MEVi

Hello,

We are under DDoS attacks from the company Expanse Inc.  According to them these attacks on our servers are legal according to the CFAA-compliant. 😨

Google: Palo Alto Networks ensables your team to prevent successful cyberattacks with an automates approach that delivres consistent security across cloud, network and mobile.

We have blocked IP addresses (34.96.130.0/24, 34.77.162.0/24, 34.86.35.0/24, 144.86.173.0/24), but this is not effective, as it consumes resources that are not negligible given the volume of attacks. Curiously, not all websites are attacked by the same volume of connections.

1. Have you ever had this type of problem?
2. What are our options to stop their attacks?

I will make an example:

1. I created a database-pages (Mendeleiev) without categories with the terms of the Mendeleiev table.
2. In another database-pages (english) with caterogies, I have defined a field that is relational with the Mendeleiev database and work fine.
3. Now I want create and another database-pages (french) and use field that is relational with the Mendeleiev it's not possible because it was already used...

Hello,

I see a problem in the Pages module. I have created relational headings to avoid using TAGs which simplifies the keywords but I realize that it is not possible to assign several times the page in relational mode.

I discover the Wiki features and realize that it is not possible to define a unique author in the page module. This would avoid having to edit thousands of articles to assign them to a fictitious member.

Hello,

In CP-Admin it's possible purge after x day(s), but it's not possible export to CSV file.

Can you add feature to download files CSV of logs errors, please.

Many thanks

Hello,

Could you add a downloads tab in the user profile ?

Hello,

I use the club module a lot to create work groups. But I see a problem it is not possible to put a download area that is common to two clubs, this would avoid having duplicate files.

The idea is to allow you to create an alias that displays the content of a section like for example the space for downloads. We can also imagine wanting to post in another club (private), a blog to avoid duplication.

The member would not see the difference between the origin and the alias while the moderator and administrators would be informed.

Hello,

I have members who would like to create spreadsheets like with excel but do not know if this is possible on the forum.

This does not work because users or robots exclude the Piwik script. What to do?

I also have this problem because depending on the duration of the project the URLs can change or I have to rephrase the title of the project.

We have enabled DNSSEC + SSL to reduce the problems, but many members (admin/modo) request that the private messages they receive by email be encrypted (PGP), since to restore the password we use SMS.

It's a very good idea
 

<FilesMatch "^(sitemap\.php)$">
    AuthType basic
    AuthName "Unauthorised For Legal Reasons"
    AuthUserFile /path/to/.htpasswd
    Require valid-user
</FilesMatch>

I don't need a CDN.

My members exchange photos that are sometimes confidential. It is abnormal that search engines exploit this security flaw by making public, private photos. Then to have lawyers claiming compensation because internal subjects are accessible to unauthorized third parties.

Hello,

I have many search engines that do not respect the rules of the robots.txt .

Google suggests to place the sitemap file(s) in a subfolder and to protect it with a htpasswd, which is a very good idea with this method only authorized search engines can exploit the file sitemap.

I did not manage to move the sitemap.php file to a subfolder.

Hello,

Many search engines or robots suck up information without respecting the rules defined in the robots.txt .

When a member connects to the community with their HUAWEI product, after I see in logs petal search engine downloads pictures using the direct URL.

In case the Hot Link Protect is activated the petal search robots generate thousands of HTTP errors, because it keeps trying to download the photos or files that the user has viewed.

The fact that the photos are directly accessible via a URL whether you are a member or not, make problems of copyright. This means that I have to block the possibility of members to send pictures, because I can't guarantee them that the copyright will be respected. I hope that in version 4.6 this flaw will be closed.

I am against installing external modules, we had too many problems.

The idea is that you can save in your profile VIP subjects that you could classify in personal categories. Because for the moment I have to create bookmarks in my internet explorer.

Example: tips, bug, fun, ...

I had seen this feature on other forum that I find very practical.

it would also be good if the profile could no longer be indexed in public in addition to being displayed in "black and white".

deleted

The contact module has become the joke with spammers.

When a member is banned or an email address is missing, the contact module does not take it into account, would it be possible to modify its behavior:

For example if the email address is black listed in the forum, then the message will be sent directly to the webmaster email address, otherwise it opens a ticket in the support.

Hello,

I don't know if it's a bug, but it's not possible to finish a specific account for donations when there are several payment methods.