niKee

One of the overarching goals for any community leader is to shine a bright light on your members. Their contributions should be publicly recognized. Now with Invision Community’s new Achievements system... you can!
Achievements is Invision Community’s native gamification system baked into our latest update, 4.6. 
We’ve dreamed up innovative actions for community leaders to publicly recognize members who show up and participate in meaningful ways.
Award Points and badges based on conditional Rules!
Here’s what you need to know...

 

Points
Our Achievements Points system keeps a running tally of Points. Members may earn Points in a multitude of ways. Essentially, it’s achieved by participating in the community. 
Create a topic? Points! Post a reply? Points! Follow another member? Nothing. Just kidding… Points!!!
This is done through creating Rules.

 

Rules
Rules are actionable processes set up in the admin panel. 
Here are what members can earn Points for:
When a...
Member joins a club Reaction is given New poll is created User follows a content item Review is posted Member logs in for the first time that day New club is created Content item/comment is promoted or featured Comment/reply is posted User follows a forum, blog, gallery, category etc User votes on a poll User is followed New content item is posted Post is marked as best answer There are also corresponding When/Then Rules for each item listed above. 
When this action happens, then this subsequent action happens.
Example: when a member posts 10 times, then this Badge is awarded.
 

 
 

Badges
Community leaders can also create specific Rules when deciding what actions earn Badges. 
For example, reward your members with a Badge for visiting your community for 20 days.
Once a member reaches 20 visits or more over 20 days, the Achievements system will automatically award them a ‘20 Visits’ Badge you’ve previously created.
 

 
 
Ranks
In 4.6, we’ve completely revamped our Ranks system to communicate with Achievements. 
Achievements’ Ranks system will replace our previous Ranks system*
Set up different Ranks based on how many Points a member earns. Ranks display a members’ perceived value to the community. The higher a members’ Rank, the greater their influence because the more they’ve participated. 
Ranks are currently for prestige at the moment. 
Here's our example for a pretend Coconut community:
 
 

 

There’s a lot of information to absorb here, but if there’s anything to take away from this blog post it’s this: empower your contributing members with Achievements and watch your community grow. It creates an immersive and elevated experience for your die-hards. And hey, who doesn’t love to earn? 
When 4.6 and Achievements is officially released for all, we’ll hold a live Q&A event for you to join and ask any questions you may have.
Props? Concerns? Comments? Questions? We’d love for you to sound off in the comments! Not only because we want to hear from you, but because it’ll earn you some sweet, sweet Points, too!

It's been said that the best place to hide a dead body is on page 2 of Google.
While we can't promise to get you to page 1 for a generic search term, we have taken some time for Invision Community 4.4 to do an SEO sweep.
Moz.com defines SEO as "a marketing discipline focused on growing visibility in organic (non-paid) search engine results. SEO encompasses both the technical and creative elements required to improve rankings, drive traffic, and increase awareness in search engines."
We have the technical skills and were fortunate enough to have Jono Alderson of Yoast lend his time, knowledge and vast experience to improve our SEO.
This blog article gets a little technical. It's completely fine to leave at this point with the comfort of knowing that Google will be a little happier on your site with Invision Community 4.4.
The majority of the changes are designed to send stronger signals to Google and friends over which content to slurp and which to look at a bit later.
Still here? Good. Let us roll up our sleeves and open the hood.

 
Pagination
The most visible change is that we've taken pagination out of query strings and placed it in the path.
For example, the current pagination system looks a little like:
yoursite.com/community/forums/123-forum/?page=3
Which is fine but it gets a little confusing when you add in a bunch of sort filters like so:
yoursite.com/community/forums/123-forum/?sort=asc&field=topic&page=3
A better approach would be to make a clear signal to both Google and humans that pagination is a separate thing.
Invision Community 4.4 does this:
yoursite.com/community/forums/123-forum/page/3/?sort=asc&field=topic
Not only is this good for search engines, but it's also good for the humans too as it is more readable and no longer confused with filter parameters.

