Administrator

Add to constants.php <?phpdefine( 'NEXUS_TEST_GATEWAYS', TRUE );

To by pass or raise the limits on prompting for manual queries to be ran on upgrades to 4.0.x, add the following to your constants.php file. Replace the numbers as needed. <?phpdefine( 'UPGRADE_MANUAL_THRESHOLD', 450000 );define( 'UPGRADE_LARGE_THRESHOLD', 450000 );

http://rubentd.com/img/banana.gif

If you need to set a cookie domain in IPS4, add this to your constants.php (where x=cookiedomain) define( 'COOKIE_DOMAIN', 'x' );

$INFO['sql_socket'] = '/tmp/mysql5.sock';

Test

http://www.12voltdata.com/forum/viewtopic.php?t=9772#p47388 http://maestro.idatalink.com/product/product/product_id/102

03-20-2015 We are releasing a patch for IP.Board 3.3.x and 3.4.x to address an SQL injection issue. It has been brought to our attention that specifically crafted URLs may allow an attacker to trigger an SQL error with specific configurations. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. IP.Board 3.4.x: patch3122015.zip IP.Board 3.3.x: patch3122015_33.zip If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.7 after the date and time of this post, no further action is necessary as we have already updated the main download zips. View the full article

cPanel TSR-2015-0002 Full Disclosure SEC-2 Summary Multiple vulnerabilities via ExpVar overexpansion. Security Rating cPanel has assigned this vulnerability a CVSSv2 score of 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N) Description The WHM, cPanel, and Webmail interfaces use a common routine named “expvar” for interpolating user input and some cPanel template variables. In many interfaces, this … View the full article

You can include advertisements in other areas of your skin, in IP.Content blocks and even in external pages and applications outside of IP.Board. To place an advertisement in a template or IP.Content block, you can simply use the tag: {parse advertisement="1"} The tag can take either the ID number for the advertisement to display, or the key for the location, which will use IP.Nexus' normal logic for fetching the advertisement. For example, using this tag: {parse advertisement="ad_code_board_index_header"} Would display whatever advertisement is configured to show in the board index header - if more than one is configured, Nexus will either pick a random one, or the most recent one (as per the circulation setting described above). To place an advertisement on an external site, you can call a REST API which will out put the contents - the file is located at: http://www.yoursite.com/interface/advertisements.php You simply need to pass a single variable in the query string which is the same as the parse tag above (ID number or location key). For example, you might use something like this to add your advertisement to a website outside of IP.Board: <?php echo file_get_contents( "http://localhost/ipbdev/interface/advertisements.php?ad_code_global_header" ); Default Location Keys Global Header: ad_code_global_header Global Footer: ad_code_global_footer Board Index: Header: ad_code_board_index_header Board Index: Footer: ad_code_board_index_footer Board Index: Sidebar: ad_code_board_sidebar Forum View: Header: ad_code_forum_view_header Forum View: Footer: ad_code_forum_view_footer Forum View: After first topic: ad_code_forum_view_topic_code Topic View: Header: ad_code_topic_view_header Topic View: Footer: ad_code_topic_view_footer Topic View: After first post: ad_code_topic_view_code

cPanel TSR-2015-0002 Announcement cPanel has released new builds for all public update tiers. These updates provide targeted changes to address security concerns with the cPanel & WHM product. These builds are currently available to all customers via the standard update system. cPanel has rated these updates as having CVSSv2 scores … View the full article

We are releasing a patch for IP.Board 3.3.x and 3.4.x to address two CSRF issues and one XSS issue. It has been brought to our attention that a cross site request forgery issue exists with gravatar images that can allow a potential attacker to cause a user to store a gravatar profile photo that was not desired. Further, during internal reviews of the issue we discovered another CSRF issue that can allow an attacker to mark all private messages as read. Finally, a minor "self XSS" issue has also been patched with this update. To apply the patch Simply download the attached zip for your IP.Board version and upload the files to your forum server. IP.Board 3.3.x: patch_33x_Feb2015.zip IP.Board 3.4.x: patch_34x_Feb2015.zip If you are an IPS Community in the Cloud client running IP.Board 3.4 or above, no further action is necessary as we have already automatically patched your account. If you are using a version older than IP.Board 3.4, you should contact support to upgrade. If you install or upgrade to IP.Board 3.4.7 after the date and time of this post, no further action is necessary as we have already updated the main download zips. We extend our thanks to Daniel Price, A.K.A ShadeSpeed of the GameMaker Community for notifying us of the gravatar issue privately and promptly. View the full article

On a test or developer site, if you want to prevent the system from sending emails, add the following to your constants.php file. If you enter a valid path it will log any emails a file, if you don't need that then enter the second option of /dev/null/ define( 'EMAIL_DEBUG_PATH', "/home/user/devmail"); define( 'EMAIL_DEBUG_PATH', "/dev/null");

