Jump to content

Matt

Management
  • Posts

    70,143
  • Joined

  • Last visited

  • Days Won

    649

 Content Type 

Downloads

Release Notes

IPS4 Guides

IPS4 Developer Documentation

Invision Community Blog

Development Blog

Deprecation Tracker

Providers Directory

Projects

Release Notes v5

Invision Community 5 Bug Tracker

Forums

Events

Store

Gallery

Everything posted by Matt

  1. It's on our RADAR. Video is pretty tricky though. We'd need a 3rd party service to transcode the video and stream it at the right resolution for the current device. This would come at a cost of course.
  2. One of the benefits of using Invision Community as your community platform is that you control and own your data. There are several ways to review this data. One of which is via the Admin Control Panel which offers a suite of statistic views which helps to convert the raw data into something easily understood. However, it's not always easy to determine trends and community sentiment from these singular views. Invision Community 4.5 adds two new interactive views for user and activity statistics. This new 'overview' view not only shows you a snapshot of your community but also allows you to compare time periods. In the video, you can see that I select different date ranges, such as "three months". This shows you the data of that time period, and also compares it against the previous three months. In this example, you can clearly see that we have 50% more registrations and 33% more contributors compared to the previous three month period. Likewise, in this example, you can clearly see that we have a 1200% increase in reactions given with a clear breakdown of the type of reaction given to help understand community sentiment. These interactive displays automatically update, so if you are so inclined, you could leave the statistic pages open and watch as the data changes live. We hope that you find these new views useful in identifying trends and help to inform strategic decisions within your community.
  3. Yes. TikTok embedding is in 4.5.
  4. Invision Community has certainly changed a lot over the years as we've moved through major updates and large user interface changes. While large scale changes offer a dramatic difference, it is sometimes the smaller changes that bring the most satisfaction when using your community daily. This blog entry rounds up some of the UI improvements Invision Community 4.5 brings. Content View Behavior What do you want to happen when you click a topic link? Are you taken to the first comment, the last comment or the first comment you've not read? If you speak to 100 people, I'm pretty sure you'll get a good spread of votes for each. Invision Community has always offered subtle ways to get right to the first unread comment. Our infamous dot or star allows you to do this, but it is so subtle almost no one knows this. Invision Community 4.5 now allows each member to choose (with the AdminCP offering a default). Now everyone wins! Who Reacted? Invision Community has had reactions for a long while now. Although finding out who exactly reacted without clicking the counts has proved irksome. We've fixed that in Invision Community so simply mousing over the reaction icon reveals who reacted. Sign In Anonymously For as long as I can remember, Invision Community has offered an option to sign in anonymously via a checkbox on the login form. However, as we've added faster ways to log in via Facebook, Twitter, Google and more it's become less straight forward to ensure your anonymity. Invision Community 4.5 removes this login preference and moves it to your members' settings. Now your members can resume hiding as they move around your community across multiple logins. Resize Before Uploading One of the most popular requests we've had in recent times is to resize large images before uploading. It's quite likely that your giant full resolution image will be denied when attempting to upload, and it's a bit of a faff to resize it in a photo editor. Invision Community leverages the uploader's ability to resize before uploading, which makes it a much happier experience. Switch Off Automatic Language Detection Invision Community attempts to map your browser's user-agent to a specific language pack. When you visit a site, your browser lets the site know which language our browser is set to (often dictated by your operating system) and we use that to show you the correct language if the community you're visiting has multiple languages installed. However, it might be that you don't want this to happen because although your computer's OS is set to a specific language, it doesn't always follow that is the one you wish to use on a website. Invision Community 4.5 allows this automatic detection to be switched off. Quote Collapse We will finish with another popular feature request; the ability for long quotes to be collapsed, reducing the amount of scrolling one has to do. Quite simply, Invision Community collapses long quotes with an option to expand them to read the entire quote. Thank you to all our customers who have taken the time to leave feedback. As you can see, we do listen and action your feedback. Which change are you looking forward to the most? Let us know below!