Of course, we ensure that the old style pagination is redirected (via a 301 header) to the new pagination URL automatically so nothing breaks.
Canonical Tags
These tags are a way of telling search engines that a specific URL is the 'master copy' of a page. This helps prevent duplicate content from being indexed.
Without it, you are leaving it up to the search engine to choose which is the master copy of the page.
For example:
yoursite.com/community/forums/123-forum/ and yoursite.com/community/forums/123-forum/?sort=desc&field=time may show the same content but have different URLs.
By setting the canonical tag to point to yoursite.com/community/forums/123-forum/ regardless of filters sends a strong signal to the search engines that this is the page you want to be spidered.
Invision Community sets these tags in many places, but we audited these in 4.4 and found a few areas where they were missing.
For example, viewing a member's profile doesn't always set a canonical tag which may confuse search engines when you click on "View Activity" and get a list of content items.
Soft 404s
When an application or website wants to tell the visitor that the page they are looking for doesn't exist, it sends a 404 header code along with a page that says something "We could not find that item" or "No rows available".
If a search engine spiders a page that looks like a 404 page, but it doesn't have the 404 header code, it logs it as a "soft 404".
Given the short amount of time Google has on your site to discover new content, you don't want it to hit many soft 404s.
Invision Community 4.4 omits containers (such as forums, blogs, etc.) that have no content (such as a new forum without any topics yet) from the sitemap, and also adds a 'noindex, follow' meta tag into the HTML source.
Google will periodically check to see if the status of the page has changed and happily slurp away when content has been added.
Other changes
Although the changes listed here don't deserve their own section in this article, they are no less important.
We have audited the new JSON-LD markup added to Invision Community 4.3 to help search engines better understand the relationship between pages.
The "truncate" method that is used to display a snippet of text in areas such as the activity stream now only sends the first 500 characters to the javascript method to reduce page loads and page 'noise'.
The profile view in Invision Community contains a mix of information pertinent to the member and content they've authored.
We've ensured that the content areas are using a specific URL, with appropriate canonical tags. This will help reduce confusion for search engines.
If you made it this far, then well done. It's time to slam the hood closed and mop our collective brows.
These changes will certainly help Google and friends spider your site a little more efficiently and have a clearer idea about what pages and data you want to be indexed which can only improve your ranking.

Making security considerations a key part of your community setup and maintenance can save you from many future headaches.
You've worked hard to get your community moving. Don't make yourself an easy target and undo that work.
Here’s our current advice to our customers.
 
1. Enable HTTPS
HTTPS is fast becoming the standard way to serve websites. In 2016, more than 50% of web requests were served under HTTPS for the first time. Chrome and Firefox now explicitly warn users on login forms that aren’t sending data over HTTPS, and it’s not hard to imagine that in the near future all insecure pages will receive the warning.
HTTPS simply means that website data is served over a secure connection and can’t be read or tampered with by a ‘middle man’ hacker. You can identify a site using HTTPS because the address in your browser will show ‘https://’ (instead of http://), and normally a lock icon or the word ‘secure’.
Invision Community supports HTTPS by default simply by changing your base URL configuration to include HTTPS. Of course your web host will need to support it as well and our Invision Community Cloud services support it by default. Contact support if you have any questions.
Recommendation: Set up HTTPS for your entire community to prevent ‘man in the middle’ attacks.

2. Set up Two Factor Authentication
Invision Community supports Two Factor Authentication (2FA for short), and we highly recommend making use of this feature for your users, but especially for your administrator staff.
2FA is a system that requires both a user’s password and a special code (displayed by a phone app) that changes every few seconds. The idea is simple: if a user’s password is somehow compromised, a hacker still wouldn’t be able to log in to the account because they would not have the current code number.
You may already be familiar with 2FA from other services you use. Apple’s iCloud, Facebook and Google all offer it, as do thousands of banks and other security-conscious businesses.
Invision Community supports 2FA via the Google Authenticator app (available for iOS and Android) or the Authy service, which is able to send codes to users via text message or phone call. You can also fall back to security questions instead of codes.
You can configure which members groups can use 2FA, as well as requiring certain groups to use it. 
Recommendation: Require any staff with access to the Admin Control Panel or moderation functions to use 2FA, to ensure that no damage can be done should their account passwords be discovered. Allow members to use 2FA at their discretion.
 
