Jump to content

Jon Hole

Clients
  • Posts

    10
  • Joined

  • Last visited

 Content Type 

Downloads

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Development Blog

Deprecation Tracker

Providers Directory

Forums

Events

Store

Gallery

Everything posted by Jon Hole

  1. Thank you Marc, Daniel, SeNioR-, Matt and Andy... this seems to have pointed our IT team in the right direction. They've made some tweaks which appears to have fixed things - I'll keep an eye on it.
  2. Currently I am seeing within Akamai (the CDN & Web Application Firewall in use for www.zero88.com/forum) some blocked POST requests when end users are trying reply to an item on the forum. Something that spikes my interest is that it looks like that there are some values stored in a cookie which are being send together with the POST request which are classified by our WAF as a XSS attempt. When people clear their cache or visit the website incognito it seems that the issue does not happen which does somewhat confirm my initial thought it could be due to some string which is being sent with the POST request stored in a cookie (or something else which is happening when someone replies). But since I do not know anything about the application I cannot confirm or deny this. To determine if this is actually an XSS attempt I would like to know how a valid POST looks like and if information stored in a cookie is actually sent with the POST request. This information should help us investigate the issue further and hopefully determine if this is a false positive or not.
  3. You guys are too good - thank you!!!
  4. Sorry @Marc Stridgen, one thing I've just noticed - font icons aren't working: Presumably this is related, due to the missing "www" in the URL of the font (typing the below into my browser downloads the font, but presumably the URL forwarding is kicking in). https://zero88.com/forum/applications/core/interface/font/fontawesome-webfont.ttf?v=4.7.0 In the template, this is just listed as: href="{url="applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0" How do I change where this is pointing? The only place I can find the URL within the AdminCP is within the licence. In the client area, I can't change the URL to include "www", as it says "There seems to still be an installation of Invision Community at the URL on file. Before you can change the URL, you must first remove the existing installation."
  5. Done Very strange... I know none of our team have made that change within the past month... maybe a default change by our hosting? Anyway, thank you very much for your very quick help and guidance Marc, appreciate it.
  6. Hi Marc, I just tried changing: https://zero88.com/forum to https://www.zero88.com/forum and that appears to have fixed the issue. That file hasn't been changed, and the forum software hasn't been updated (it's on the to-do list!). What would have caused that setting to to create a problem like this?
  7. $INFO['board_url'] = 'https://zero88.com/forum'; This is already set within conf_global.php I noticed in the client area that our licence was only http, but didn't want to change it just to "test" as I wouldn't be able to change it back... and I'm guessing the licence within the clientarea wouldn't in itself cause this issue.
  8. Thanks Marc, I've previously attempted removing .htaccess from the /forum directory, and the parent / directory, with no sucsess. I've just doubled checked by renaming, and still not fixed. One thought of something that has changed... today all our social channels were shutdown (part of a transition to our "parents" social channel). I don't remember any tie-in more than a simple URL link.
  9. Sometime between 9am and 10am (UK time) today, our self-hosted forum stopped working - https://www.zero88.com/forum/ I’ve checked with multiple people and it’s down for all of them. We get a "too many redirects" error. The rest of the website (non-Invision forum) is working fine. There have been no changes to our server settings or forum settings today (or for quite a while previously) The SSL certificates are in date. When my IP address tries to access the forum, the server logs show 10x “301 GET /forum/ HTTP/1.0” However, from the server logs, it appears that other IP addresses are successfully accessing the forum (logs show specific pages with code “200”) – I just don’t know how or who. I'm a little lost as to where to start diagnosing this
×
×
  • Create New...