Jim M

PHP mail would be configured by your server. Additional parameters can be added to tell your configuration what to do but it can't fully change the configuration. You would need to work with your hosting provider or server administrator if you want to do this.

Would ensure that your Pages templates are up to date and referencing correct functions. Disable third party applications/plugins. Also, ensure that all files on your server are up to date to the latest by uploading a fresh set of files from the Client Area. (Delete any files which are no longer referenced in the package you're provided from the Client Area) Then finally, ensure that there is no server caching files like through OPCache.

This would not be causing an issue with your upgrade. However, you can disable Community Hive in ACP -> System -> Integrations.

This is actually something which has been circling the web recently as there have been pretty big sites in the last few months to a year which have been exposed recently with full credentials being populated on the dark web and individuals using the same credentials frequently, has caused lots of problems with spammers getting into otherwise dormant or trustworthy users. As mentioned, we recommend enabling 2FA if you're concerned about your users. I am sorry you feel we do not care, it is actually the opposite which we are providing you this information about how to better secure user accounts. With the limited information of the same IP address we were provided, we are providing the results of what we have seen previously. This is nothing new and ultimately, not seeing this come from an exploit of our software. If there is new information which is showing that the account has been compromised through the software, we will certainly investigate that but at this time, there is no evidence of that. This would point further to exploited credentials, I'm afraid.

The Third-Party Marketplace has been decommissioned. You can reference the provider's page for any individuals and their sites which sell third party add-ons: https://invisioncommunity.com/third-party/providers-directory/ If you're seeing documentation which references it, please let us know and we will remove it. Thanks.

Depending on what version you're upgrading from, it could be something on our end or your servers. I'd recommend doing the manual upgrade that Randy pointed to. Then see on the next upgrade if you encounter the same issue and see what the issue is. There may be an issue with permissions on your server or a block in obtaining/extracting files, etc...

If there are no email error logs for this instance, you would need to contact your hosting/email provider to see what the issue is. Ultimately, no errors in our email error log indicates that we successfully handed it off to your email provider. Therefore, we would be unable to comment further on what is going on and the deliverability issue is with your email provider.

Without knowing the error which is being presented here, it is hard to say. Ultimately, we're starting at the easy things first 🙂

IP addresses recycle so it is completely possible it could have been used by a regular user at one point and a spammer. Simply because the IP address is the same, does not indicate a security issue. It also is completely possible that the user's credentials were leaked in another site's attack, and that user uses the same credentials on many sites, so the botnet was able to log in as them. Both of which are not security concerns in our software. We would recommend enabling Two Factor Authentication if you're concerned about this.

Are you missing any files that were not uploaded successfully to your server? Would try uploading all again. Anything in your /datastore directory? Would delete anything other index.html and try again.

Blank pages usually indicates a suppressed PHP error. Would likely need to check your server error log for more details as to what is causing the problem.

Would suggest switching to hCAPTCHA if you haven't yet as that is proven to be better at preventing spam. Changing Q&A is a good idea as well to help prevent human spammers.

Profile Settings there in your screenshot 🙂

That is the exact opposite of what I said.

In V5, we will indeed be changing this and this has been outlined multiple time 🙂 . I'm not sure where you read we weren't. It isn't something we are able to just patch tomorrow though, I'm afraid. It is a long process to remove our dependency on the JavaScript libraries we use currently.

You will want to take a look at when your Member History is pruned in ACP -> Members -> Profiles -> Settings. It could be their group was changed, manually or by group promotions, but would not be logged due to your settings. The issues which we encountered due to the attack on our network would not have changed anything with your settings.

There's nothing in the software itself which by default allows for this. However, an anchor is a very simple HTML item, if there isn't an existing CKEditor plugin which you could install, you could create your own custom button.

This is the removal timeline from the Google article: Deprecation means that it will be removed soon, not cease to function. Q1 2025 maybe that date of cease to function. However, that does not sound firmed up. Also, it is worth noting that a library we use has this function in it. Whether or not that we use the functionality it uses as a part of it is another thing that a developer can confirm. It also may not be detrimental to your sites at all so I wouldn't panic just yet 😉

What I told you is indeed what handles System. As mentioned, you're welcome to post in Feedback and others can comment as well. It may be your opinion this is worthless data but to others it may not be. Which is why we have the Feedback forum.

If the notification keeps reappearing, the software is still seeing these functions available to be ran. If you're struggling to see why on your server, you may wish to contact your hosting provider or hire a server administrator.

This may be a topic you will want to read. Short summary is that we're aware of it but as it is an engrained dependency, it isn't something we can rip out willy nilly 🙂 .

Third party cookies are cookies set by a website other than the website you're viewing. Cookies are an essential part of web applications and aren't going away.

System is anything like login, registration, policy pages, etc... It is indeed an app 😉 . You're more than welcome to make a suggestion though in our Feedback forum. If you have any server caching, CDN, etc... for guests could just be people are on the same page and those items thus not hitting the software. Don't know. Doesn't seem to be something hit by other users so would be very specific.

Please note: we do not recommend editing the core files. Any issues (whether visual, data, etc...) which are encountered by doing so are at your own risk. Some errors may only be resolved by restoring from a backup from prior to when the edits were made so be sure to take full, proper backups prior to doing anything. This is not anything directly related to terabyte but just a generalized comment to any modification.

That looks to be a customization which they installed as this is not something in the core software. You would need to ask them what they used. We do have an Image Slider block which is a part of our Pages application but it does not look like that. The block is called "Page Builder: Upload Images" and then you would enable "Autoplay slideshow?" To use the Block Manager to drag/drop blocks places, please see this guide: https://invisioncommunity.com/4guides/getting-started/using-the-block-manager-r309/