3. Configure password requirements
The password strength feature displays a strength meter to users as they type a new password, showing them approximately how secure it is, as well as some tips for choosing a good password.
While you can leave this feature as a simple recommendation for users, it’s also possible to require them to choose a password that reaches to a certain strength on the meter. 
Recommendation: Require users to choose at least a ‘Strong’ password.
 
4. Use Admin restrictions
It’s very common that many different staff members need access to the Admin Control Panel depending on the role. You may have design staff, billing staff, community managers, and so on, all with particular tasks they would like to achieve.
Invision Community can help improve the security of your Admin Control Panel by allowing you to restrict the functions available to each administrator, granting them access to only the tools needed to do their job. 
Recommendation: Audit your community’s administrator accounts and applying restrictions where it makes sense to do so.
 
5. Stay up to date
It’s important to ensure you’re always running the latest release of Invision Community. With each release, we add new security features, audit code and fix any issues reported through responsible disclosure. Falling behind can therefore make your community a tempting target for potential hackers.
Your Invision Community Admin Control Panel will let you know when a new release is available, and you can also check out our Release page to track releases.
For our Enterprise customers, we’ll automatically apply updates for you shortly after release as part of your plan. For our self-hosted and Cloud customers, you can easily apply new updates via the Admin Control Panel with a couple of clicks.
Our Invision Community Cloud contains all best practices for security. However, if you are self-hosted, be sure to work with your web host to ensure your server is setup properly. Ensuring that server software, firewalls, and access controls are in place is very important as an insecure server can be your worst enemy.
Recommendation: Aim to install latest updates as soon as feasible.
 
6. IP address restrictions
For organizations where staff are centrally-based in one location, or are required to use a VPN, you can improve your community security by restricting access to the Admin Control Panel to the IP addresses your staff will be using. This is a server-level feature, so contact your IT team to have this facility set up your installation. Enterprise customers who wish to utilize IP restrictions should contact our Managed Support team, while Cloud customers can submit a support ticket to have this set up.
Recommendation: Where staff all access the community from a small number of IP addresses, restrict Admin Control Panel access to those IPs. 

Summary
Don’t leave security as an afterthought. Invision Community includes a range of tools to help you ensure your data and members protected, as well as industry-standard protections ‘under the hood’. Make use of these features, and they’ll help ensure the wellbeing of your site.
As always, if you have any questions or need advice, our support team are on hand to assist you.

Our recent release of Invision Community 4.2 was the most well-received version ever! The feedback we received on new features like Clubs, Reactions, and Promotes was better than we could have hoped and we really enjoyed seeing all the creative uses as people implemented them on their own communities.
We have been hard at work on version 4.3 with a goal of improving on all the great new features. It is well under way and we are happy to able to start announcing what's new over the next few weeks.
Invision Community 4.3 will not only contain new features but also have a core focus on refinement from 4.2's new features. You will see many improvements to Clubs, new integration options, large application improvements, new promotional features, and more changes large and small.

 
You can expect to see news posts about new features and changes very soon with a release date in early 2018. Follow our news section or subscribe to our newsletter to receive updates.

We have had a question and answer feature in IPS Community Suite for some time and we are now happy to add Google Authenticator as another option. We have also combined the various options it a new Two Factor Authentication (2FA) section in the AdminCP with many more options.

Two Factor Authentication Settings
There are also new settings to control when a user is required (or not) to setup 2FA:

2FA Setup
You can control what areas will prompt for 2FA authentication:

2FA Area Control
And how the system should recover if a user cannot login via 2FA on their account:

2FA Recovery Settings
An administrator can configure these settings to tailor the security needs of their community. For example, you might want to require 2FA your admins and moderators but keep it optional for your members. 
On the front end your members will see a new Account Security section under their settings area.

Account Security Settings
Once authenticated, a user will then be able to enable various security options. For example, the Google Authenticator setup shows an easy to follow setup.

Google Authenticator Setup
We hope you enjoy this new level of system security. IPS has plans to add additional 2FA providers beyond Question and Answers and Google Authenticator. We will keep you updated!
 
This change will be in version 4.1.18 which is scheduled to be released in late January 2017.