  5. Although we continuously review security within Invision Community, a major release such as 4.5 allows us to be especially proactive when it comes to keeping your community safe. This blog entry outlines several enhancements to improve security in Invision Community 4.5. Password Handling Keeping your member's passwords secure is the simplest way to keep accounts safe and out of the wrong hands, so it makes sense to look at ways to ensure this doesn't happen. Invision Community already uses strong one-way hashing when storing passwords, which means that once the password is stored in the database, there is no way to know the plain text version. However, when creating a new member account via the AdminCP, a random password was created, and this was sent in the welcome email to the new member's email address. As of Invision Community 4.5, this no longer happens, and the new member is invited to create a new password when visiting the community for the first time. Part of your internal security procedures might be to force a reset of all passwords periodically. Invision Community 4.5 allows this on a per-member basis, or via a selection of filters to enforce a reset for many members at once. This clears out any stored password hashes and emails the affected members to remind them to set up a new password. AdminCP Security The Admin Control Panel contains the most powerful tools available to Invision Community. This is already a very secure area with a separate login with an option to add two-factor authentication to the login flow. Part of the session authentication has been a special key in the URL. While we have protection in place to prevent this special key being discoverable by a malicious user, there remains an incredibly remote theoretical chance that this could happen with a series of complicated steps. There was an additional annoyance that you are unable to share links within the AdminCP to members of your team due to the increased protection to keep URLs safe. As of Invision Community 4.5, we have removed the special key from the URL and moved it elsewhere in the session authentication flow. This means that it's impossible to fetch the special key via the URL and links can now be shared and will survive a login action. Text Encryption There are a few areas within Invision Community that we use text encryption to allow us to save data in the database in a format that is encrypted when saved and decrypted when read. This protects you in the incredibly remote event of your own hosting being compromised and your database downloaded (of course, our Community in the Cloud customers do not need to worry about this!) Invision Community 4.5 improves on this encryption by using PHP's built-in methods which give "bank-level" security to our encryption. Security is critical to the success of your community, and we are always proactive in improving security throughout Invision Community. Do you have any comments on this entry? Let us know below!
  6. I'm not clear what the issue is. What advice does FB give? We use the FB sign in and have not received these messages, so it may be something to do with the configuration of your FB app.
  7. We have come a long way since the late 90s when someone had the genius idea of using a small yellow smiling face image instead of the more common colon-bracket representation of a smiling face. In Invision Community, there are various places that photography can be used to create visual interest. From uploads in topics, to cover photos for blogs and members. The humble upload field has served these areas well, but sourcing images to use can be a pain; especially when you have to walk the minefield that is copyright and attribution. Fortunately, there are a few "CC0" online stock photo libraries that offer quality photography that requires no attribution and are not hampered by copyrights. One such library is the ever-popular Pixabay, which was established in 2012 and features a very powerful API. Pixabay has over a million images ready to use from llamas to sausages and everything in-between. Invision Community 4.5 now includes support for Pixabay which brings those images to your fingertips (or mouse pointer if you're on a desktop.) This video shows the feature in use. As you can see, not only can you upload into posts from the stock photo library, but you can also use it to add a cover image to your profile and blog entries. Finding quality photography has never been so easy! For those that love technical details, the stock photo picker is a programmatic option on the upload form field type making it very easy to add to your own code and apps. How will you use this new feature? Let me know!
  8. As above, we're working on 7.4 compatibility with Invision Community 4.5.
  9. Matt

