-
Posts
415 -
Joined
-
Last visited
Content Type
Downloads
Release Notes
IPS4 Guides
IPS4 Developer Documentation
Invision Community Blog
Development Blog
Deprecation Tracker
Providers Directory
Forums
Events
Store
Gallery
Everything posted by Thomas P
-
This is uncommon as this sounds like your member use weak passwords and those accounts got compromised - at least you should consider this possibility imo. Good luck
-
known issue Direct attack on attachment URLs
Thomas P replied to Thomas P's topic in General Questions
Thanks guys, appreciated -
Hi mates, I am observing from the sytem log that we are experiencing attacks on single attachment URLs. As it seems someone is hammering the attachment engine/URLs with random IDs: The URLs itself look like this: https://www.mcseboard.de/index.php?app=core&module=system&controller=ajax&do=attachmentInfo&attachIDs[14365]=true Now what is bugging me is: Why are they hammering those attachment URLs and why do they do that as a guest user. Case A: As guest an error is being thrown ("Sorry, there is a problem. Something went wrong. Please try again. Error code: EX0") in the frontend - thus the system log entry. Case B: If a logged in user tries to reach such an URL the output of the a.m. one is: Not that isn't really exciting as a result or desirable output. So I am wondering: why is this type of attachment URL being hammered? is there a known vulnerability or was there one in the past? what is the use of that URL, i.e. for what reason is the output presented to logged in users? and last not least: How to address it? Can those request be denied altogether? Or should I even bother as a valid error is presented to a guest user? I ignored such pointless requests showing in the system log, but there are plenty of it. Thanks, Thomas
-
Thank you, gotcha 🙂
-
Hi mates, just a moderate bump to my feedback or request: Please consider it to be included in one of the next releases. It is more of a gap or improvement than a new feature imo. Thank you, Thomas
-
Thank you, we're going to think about it 👍
-
That's a bummer, as it affects the automated mass emails to our +70K users and the very different use case of a human generated newsletter. So thanks. I wasn't blind, there is just no way 😞
-
That would affect all emails outgoing, not just bulk mails...
-
Hi mates, I am pretty sure I am blind here, but how to remove the default salutation when using the Bulk Email feature? Thanks, Thomas
-
User marked as Spammer still shows "About me" spam in profile
Thomas P replied to Thomas P's topic in General Questions
Hi, an update from my side - got to know this Add-On to hide a spammer's profile with possibly stuffed "about me" or other spammy profile info: Block Banned Member Profiles - Applications - IC Essentials (ic-essentials.com) Works well and does what it should, I like and recommend it. BR -
Error during upgrade - Unknown column
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
Thank you guys, checked as you suggested and yes: It was there. And verified via support ticket, as well - so we are good. 🙂 Thanks again, appreciated. Thomas -
Error during upgrade - Unknown column
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
Hi, no issues identified. Apart of the a.m. error message all sections are clear without issues... BR -
Hi mates, after upgrading to latest and greatest 4.7.14 I see one error in our log: Error (1054) Unknown column 'chart_timescale' in 'ipb_core_saved_charts': changeColumn ["core_saved_charts","chart_timescale",{"name":"chart_timescale","type":"ENUM","length":null,"decimals":null,"values":["hourly","daily","weekly","monthly","none"],"allow_null":true,"default":null,"comment":"","unsigned":false,"auto_increment":false}] The error was thrown at this step of the upgrade: .../admin/upgrade/?controller=upgrade&key=abcdef&mr=16&_=1704058060594 Any ideas on why we got this error? Apart of that the forum looks fine after upgrade. Happy New Year btw. 🥳 Thanks, Thomas
-
Invision Community 5: A more performant, polished UI
Thomas P replied to Ehren's topic in Invision Community Insider
Awesome changes as usual, very well made. Looking forward to them -
Hi all, we had and have spammers who try to abuse the homepage link ("Website URL") or the "About me" section, i.e. profile fields, for link stuffing and unsolicited advertisement - which is spam. Marking the spammer using the built-in function hides the posts and threads but not the profile fields or the member profile itself. Suggestion is to hide the entire content of a spammer after being marked so. Regarding the profile fields specifically: Either the profile field content should be removed (A) or the entire profile should be set to hidden except for the Mods & Admins (B). This is just to give you an idea how it can be done, but in those details I trust your judgement as you are more into the details. This is the follow-up to this q&a topic: Thanks, Thomas
