Randy Calvert

So you asked someone who literally knows nothing about the software, its security or configuration and you expect them to know what they’re talking about? That would be like going up to a random police officer and asking them who committed a crime in your country without them knowing anything about the circumstances. Based on my personal experience… I have seen numerous circumstances where accounts have been created by spammers that instead make a few “innocent” posts and several months later come back and start spamming. In researching the account IP that posted the “innocent” content was posted from a VPN where the spammer would attempt to mask their real IP. They would switch to a different VPN IP for spamming. If this was truly a situation where it was a software level exploit it would not happen with just a few accounts. A majority of the accounts would be used including admin/moderator accounts. It would also be impacting EVERY single board.

You don’t for a VPN. IPS would not control the Cloudflare site they are visiting to adjust the settings. They would have to tell their customers to turn off cloudflare for their site while troubleshooting. For what can you do as the site owner? Turn off all bot related protections. That will help you confirm it is a bot issue. Once confirmed, you could whitelist your server’s IP. If other third party servers are also accessing the IP, you might have to whitelist those IPs as well.

It will work itself out. I’ve seen this issue and while it may seem stuck it will eventually finish after a day or so.

There is no way to "undo" an account delete. You would need to restore from a backup. If this is important, you need to do it sooner than before so you don't keep losing data since your last backup. Regarding changing email, I just changed my email on this site and my personal forum and don't have that behavior occurring. Do you use some kind of 3rd party app or login system?

One suggestion if this is really bothering you is to change the language string for "Last Visited" to something like "Last Signed In".

In that case, if you have a dedicated IPB database and database user, just give it full permission and call it a day. It is no more/less secure and will avoid problems later down the road.

My suggestion would be to give it full permission. If IPB is kept in its own database with nothing else in it, there is no risk to it having full permission. It should not be interfering with other applications. Restricting permissions only can lead to problems later when it potentially can't do something it needs later and you think the software itself is broken when it's instead just a platform configuration on your side. A few months down the road, you're never going to remember this and it will be a big mess and waste of time figuring out how to fix the issue when it could be avoided in the first place. You're not really increasing the security of anything as long as you keep IPB in its own DB without other applications installed in it.

No. There is no “other admin confirmation”. They are either an admin or they’re not. If you want to review actions they’ve taken, there is both moderator and admin logs available to show what actions have been performed by others.

This is highly dependent on how exactly it was installed. You would want to delete any Wordpress files. If those files are in a specific folder, it would be a simple as deleting that folder. If you mixed it in with IPB files, you would have to sort out what is which and only delete the Wordpress files. If you don't know which is which, you can download a set of IPB files from your client area and look at what directories, files, etc are associated with IPB. If your Wordpress is installed in a separate database, you could simply delete that database. If it's shared with your IPB install, you would need to manually separate those as well. If you had any 3rd party integrations to tie your Wordpress to your IPB, you would want to remove those as well.

Awesome. Glad it worked. 🙂

Reach out to the account team. 🙂 https://invisioncommunity.com/contact-us

You need to remove the image from the bottom thumbnails in the attachment section at the bottom. If the image is still attached but not “placed” it will just show up at the end.

It’s a non-issue. Safari did this years ago already. Google is a long time late to the party.

You are looking at the wrong space. The error message tells you where is out of space: Disk full (/tmp/#sql-temptable-70e-3aef8-cea.MAI); waiting for someone to free some space... (errno: 28 "No space left on device") (1021) The /tmp/ partition is basically like a separate drive on a Linux server. It’s used for as you might expect from the name… TEMPORARY files. Restarting the server might temporarily clear some of those temp files but it does not necessarily solve why it’s filling up. This is a servet issue you would need to discuss with your hosting provider. Invision can’t help troubleshoot server/hosting issues.

That is until the AI decides to change things!