    4.4.9.2

    This is a maintenance release to fix bug reports since 4.4.9.1.
  10. Templates should only compile once after either upgrading, or clearing all datastores (which won't happen many times if at all in normal use). When templates rebuild, 99% of the time they rebuild on the first go without needing the attempts loop and sleep. That is there to catch the 1% of times that some random event on the server means the templates weren't compiled properly (possibly because a previous attempt has a lock on the template rebuild). The sleep just pauses for 1 second to allow the lock to be lifted by another process. So in short, that sleep should only very rarely be hit and won't be run on every single page load. That is the only time we deliberately add a sleep() call. As for the loading of the PHP files, I have no idea why there would be any latency but using a compiler like OPcache should negate that.
  11. When the clocks strike midnight on New Year's Eve, we will enter the third decade of producing Invision Community. A lot has changed since we set up in 2002. Our team has grown and our product matured. In a world where online startups explode and die within a few years, we're something of an anomaly. We still have the same love and passion for creating the very best tools to build a community, and we have always ensured that Invision Community is in touch with modern demands. This decade has seen Invision Community go from strength to strength. In 2010 we were one of many forum systems catering to smaller niche audiences. In 2019 we're powering discussion for many international and well-known brands. Online habits may have changed in this time, and social media may have swallowed up smaller informal communities, but the need for independent community platforms remains strong. 2020 will see us release 4.5 which will bring another round of essential updates to existing features and a fresh batch of new features. But first, let us climb inside our Delorean, rewind the clock to 2010 and start from the beginning. As the sun rose on 2010, Bruno Mars was singing about parts of the human face in "Just the way you are", Katy Perry irritated Microsoft Word's spellchecker with "California Gurls", and CeeLo Green was trying to "Forget you" (at least in the radio edit). Christopher Nolan's boggled all our minds with Inception, James Franco lost the ability to clap in 127 Hours, and Colin Firth stammered his way through The Kings Speech. Steve Jobs unveiled the iPad to a collective snort, moderate derision and questions over just how useful a giant iPhone will be. President Obama, just a year into office warns of "Snowmageddon" that eventually dumps up to 40 inches of snow on the east coast of the United States. We lost comedy legend Leslie Nielsen (we'd never dream of calling him Shirley), and we gained a small child named Ryan who in just nine years would be earning $29,000,000 by opening boxes of toys on YouTube. 62% of us were using Internet Explorer to the chagrin of most web developers who wished that Chrome's 5% market share was more significant. Facebook celebrated its sixth year by reaching 400 million users (a far cry from the 2.5 billion it currently has). Twitter, just four years old hits 30 million monthly active users (and none of them talked about fake news). And how about Invision Community? 2010 We hit 2010 running by releasing numerous updates on IP.Board v3.1, including finally using long-established web standards, and share features now that "social networking is all the craze these days" noting that "friends and colleagues often share similar interests, after all." How innocent we all were in 2010. IP.Board 3.0 Back then, each product had its own name and release cycle. IP.Gallery's new features included being able to rotate images by 90 degrees. Honestly, people used to go crazy for this stuff. In May, we released a brand new application called "IP.Commerce". A few months later we renamed it "IP.Nexus" and years later, it was changed back to "Commerce". Naming things is hard. The announcement contained exquisite details such as "It's hard to say when it'll be available" and "we don't know how much it will cost". We were so sure that it would be accepted positively, we removed the ability to post comments to the blog entry. As summer turned to autumn and the end of the year loomed large, we released news about a significant update to Gallery called "IP.Gallery 4.0" which pre-dates Invision Community 4 and confused customers for years (so IP.Board 3 works with IP.Gallery 4, but IP.Board 4 works with Gallery 4?). Numbering things is hard too. The last blog entry was about an app called 'IP.SEO' that I had utterly forgotten existed. It was written by Dan who once locked Lindy out of his own datacenter, but we don't talk about that. I don't even remember this website 2011 Charles opens the year by managing expectations for IP.Board 3.2 by outlining our three key goals (promotion, usability and modernization). The last one was us removing the "back to top" button and then spending the next eight years explaining why we removed it. Our spam monitoring service processed 300,000 requests in the first two weeks of 2011. 