CoffeeCake

You do not need to move the file to require http authentication. Simply create a Files rule within your IPS directory that the file requires authentication.
Assuming Apache and that you're not a CIC customer, something like the following should work:
<Directory /var/www/html> <Files sitemap.php> AuthType basic AuthName "Protected Super Secret SiteMap" AuthUserFile /path/to/.htpasswd Require valid-user </Files> <!-- Include everything else you had in here --> </Directory>  

It is but that's not how they created it: it's generated programmatically with JS. Not bad for the case when several people are writing or editing entries.

Welcome, @Matt Finger! You're just 1̴̺͎͇̜̪̈́͂̄̏̌0̷͖̯͕͍̯̇̈́̐̒0̸̹̥͉̫̹̏̈̔͌̂̆͐̌̚,̷̯͉̮̙͌̽̊̉̽̀̕͘0̴̛̳͓̼̭̇͒̅͋̓͋̄̎̉̈́̈́͒͠͝0̵̡̛͕̹̞̤̣̤̝͈͉̦̗̜͕͔̎̌̎́̿͂͊͂̌̓̍̓͂͝0̵̢̖̟̤̖̲̭͋̊̐̊̿́̑͒͐͗̒́̕̚ posts away from being awarded the coveted "Rookie" distinction.

Here's a link to dbfiddle that shows the output:
https://dbfiddle.uk/?rdbms=mysql_8.0&fiddle=0238af66d4e90f4553c5769a13e0f2b9

Yes, can we please get an option to configure the default selection?

The current behaviour is so annoying. Every single time I have to change "Everywhere" to a specific forum or other section I'm currently in. I do that in every IPS based forum including here and I get just exhausted.
 

Also, if you prefer a Marketplace solution, this claims to do what you're asking:
We have not used it, yet may be an option for you to consider. We prefer to address problematic traffic before it its the web server by having Cloudflare intercede.

Don't do this via phpMyAdmin. Connect to your MySQL server via SSH (the mysql command) and perform the operation there. Do not export and reimport the data to Notepad++. Back up everything twice before you start. That way, when you forget or ignore the suggestion to back things up the first time, you have your second warning to fall back on. 😁
You can see all impacted posts and preview the change by running a SELECT statement with a conditional that matches your replace. For example:
SELECT `post`, REPLACE(`post`,'http://wrongDomain.com/','http://correctDomain.com/') AS `expectedresult` FROM `forums_posts` WHERE `post` LIKE '%http://wrongDomain.com/%';  

You could do it with an UPDATE statement and the REPLACE() function in SQL, but back everything up first and test in your test environment.
REPLACE() documentation:
https://dev.mysql.com/doc/refman/8.0/en/string-functions.html#function_replace
If you need more granularity, look at REGEXP_REPLACE():
https://dev.mysql.com/doc/refman/8.0/en/regexp.html#function_regexp-replace

It absolutely should not do this, as it should not do what it does now. It should be configurable at the application level by the administrator.
For some communities, how it works now is perfect. For certain communities depending on how they use applications (as is the case with Downloads on this community, but not all), the administrator here should set the default for the Downloads app to be app first, unless end user picks "everywhere" from the scope selector.
Adding granularity at the application level to set a default search context increases flexibility and user understanding.
I say all this knowing that for our community, I'd keep it on a global search. But I possess the critical thinking skills necessary to know that one shoe does not fit all.

Matt, I need your cell phone number. I have a lot of good ideas. (This is totally normal here.)

About 73% of what I say is smatterings of nonsense, mixed with a pinch of glerp. 😄

And then do the thing it warns you about at the bottom :)

sfsNextCheck is not a built in field. A third party application is/previously adding/ed that column and a value is not being supplied with no default value.
In the table `ibf_core_pfields_content`

sfsNextCheck is not a built in field. A third party application is/previously adding/ed that column and a value is not being supplied with no default value.
In the table `ibf_core_pfields_content`