-
User marked as Spammer still shows "About me" spam in profile
Thomas P replied to Thomas P's topic in General Questions
Thank you for your feedback. Will do so. Meanwhile I took out the permissions for guests to view member profiles, which is our temporary workaround to that. BR -
Hi mates, as it seems the "About me" section of a member profile shows all the added text and links, i.e. Spam, even after marked as spammer. All posts and thread are hidden automagically but not the profile spam stuffing. So I guess our beloved spammers managed to bypass our spam measures... Any ideas? Thanks, Thomas
-
Upgrade went fine - one error in Log (SQL)
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
If I read it correctly the table was already dropped before, so it is a duplicate "safe" statement. Anyway, thanks for the short info 🙂 -
Hi mates, upgrade to 4.7.9 latest went fine, I have one error I couldn't associate with, in the system log. Upgrade went flawless so far judging from the Upgrade UI and the frontend outcome, it is just this one error in the system log, what concerns me. admin/upgrade/?controller=upgrade&key=25f9c38812d4c22588ddaf2368d5f8fe&mr=43&_=1681843838469 Type: Upgrade error Error (1051) Unknown table 'xyz.ipb_core_members_features_seen': dropTable ["core_members_features_seen"] #0 /home/xyz/system/Application/Application.php(1672): IPS\_Log::log() #1 /home/xyz/applications/core/sources/Setup/Upgrade.php(511): IPS\_Application->installDatabaseUpdates() #2 /home/xyz/applications/core/sources/Setup/Upgrade.php(326): IPS\core\Setup\_Upgrade->step1() #3 /home/xyz/applications/core/modules/setup/upgrade/upgrade.php(47): IPS\core\Setup\_Upgrade->process() #4 /home/xyz/system/Helpers/MultipleRedirect/MultipleRedirect.php(93): IPS\core\modules\setup\upgrade\_upgrade->IPS\core\modules\setup\upgrade\{closure}() #5 /home/xyz/applications/core/modules/setup/upgrade/upgrade.php(77): IPS\Helpers\_MultipleRedirect->__construct() #6 /home/xyz/system/Dispatcher/Controller.php(118): IPS\core\modules\setup\upgrade\_upgrade->manage() #7 /home/xyz/system/Dispatcher/Setup.php(220): IPS\Dispatcher\_Controller->execute() #8 /home/xyz/admin/upgrade/index.php(34): IPS\Dispatcher\_Setup->run() #9 {main} Thanks for any hint or detail, Thomas
-
Just asking because this issue here. Regarding development my question is, if there are any new features or planned improvements for the future. Thanks 🙂
-
Hello, is this Add-On still being supported and developed? Thanks, Thomas
-
Curl error during upgrade at systemcheck
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
Thanks Nathan -
Curl error during upgrade at systemcheck
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
OK, I re-enabled curl_multi_exec and upgrade went through. I still would like to put it back after upgrade and wonder, if this upgrade (exceptionally) needed it or I have to dig when it was added. My guess would be it came with PHP 8.x on our side. I see, thanks. For functions in general or just during upgrade? I can leave it on of course, if required generally. -
Curl error during upgrade at systemcheck
Thomas P replied to Thomas P's topic in Classic self-hosted technical help
Just checked: Curl is installed, but curl_multi_exec is disabled in our php setup via disable_functions. As I uploaded all files needed, is this needed? Our setup did not change since quite while... -
Hi mates, right after login I get the following error message during upgrade: Call to undefined function IPS\Http\Request\curl_multi_exec() The log shows me: Error: Call to undefined function IPS\Http\Request\curl_multi_exec() (0) #0 /home/xyz/system/Http/Request/Curl.php(496): IPS\Http\Request\_Curl->_executeMh() #1 /home/xyz/system/Http/Request/Curl.php(302): IPS\Http\Request\_Curl->_executeAndFollowRedirects() #2 /home/xyz/system/Application/Application.php(553): IPS\Http\Request\_Curl->get() #3 /home/xyz/applications/core/modules/setup/upgrade/systemcheck.php(95): IPS\_Application::md5Check() #4 /home/xyz/system/Dispatcher/Controller.php(118): IPS\core\modules\setup\upgrade\_systemcheck->manage() #5 /home/xyz/system/Dispatcher/Setup.php(220): IPS\Dispatcher\_Controller->execute() #6 /home/xyz/admin/upgrade/index.php(34): IPS\Dispatcher\_Setup->run() #7 {main} Anyone experienced the same? Any hint to what went wrong? Thanks, Thomas