Jim M

This would likely be something which you are performing as you are getting caught by the firewall and getting temporarily blocked. Are you running something perhaps from the same IP address as yourself which is running into errors or making a lot of requests? This could be maybe a feed reader, local code hitting the API, or something else?

That changed the stack trace so while I understand it didn't resolve it, you are making progress. Next step would be switching to an unmodified theme.

Would want to go to ACP -> Support -> on the right-hand side under "Tools & Diagnostics" -> click View Third party Hooks -> Find the number in the error stack above and try disabling the third party application/plugin. If that resolves your error, that third party application/plugin is the issue.

The follow system by nature is explicit opt in per forum/topic/content item. I'm afraid, there is no opt in to follow all forums. A third party customization would be required to do this. The REST API does not handle follows in this manner at this time. You're welcome to suggest this in our Feedback forum.

You'd want to block this at the server or network-level then if you're seeing this from a particular set of bots.

Would ensure that the cron command is actually running PHP 8.1 there. Otherwise, you will need to see what the error is there. You should be able to grab that in System Log of the ACP -> Support.

The event has to take place in the future. Then a "Set Reminder" button will appear on the vent.

File system is fine till you find you need otherwise. Many communities will never outgrow the need for file system.

Please discuss anything related to Invisioneer there, they are not associated with us.

Would clear any OPCache, etc... If everything has been ran successfully via your MySQL server. You can certainly try a manual upgrade. Of course, be sure to take necessary backups.

PHP mail would be configured by your server. Additional parameters can be added to tell your configuration what to do but it can't fully change the configuration. You would need to work with your hosting provider or server administrator if you want to do this.

Would ensure that your Pages templates are up to date and referencing correct functions. Disable third party applications/plugins. Also, ensure that all files on your server are up to date to the latest by uploading a fresh set of files from the Client Area. (Delete any files which are no longer referenced in the package you're provided from the Client Area) Then finally, ensure that there is no server caching files like through OPCache.

This would not be causing an issue with your upgrade. However, you can disable Community Hive in ACP -> System -> Integrations.

This is actually something which has been circling the web recently as there have been pretty big sites in the last few months to a year which have been exposed recently with full credentials being populated on the dark web and individuals using the same credentials frequently, has caused lots of problems with spammers getting into otherwise dormant or trustworthy users. As mentioned, we recommend enabling 2FA if you're concerned about your users. I am sorry you feel we do not care, it is actually the opposite which we are providing you this information about how to better secure user accounts. With the limited information of the same IP address we were provided, we are providing the results of what we have seen previously. This is nothing new and ultimately, not seeing this come from an exploit of our software. If there is new information which is showing that the account has been compromised through the software, we will certainly investigate that but at this time, there is no evidence of that. This would point further to exploited credentials, I'm afraid.

The Third-Party Marketplace has been decommissioned. You can reference the provider's page for any individuals and their sites which sell third party add-ons: https://invisioncommunity.com/third-party/providers-directory/ If you're seeing documentation which references it, please let us know and we will remove it. Thanks.

Depending on what version you're upgrading from, it could be something on our end or your servers. I'd recommend doing the manual upgrade that Randy pointed to. Then see on the next upgrade if you encounter the same issue and see what the issue is. There may be an issue with permissions on your server or a block in obtaining/extracting files, etc...

If there are no email error logs for this instance, you would need to contact your hosting/email provider to see what the issue is. Ultimately, no errors in our email error log indicates that we successfully handed it off to your email provider. Therefore, we would be unable to comment further on what is going on and the deliverability issue is with your email provider.

Without knowing the error which is being presented here, it is hard to say. Ultimately, we're starting at the easy things first 🙂

IP addresses recycle so it is completely possible it could have been used by a regular user at one point and a spammer. Simply because the IP address is the same, does not indicate a security issue. It also is completely possible that the user's credentials were leaked in another site's attack, and that user uses the same credentials on many sites, so the botnet was able to log in as them. Both of which are not security concerns in our software. We would recommend enabling Two Factor Authentication if you're concerned about this.

Are you missing any files that were not uploaded successfully to your server? Would try uploading all again. Anything in your /datastore directory? Would delete anything other index.html and try again.

Blank pages usually indicates a suppressed PHP error. Would likely need to check your server error log for more details as to what is causing the problem.

Would suggest switching to hCAPTCHA if you haven't yet as that is proven to be better at preventing spam. Changing Q&A is a good idea as well to help prevent human spammers.

Profile Settings there in your screenshot 🙂

That is the exact opposite of what I said.

In V5, we will indeed be changing this and this has been outlined multiple time 🙂 . I'm not sure where you read we weren't. It isn't something we are able to just patch tomorrow though, I'm afraid. It is a long process to remove our dependency on the JavaScript libraries we use currently.