30% of these requests were deemed to be spam and blocked (0.1% was probably an administrator registering 50 fake accounts before being banned from their own site). I posted about "exciting new technology" in our new "WYSIWYG" editor (although what you see is sometimes close to what you get) would be more appropriate but slightly less catchy. We spent the next eight years explaining why no one uses BBCode anymore to almost everybody. Brandon closed out the year with a blog promising "new toys" for IP.Content 2.3 (now called Pages, keep up!) which promises a "who's online" widget and a "shared media field" that was not only complicated to explain, but also use. IP.Board 3.2 in all its glory 2012 We start the year with news on IP.Board 3.3. This release was to feature essential updates such as the "Remember me?" checkbox on the login form and emoticons in signatures. Despite being constantly told that we don't take SEO seriously, we round up the latest serious SEO changes including tags, soft 404s and micro schema. We also celebrated our tenth year in business. Something terrible must have happened to one of our competitors because we asked if you'd like to switch to IPS. The year ends with IP.Board 3.4 being released for beta testing. This being a rare year where we release two major versions in less than 12 months. 2013 Brandon has eight coffees and tries to explain what it's like to be a developer: "us developers are a strange bunch. We have a lot of crazy thoughts that just don't make sense to anyone else. Our brains are wired differently. We get from point A to point B by going around point Z and bouncing off point M first.", he closes the blog entry by urging you to ignore us. The big news is that work on 4.0 is officially underway! Don't get too excited, releasing two major versions in 2012 clearly fatigued us as "IPS Community Suite 4.0" is not released until June 2015, over two years later. 4.0 was our first complete rewrite in years. We threw out all our stable and tested code and started over with an empty editor. It was a vast undertaking that consumed us completely. The result was worth it as we had a new modern framework that still serves us today. But we're getting ahead of ourselves a little. Back in 2013, Mark talks about trees. Not the kind you find laying around in forests, but rather the programmatic type. It's just a way for Mark to show off how beautiful his code is. IP.Board 3.4 still gets many updates (along with IP.Gallery, IP.Blog, IP.Content, IP.Downloads and IP.Address (ok that last one was made up)). We spend the year talking about various new things in 4.0, including a new-new editor and various special features (and no one noticed we started calling it "IPS Social Suite 4.0" - it just rolls off the tongue!) I introduce the new theme engine for 4.0, and this time, my code is not deleted by Mark (true story). 2014 We didn't know it at the time, but 2014 was not the year that IPS Social Community Suite 4.0 (naming things is hard) will be released. Still, Rikki talks enthusiastically about "extending JS controllers and mixins" a way of coding so complex, to this day you can count the number of people who truly understand it on one of Rikki's fingers because it's only Rikki that understands it. Determined not to be outdone in the confusing customers' stakes, I go on about how important it is to convert your database to UTF-8 when upgrading from 3.0. As 2014 neared its inevitable end, we did manage to put up a pre-release testing site and release Beta 1 a release so unstable; it makes the current political climate look absolutely peachy. IPS Community Suite 4.0 (Preview) 2015 Finally, the year that 4.0 is to be released! We released six betas and a few release candidates before nervously hovering over the 'release' button (actually it's a collection of git commands and 'to the letter' instructions I ignore). After a year of training customers to call our forthcoming release "IPS Social Suite 4.0," we release it as "IPS Community Suite 4.0". Lindy writes a lengthy blog article that sounds like a cross between a technical discussion of the Brother 8987-A printer and an award acceptance speech. Quite frankly, after nearly two years of development, we're just relieved to have finally released it. The year is spent refining and fixing 4.0 and culminates in the news of 4.1, where we add activity streams and a menu manager. We also talk about the new-new-new editor. December 16th marks the time that IP.Board 3.4 officially dies as we declare it "end of life" and no longer support it. That shiny new release we were excited to talk about in 2012 is finally put out to pasture. The last we heard, IP.Board 3.4 moved to a farm and is doing well. 2016 Now that IP.Board 3.4 is end of life; we do the sensible thing and make a few minor IP.Board 3.4 releases to improve security. IPS Social.. sorry, Community Suite hits version 4.1.17 (confusing Lindy) before the year is done with many new improvements, including embeds, warning notes and the new leaderboard. We're still mostly undecided what to call the product, so