Great to hear that the community forum is the biggest test for IPS4. Even with cache disabled everything seems to work fine and fast from the Netherlands. So I'm really looking forward to experience the new software at full speed with more optimizations and caching enabled.
Why do I need to change my password to login via the forget password procedure and why do I have to add 'security' questions? This almost seems there has been a leak. Is there something IPS is not telling me?
If you guys really value security you should look at Two-step Authentication (eg. Google Authenticator) . It is very easy to integrate in your website and it is actually an extra layer of security because somone actually has to fysical steal a device from you such as your phone or token generator and have to know your password to login. This is very unlikely.
What is likely someone guessing or just Google'ing or check your Facebook for the 'security' answers. It is really easy to find stuff as which movie I like (is on my Facebook) and what my mothers name is. That's why I use fake questions and fake answers and just write them on a piece of paper (also not that secure).
I hope IPS really take a second look at the security. All those horror stories about peoples there Apple/Paypal or Twitter account being hacked has been done thanks to social engineering and just simply Google'ing the answers to security questions. I really think security questions give a false sense of security!
We do actually cache our dynamic forum pages. We do this in certain cases for guests. Members always get the latest version off course.
For more information and tips see: http://community.invisionpower.com/topic/364153-great-results-with-nginx-cache/page-6?hl=nginx#entry2401354
I advise you to read all the tips and first test this in a separate environment with some of your users.You don't want to create nasty results where some members can view pages as other members.
I think the Google developer (Did you use Pagespeed Insight ?) is referring to images and other static content as mentioned by the members above me. This can be easily achieved by adding a .htaccess file if you are using Apache or preferable set the expires value for static content in Nginx to it's maximum ( expires max; ).
Thanks for sharing this great Hook for Invision Power Board.
For our crew it is very motivating to see that there are so many members online on our board each day.
The only thing I didn’t like about the hook is that it is using a resource intensive JOIN query to our database. That's why I made a small modification that caches the values for 10 minutes within the Invision Power Board disk cache.
NOTE: Why is the Invision cache so under used in plugins/hooks? It really makes your board run quicker if you do some 'smart' caching :smile:
The following regex should work with hash tags:
<iframe src="//instagram.com/p/$3/embed/" width="612" height="710" frameborder="0" scrolling="no" allowtransparency="true"></iframe>
Sorry for the bump. But I think the following works. I'm currently testing it.
ips_password=the password you set for the bot
As far I understand the auth_key is always 880ea6a14ea49e853634fbdc5015a024 for guests.
Don't think this is the right solution. We switched to IP.Chat because it is more reliable and better integrated in Invision Power Board than our previous chat solution.
That won't actually help. Our website already works 100% via SSL including the chat page. BUT the actual chat requests to for example http://server07.ips-chat-service.com/ are still unencrypted.
I would love to see the chat service encrypted. If it was possible to host IP.chat completely on our own servers it would have been available via encrypted connection for a long time.
Thanks for the positive reply. I understand that IP.Chat is a relatively new service. A lot of the software of Invision Power Board has changed.
But also a lot on the Internet and the world has changed. Now you can get free unencrypted WiFi at buses, trains, pubs, etc...
Also more and more companies and government agencies are interested in data for data mining purposes. Of course we can discuss if it is a good or bad thing that everybody can listen to what we are saying in a private chat, but than we can just keep talking about all kind of Orwellian stories.
The point is that it is rather easy to integrate SSL security in such a great service. So it would be great to hear some kind of ETA. I would rather want to see this within a few months than within a few years.