That's just nonsense. New host time. 🙂

Hello @Makoto, firstly I wanted to thank you for fixing the merged members bug in a very timely fashion. That seems to have done the trick and things are working on that end now. Unfortunately I need to report a return of an old bug that I first reported to you via Discord many moons ago.
There seems to be a problem when viewing the IP Address History of a deactivated member. Either on the ModCP end, or in the AdminCP. When you try to do so, the system log records the following error and the page doesn't display: 
Error: Call to a member function getTimestamp() on int (0) #0 /home/SITE/public_html/system/Member/Member.php(2398): IPS\deactivation\extensions\core\IpAddresses\_Requests->findByMember(Object(IPS\Member)) #1 /home/SITE/public_html/applications/core/modules/admin/members/members.php(2081): IPS\_Member->ipAddresses() #2 /home/SITE/public_html/system/Dispatcher/Controller.php(90): IPS\core\modules\admin\members\_members->ip() #3 /home/SITE/public_html/system/Dispatcher/Dispatcher.php(152): IPS\Dispatcher\_Controller->execute() #4 /home/SITE/public_html/ACP/index.php(14): IPS\_Dispatcher->run() #5 {main} #0 /home/SITE/public_html/init.php(995): IPS\_Log::log('Error: Call to ...', 'uncaught_except...') #1 [internal function]: IPS\IPS::exceptionHandler(Object(Error)) #2 {main} This isn't a major issue, but a fix would be appreciated, as always.
Kind regards, take care and stay safe.

__ / \ /|oo \ (_| /_) _`@/_ \ _ | | \ \\ | (*) | \ )) ______ |__U__| / \// / FIDO \ _//|| _\ / (________) (_/(_|(____/  

__ / \ /|oo \ (_| /_) _`@/_ \ _ | | \ \\ | (*) | \ )) ______ |__U__| / \// / FIDO \ _//|| _\ / (________) (_/(_|(____/  

__ / \ /|oo \ (_| /_) _`@/_ \ _ | | \ \\ | (*) | \ )) ______ |__U__| / \// / FIDO \ _//|| _\ / (________) (_/(_|(____/  

Yes! 
 

__ / \ /|oo \ (_| /_) _`@/_ \ _ | | \ \\ | (*) | \ )) ______ |__U__| / \// / FIDO \ _//|| _\ / (________) (_/(_|(____/  

What other options does that web thing give you?
What are all the values in the drop down "When to run" and "Minutes"?
Can you edit /etc/crontab on your server via SSH?

Add a drop-down menu item in the Menu Manager and place the items you'd like in the drop down menu in there instead of having them indented underneath a parent item.
You have lots of questions! It may be a good idea to brew a fresh cup of coffee and review the Help Guides:
https://invisioncommunity.com/4guides
Here's the entry on setting up your menu:
 

Cloudflare Polish is activated for your site, and your logo is being served from Cloudflare's cache. Your image is being converted into a webp file for those browsers that support webp, and the original format you used was a JPEG image. JPEG is really only good for things like photographs and is rarely an appropriate format for something like a logo. You'd want to use a transparent PNG file or similar until something svg or webp is supported natively by IPS.
You have some options. You can turn off the Polish feature entirely on Cloudflare or use a page rule to make an exception for your logo. You will need to clear the cache for your image from Cloudflare though to see any changes. Documentation: https://support.cloudflare.com/hc/en-us/articles/360000607372-Using-Cloudflare-Polish-to-compress-images
See the headers associated with your logo image, as served from carnity.com:
cf-bgj: imgq:100,h2pri cf-cache-status: HIT cf-polished: origFmt=jpeg, origSize=13060 content-disposition: inline; filename="1802184490_Carnitylogoapr2021.webp" content-length: 9220 content-type: image/webp

MySQL is happy spitting out blobs all day long if provisioned correctly and in tandem with caching, even better.
James, you may want to consider that these images can be put on a filesystem other than the one hosting your IPS files and served out from a subdomain or similar. To do so, It's not very well documented or as apparent as it could be in the help guides. However, it sounds like your process could generate the preview image, put it on that separate filesystem, and then insert the path into the database instead of the blob itself (if that's your preferred method).
You can create a filesystem storage configuration, turn on "use custom url." Consider setting up a subdomain like preview-images.example.com, that lives on another server you maintain for serving out these images and is then cached by your CDN.
What I'd suggest instead, however, is that you transition this task to use the IPS API for Downloads instead. This way you only need to grant API access to your process, the files can be stored on your filesystem, and your script doesn't need access to the web server's filesystem to do so.
https://invisioncommunity.com/developers/rest-api?endpoint=downloads/files/POSTitem
Are screenshots not editable though via API? What nonsense is that?