we avoid trying in all our blog entries. In fact, looking back, it's quite remarkable how often we changed the name of our product. You'd be forgiven for thinking that it was a robust and well-considered attempt to prevent Google from serving up relevant search results and to confuse potential customers. We find time to update our own website and introduce a new developer's area. 2017 Barely 16 days into the new year, and we release news of the two-factor authentication feature added to IPS Community Social Invision IP.Board Suite 4.1.18. When spring has sprung, Charles drops the news that we're working on 4.2, the main feature being a screenshot of the Admin CP log in. We promise that you will love it and that it will be released mid-2017. Updates come thick and fast. Calendar event reminders, content messages, recommended replies, letter profile photos device management and delayed deletes all make the blog. Still not convinced that people take us seriously when we say we're committed to SEO, we post about more SEO improvements. This time, we talk about implementing JSON-LD, rich snippets, pagination tags and more. We also squeeze another one in about the new-new-new-new editor. We overhaul our own blog (using Pages because that's how we roll) and I start a hilarious series of blog entries where I troll our own team. Everyone including me loses interest early on in 2019. During April, we do the sensible thing and change the name of our product once more. IPS Community/Social Suite 4.1 is out, and Invision Community 4.2 is in. Just to recap: IBForums > IPB > IP.Board > IPS Social Suite > IPS Community Suite > Invision Community. You're welcome search engines! As promised, we release Invision Community 4.2 around the middle of the year. Well done, everyone! We finally hit a release date! As is now tradition, we end the year with news of our next big release Invision Community 4.3 (and tease the new emoji feature). We also calm nerves about Europe's endless fascination with regulation (it's this kind of joke that caused Brexit you know) and wrote up a guide on GDPR. 2018 Phew. We're almost there, dear reader. If you skimmed through most of the blog to this point and expected me to finish with a bang, you'll be disappointed. We start 2018 at full speed releasing feature news on Invision Community 4.3 including emoji, OAuth, community moderation, REST API, subscription manager, announcements and more. Oh and we hit our sweet sixteenth birthday in February! We release Invision Community 4.3 in April to rapturous applause after a short beta testing period. We all agree that 4.3 was a great stable release which instantly makes the developers nervous. Towards the end of the year, we announce that work has begun on Invision Community 4.4. We talk about new features such as GIPHY integration, AdminCP notifications, Post Before Registering, Commerce Updates and more. Still not sure if we care about SEO? Well, how about another blog entry on SEO? The only thing missing this year is a new update on our editor. 2019 And we arrive back home in 2019. A week into January and I pull the massive twist that we're using Invision Community 4.4 on our own community. It's not quite up there with "Bruce Willis is a ghost" though. In March we write up a case study on The Trevor Space, an LGBTQ charity set up to prevent suicide and to provide crisis intervention. TrevorSpace commends Invision Community for allowing anonymity online which isn't possible with social media. Rikki drops a bombshell in September when he announces that we're actively working on native iOS and Android apps for Invision Community. Apparently mobile is a thing now. November starts a series of blog entries talking about our new upcoming release, Invision Community 4.5. We talk about the Admin CP overhaul, Club Pages, RSS Feed Improvements and Club improvements. And here we are. Right up to date. This decade may have only taken us from IP.Board 3.1 to Invision Community 4.5, but it really has seen a massive change in the company we are, and the industry we are in. We have seen the inception, rise and stumble of social media. While it's true that forums are no longer the preserve of Star Trek fans obsessing over continuity errors and informal communities have been absorbed by Facebook and friends, spaces that you completely own to host discussions are still very much in demand. Invision "Chameleon" Community in 2019 Over the past year or so we've seen a sustained rise in the demand for independent communities. Brands especially like that you own your data and can use it to gain insights into customer habits. Just this year, we've launched communities for LEGO, HTC, Sage, Mattel, Gibson Guitars, Squarespace, and many more. We are constantly evolving Invision Community (assuming we stick with that name) to be at the very centre of your online presence. We have tools to add discussion comments to any page of your site, to embed widgets with a few lines of code. We want to showcase your community throughout your site by adding multiple touchpoints to take your customers on a journey with you. Our native apps will offer new and exciting ways to interact with a community via new interfaces. As we move into our third decade, I can only see a resurgence for independent communities as we tire of the crushing intrusion of social media. We give away so much of our attention, time and information for very little reward. We have never been more divisive and fiercely tribal. It's time to come back together to discuss a topic with care and thoughtfulness. It's time to allow our personalities to take a back seat and let considered discussion live again. And we'll be here doing what we have always done; creating the very best community platform possible. I'd love to know when you joined us on this crazy ride. Was it before or after 2010?
