we set a $_SESSION['download_captcha_last_completed'] variable).

    This didn't seem to work for me randomly, and upon long investigation, I realized I had my PC was also on the website. I suspect what was happening is that my PC was making requests for notifications, which would cause my laptop's session to be wiped out. It isn't noticeable to users (I guess they get logged in via pass hash or something else?) but the $_SESSION array seems to get completely wiped out, which means my system is unworkable for users which are logged in via multiple devices (or their phone or another device is checking for notifications). When I closed my PC browser my system worked as designed.

    It looks like this is related:

    Is it possible you can allow multiple sessions per member ID - or - as a compromise, perhaps save the $_SESSION array?

  6. This is not a responsibility for IPS. You can configure a proxy yourself at the machine level by using iptables and routing tables. (e.g. have a GRE tunnel to a protected host to/from your origin and tunnel outgoing port 80, 443 and SMTP connections through this GRE tunnel). This is difficult and these setups prove tricky, but quite frankly if you are skimping on proper DDoS protection this is your responsibility.

    CloudFlare's free (and even Pro) packages are not catch-all solutions to DDoS attacks, and you need some protection for outgoing traffic too, even just to disguise or hide the origin IP. The easiest way if you don't have experience with this would just to have a DDoS protected origin in the first place.

  7. Since CloudFlare only proxies traffic to your server, and not traffic instigated from your server, I don't see how this could be caused by CloudFlare.
    I'd wait for the support ticket to be resolved, as it may be an unrelated issue.

  8. I sent in a support ticket for this, but we didn't get any useful response.

    Haven't yet dug through the specifics of the task code to do this ourselves but if I discover anything useful I'll share.

    This really is integral for big forums, I'm sure a lot of us have a custom setup which could deal with processing a lot more per cycle.

  9. (G17) Downloads Fields Filtering Hook

    File name: (G17) Downloads Fields Filtering Hook
    Submitter: G17 Media
    Submitted: 02/17/2013
    Category: Content Management
    Discussion URL :
    Support Info: Support is no longer offered. If you paid for the software before Feburary 1st 2014 we can provide very limited support, although cannot adapt this to your theme.
    Supported Versions: IP.Board 3.4.x,IP.Downloads 2.5.x

    Custom Field Filtering for IP.Downloads
     
    Information
    This hook allows your users to filter a category’s files by your drop down box custom fields. This allows the user to find wanted content a lot easier. It also allows forum staff to tidily organize a download catalog’s files in a user-friendly way without lots of categories.
     
    Requirements
    This hook requires at least IP.Downloads 2.5.2.
     
    Installation

    • Login to the Admin CP of your community
    • Hit ‘Manage Hooks’ from the left sidebar. If it’s not there, you may not have sufficient permissions to access this part. Contact a higher level administrator. 
    • Choose ‘Install Hook’.
    • Choose the ‘hook.xml’ included with this package, hit ‘Install’.
    • Done! You’ve now installed the hook.

     

    This hook requires configuration. Goto System Settings > G17 Media > Custom Field Filtering to complete configuration.


    View File

  10. (G17) Downloads CAPTCHA Hook

    File name: (G17) Downloads CAPTCHA Hook
    Submitter: G17 Media
    Submitted: 02/15/2013
    Category: Security
    Discussion URL :
    Support Info: Support is no longer offered. If you paid for the software before Feburary 1st 2014 we can provide very limited support, although cannot adapt this to your theme.
    Supported Versions: IP.Board 3.4.x,IP.Downloads 2.5.x

    Downloads Verification CAPTCHA Hook 1.0

    Information
    This hook allows you to serve a CAPTCHA to certain users downloading files from your website. This can be handy for saving bandwidth from bots, monetizing your downloads or just for security reasons. It uses the CAPTCHA module which your forum will use.

    Requirements
    This hook requires at least IP.Downloads 2.5.2.

    Installation

    • Login to the Admin CP of your community
    • Hit Manage Hooks from the left sidebar. If its not there, you may not have sufficient permissions to access this part. Contact a higher level administrator.
    • Choose Install Hook.
    • Choose the hook.xml included with this package, hit Install.
    • Done! Youve now installed the hook.

    Configuration

    • This hook supports the following options:
    • Toggle ON/OFF Allows you to disable the hook temporarily without uninstalling it.
    • Message The message shown when a user is selected for the CAPTCHA.
    • Exempt Groups Multi-select, choose groups that should not get the captcha.
    • Exemption via Post Count Leave blank to disable, or enter a number. Users with a post count lower than what you choose will be subjected to the CAPTCHA.

    Support and Pre-sales

    G17 Media offers help and support with all of its software products. You can e-mail me, directly, at jay.macdonald (at) g17media.com. Additionally, leave us a message on the Invision Power Board community and we will get back to you.


    View File

×
×
  • Create New...

Important Information

We use technologies, such as cookies, to customise content and advertising, to provide social media features and to analyse traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners. See more about cookies and our Privacy Policy