  12. Almost every single day, we receive feedback on our popular clubs feature. Some of the requests are big in scope, and some a little smaller. Following on from our previous blog entry for Club Pages, we’re pleased to announce a collection of smaller, but no less useful improvements. Improved Map Display The Clubs location map better shows where local clubs are A small but useful change to the clubs map means the view is now centered and zoomed around available clubs. Previously the map would show a world view even if all of the clubs were located in a concentrated geographical area. Member Tab A commitment to privacy always influences our development decisions, and this is true in clubs as well as other areas. It is now possible to set who can view the club member list on a per club basis. Clubs can be set to show the member list to everyone, only to club members or only to club leaders and moderators. You can now decide who can see your club Club Widgets A common request for clubs is that widgets should be able to display content from within clubs. With 4.5, this is now possible and allows you to better bring attention to your club content from anywhere in your community. Content widgets can now show club specific content Some people wanted to control where widgets would show more finely. This wasn’t previously possible, but now it is. When adding widgets to a page, you can now set whether you want it to appear everywhere, everywhere except clubs, or only in clubs. Join Requests Club leaders can invite members who they believe will enjoy their content to join. Likewise, members can request to join a club that is not open for all to join instantly. For a site with a lot of clubs, this could mean that you are invited to many clubs or find that your pending request goes unnoticed. Your member can quickly manage their pending invites Members can now cancel pending requests themselves quickly and easily from the Club homepage. Clubs are becoming an increasingly popular part of Invision Community and really helps foster a sense of involvement. We are always interested and surprised by the variety of ways this feature is being used. Let us know how you’re using clubs in the comments and keep the great suggestions coming!
  13. The barrier here is that the language system is just a list of keys with a translation. There's no way to link a specific key to a specific page. We'd need to rewrite the language system to allow it to be searchable, and that's no small undertaking. We do add specific keywords to the ACP though so you can find areas.
  14. You'd be forgiven for thinking that RSS feeds belong in some bygone era of the web where Netscape was king and getting online meant listening to your modem scream at your phone line. There's certainly a lot of newer web technologies to share data, but the venerable RSS feed still has a place. Invision Community has supported RSS feed importing and exporting for a very long time now; however, it has been restricted to just Forums and Blogs. Importing an RSS feed is a simple way to populate content on your community. It's even a great way to share content to and from your site without creating blocks or writing custom code. Invision Community 4.5 now centralizes RSS feed importing, so it is available for Forums, Blogs and Pages. You can now choose to import an RSS feed to any Pages database. Better yet, there is now full support for image enclosures. RSS feeds have a special tag to note that the feed entry has an attached image. Lots of RSS feeds use this, such as the NASA Image Of The Day feed. Until now, this image has just been silently discarded. Now, it is imported as an attachment (so it can be moved around in the post or Pages entry). If the Pages database you are importing to has record images enabled, you can optionally import the enclosure as a record image which some template sets can use as a header image, just as our blog here does. But what about exporting enclosures? Happily, Invision Community 4.5 can now export the main content image of an item as an enclosure. This certainly makes the Gallery RSS feed export a lot more useful! While these updates are not revolutionary, they certainly make RSS feed importing and exporting much more useful. We've been asked to support RSS feed importing into Pages for quite a while now. What do you think of these changes? What will you import into your Pages databases?
  15. Matt

    4.4.9

    Version 4.4.9 is a maintenance update to fix critical issues reported since 4.4.8.
  16. Matt

    4.4.8

    Version 4.4.8 is a maintenance update to fix critical issues reported since 4.4.7.
  17. If you have Redis available to you, you can use that to alleviate issues with your database. Otherwise you'd need to look at your MySQL config to determine where the bottleneck is.
  18. I'll bring it up with the team. It sounds reasonable to me.
  19. I only said what my personal preference was. It's been a long long time since we coded Ikon Power Community Suite 4 just for my own personal tastes. We realise dark mode is a thing and people seem to like it. As mentioned above, the app has a dark mode. Whether we can being dark mode as a theme option rather than a totally new theme is another matter. We will discuss it but as we have a gazillion things we want to do, it won't get massive priority. There's a bunch of good dark themes in the marketplace already.
  20. If you're reading this blog, then it's likely you already have a community and have been running it for some time. I'm going to go further and say that you've done all the right things; you've set it up correctly and themed it, so it matches your site. Once you have built your community and watched it spring into life, it's easy to think that you have done all you need to do. However, there are three simple things that you're probably not doing that is curbing your potential growth. Promote your community No matter how well you have set up your community, if you're not regularly promoting it, then you are limiting your potential audience. Look for ways to promote your community to a new audience. If you regularly write blog posts or a newsletter for your existing customers, then make sure you write about your community and encourage people to join. If you have a presence on social media, then share links regularly. Even adding a link to your community in your existing email signature will catch a few more clicks. Get creative! One community owner I know went through Apple's rigorous verification process to post quality articles from their site to Apple's News app. Why not sign up to HARO (Help A Reporter Out). This is a free email sent daily that contains requests from reporters looking for sources to quote in articles. The email is broken up into sections so that you can find relevant stories for your niche. It's a very simple way to get quoted in other publications with a link back to your site. Think about how you can promote your community to a wider audience. Post great content Do you take the time to create great content and post it to your community regularly? By great content, I mean a piece that encourages in-depth discussion, shows that you are a leader in your niche and sets the tone for the rest of your community. With the rise of social media, we're often fed a diet of disposable content such as "Motivation Monday" which may generate likes, but it does nothing to connect with your audience. You could use the Blog app, the Pages app or post in the relevant forums within your community. Try and encourage discussion and ask them to share their thoughts and experiences too. People love to share what they do and talk about their experiences, so it shouldn't be hard to get people active on your topic. Reward contributors Way back in the dark ages, a high post count was the only badge you needed to show others that you were to be feared and respected. I still remember joining some communities in the early 2000s and was in awe of members with 10,000+ posts. In today's more sophisticated times, we need a little more to keep us involved. There are a lot of tools you can use to reward your members. The simplest is the group promotion tool which automatically moves members based on specific thresholds. You can give your members elevated permissions or special badges to show to others that they are more experienced. If you have a more active community, you could consider rewarding your most engaged users with a prize. This prize could be a free subscription, a discount code for your products or even a small Amazon gift voucher. These are just a few things that you can incorporate into your workflow to help further build your community. I'd love to hear your tips too, please share them below!
  21. The only things I like dark are: - My code editor - My coffee - My memes
  22. Security should never be an afterthought. Don't wait until an attack has compromised your site before you take action. All too often, site owners consider increasing their security only when it's too late, and their community has already been compromised. Taking some time now to check and improve the security of your community and server will pay dividends. In this blog, we run down 8 ways that you can protect your community with Invision Community. We go through the security features you may not know about to best practices all communities should be following. 1. Set up Two Factor Authentication Invision Community supports Two Factor Authentication (2FA for short), and we highly recommend making use of this feature for your users, but especially for your administrative staff. 2FA is a system that requires both a user's password and a special code (displayed by a phone app) that changes every few seconds. The idea is simple: if a user's password is somehow compromised, a hacker still wouldn't be able to log in to the account without the current code number. You may already be familiar with 2FA from other services you use. Apple's iCloud, Facebook and Google all offer it, as do thousands of banks and other security-conscious businesses. Invision Community supports 2FA via the Google Authenticator app (available for iOS and Android) or the Authy service, which can send codes to users via text message or phone call. You can also fall back to security questions instead of codes. You can configure which members groups can use 2FA, as well as requiring certain groups to use it. Recommendation: Require any staff with access to the Admin Control Panel or moderation functions to use 2FA. This will ensure that no damage will occur should their account passwords be discovered. Allow members to use 2FA at their discretion. 2. Configure password requirements The password strength feature displays a strength meter to users as they type a new password. The meter shows them approximately how secure it is, as well as some tips for choosing a good password. While you can leave this feature as a simple recommendation for users, it's also possible to require them to choose a password that reaches a certain strength on the meter. Recommendation: Require users to choose at least a 'Strong' password. 3. Be selective when adding administrators Administrator permissions can be extremely damaging in the wrong hands, and granting administrator powers should only be done with great consideration. Giving access to the AdminCP is like handing someone the keys to your house. Before doing so, be sure you trust the person and that their role requires access to the AdminCP (for example, would moderator permissions be sufficient for the new staff member?). Recommendation: Don't forget to remove administrator access promptly when necessary too, such as the member of staff leaving your organization. Always be aware of exactly who has administrator access at any given time, and review regularly. You can list all accounts that have Administrative access by clicking the Administrators button under staff on the Members tab. 4. Utilize Admin Restrictions In many organizations, staff roles within the community reflect real-world roles - designers need access to templates, accounting needs access to billing, and so forth. Invision Community allows you to limit administrator access to particular areas of the AdminCP with the Admin Restrictions feature, and even limit what can is done within those areas. This is a great approach for limiting risk to your data; by giving staff members access to only the areas they need to perform their duties, you reduce the potential impact should their account become compromised in future. Recommendation: Review the restrictions your admins currently have. 5. Choose good passwords This seems like an obvious suggestion, but surveys regularly show that people choose passwords that are too easy to guess or brute force. Your password is naturally the most basic protection of your AdminCP there is, so making sure you're using a good password is essential. We recommend using a password manager application, such as 1password or LastPass. These applications generate strong, random passwords for each site you use, and store them so that you don't have to remember them. Even if you don't use a password manager, make sure the passwords you use for your community are unique and never used for other sites too. Recommendation: Reset your password regularly and ensure you do not use the same password elsewhere. 6. Stay up to date It's a fact of software development that from time to time, new security issues are reported and promptly fixed. But if you're running several versions behind, once security issues are made public through responsible disclosure, malicious users can exploit those weaknesses in your community. When we release new updates - especially if they're marked as a security release in our release notes - be sure to update promptly. Invision Community allows you to update to the latest version via the AdminCP. You no longer need to download a thing! Recommendation: Update to the latest version whenever possible. Remember, with Invision Community's theme and hook systems, upgrades to minor point releases should be very straight forward. 7. Restrict your AdminCP to an IP range where possible If your organization has a static IP or requires staff members to use a VPN, you can add an additional layer of security to your community by prohibiting access to the AdminCP unless the user's IP matches your whitelist. This is a server-level feature, so consult your IT team or host to find out how to set it up in your particular environment. Recommendation: Consider IP restriction as an additional security layer when you are not able or willing to use 2FA. 8. Properly secure your PHP installation Many of PHP's built-in functions can leave a server vulnerable to high-impact exploits, and yet many of these functions aren't needed by the vast majority of PHP applications you might run. We, therefore, recommend that you explicitly disable these functions using PHP's disable_functions configuration setting. Here's our recommended configuration, although you or your host may need to tweak the list depending on your exact needs: disable_functions = escapeshellarg,escapeshellcmd,exec,ini_alter,parse_ini_file,passthru,pcntl_exec,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,show_source,shell_exec,symlink,system Another critical PHP configuration setting you need to check is that open_basedir is enabled. Especially if you're hosted on a server that also hosts other websites (known as shared hosting), if another account on the server is comprised and open_basedir is disabled, the attacker can potentially gain access to your files too. Naturally, Cloud customers needn't worry about this, we've already ensured our cloud infrastructure is impervious to this kind of attack. Recommendation: Review your PHP version and settings, or choose one of our cloud plans where we take care of this for you. So there we go - a brief overview of 8 common-sense ways you can better protect your community and its users. As software developers, we're constantly working to improve the behind-the-scenes security of our software. As an administrator, there's also a number of steps you should take to keep your community safe on the web. If you have any tips related to security, be sure to share them in the comments!
  23. Matt

    4.4.7

    Version 4.4.7 is a maintenance update to fix critical issues reported since 4.4.6.
  24. Version 1.0.0

    418 downloads

    How to deal with toxic members within your community.
    Free
×
×
  • Create New...