When using ssl logins only, you may see an error with the search field pulling non https. Edit quickSearch template and find this: <form action="{parse url="app=core&module=search&do=search&fromMainBar=1" base="public"}" method="post" id='search-box' > And change public there to https

Release Candidate of IPS Community Suite 4.0.0 now Available This means we have left the beta stage where things are unsupported and known to be broken and enter the period between that and final. The Release Candidate phase allows us to partially support the Suite without committing our full resources to it. This step also means that there will still be some bugs in the system but they should not be major issues any longer. You can download IPS Community Suite 4.0.0 RC in your client area. IPS Community in the Cloud clients can request upgrades through support. If you are using our Chat product please note that it is not yet available for version 4.0.0 so please do not upgrade if Chat is required. Important Support Note Release Candidates are partially supported only. There will be bugs in the Release Candidates. Do not use Release Candidates if any sort of issues will impact your ability to enjoy your site. We will assist you in support with any major problems in installing or upgrading from 3.4.7 to make sure your install is online. However, once the site is online and functional, other less critical bugs may be deferred until the next release to fix those issues. We do plan on a fast update schedule but it does mean you may not get fixes for several days. To reiterate: we will assist with major problems that make your Suite not function (install issues, upgrade issues, major problems) but you may have to wait for update releases for other issues. Please keep these support limitations in mind when choosing to use a Release Candidate. Release Candidate Schedule We plan on having several RCs that will be released every few days over the next couple weeks. By doing a rapid release schedule it will allow us to get fixes out to you very quickly and ensure things are as stable as possible for the final, fully supported release. Beta Testers Everyone at IPS greatly appreciates those of you who participated in the beta testing phase. If you did you use beta releases you can upgrade from Beta 8 to RC1 however you may wish to consider a fresh upgrade from 3.4.7 just to ensure you are not carrying over any beta quirks through to RC and final. Our Thanks IPS Community Suite 4.0 took at lot longer than we thought it would as we changed the focus of the Suite and were forced to extend our workload and therefore timeline. We are sorry for these delays and we do hope that you see it will be worth it in the end. IPS4 is a great platform and we are very excited to start adding lots of fun features throughout this year. Upgrading IP.Content to Pages When upgrading from IP.Content to Pages, it is worth noting that because the underlying code has changed, custom templates and custom blocks are not upgradable. Custom templates are removed from the system after the upgrade, and any custom blocks are retained, but left disabled as a reference point for recreating manually. This release of Pages does not have external blocks (this feature allows you use IP.Content blocks on another website or page) and neither does it have relational database field functionality. Both these features will be available in a near-future release. View the full article

SUMMARY cPanel, Inc. has released EasyApache 3.28.4 with PHP versions 5.4.38 and 5.5.22. This release addresses vulnerabilities related to CVE-2015-0235 and CVE-2015-0273 by fixing bugs in the Core module. We strongly encourage all PHP 5.4 users to upgrade to version 5.4.38 and all PHP 5.5 users to upgrade to version … View the full article

Introducing cPanel & WHM 11.48 cPanel, Inc. has released cPanel & WHM software version 11.48 in the STABLE tier. You’re In Control The newest version of cPanel & WHM has arrived and it’s filled with exciting new updates for both hosting providers and website owners. With advances in both mail … View the full article

cPanel & WHM software version 11.42 has now reached End of Life. In accordance with our EOL policy [http://go.cpanel.net/longtermsupport], 11.42 will continue functioning on servers. The last release of cPanel & WHM 11.42, 11.42.1.31, will remain on our mirrors indefinitely. However, no further updates, such as security fixes and installations, … View the full article

For 3.4.7 if you get a STARTTLS Failed503 503 5.5.1 EHLO/HELO first. y5sm3826525ign.7 - gsmtp Upload the following to /ips_kernel/ classEmail.php

A new Adobe Flash zero-day, the third one this year so far, has been found in the wild via drive-by download attacks, according to firm TrendMicro. According to our telemetry, Malwarebytes Anti-Exploit has been blocking this zero-day since December 3rd, 2014. https://blog.malwarebytes.org/exploits-2/2015/02/hanjuan-ek-fires-third-flash-player-0day/ http://arstechnica.com/security/2015/02/as-flash-0day-exploits-reach-new-level-of-meanness-what-are-users-to-do/

Introducing cPanel & WHM 11.48 cPanel, Inc. has released cPanel & WHM software version 11.48 in the RELEASE tier. You’re In Control The newest version of cPanel & WHM has arrived and it’s filled with exciting new updates for both hosting providers and website owners. With advances in both mail … View the full article

SUMMARY cPanel, Inc. has released EasyApache 3.28.3 with Apache version 2.4.12. This release addresses vulnerabilities related to CVE-2014-3583, CVE-2014-3581, CVE-2014-8109, and CVE-2013-5704. We strongly encourage all Apache 2.4 users to upgrade to version 2.4.12. AFFECTED VERSIONS All versions of Apache 2.4 through 2.4.10. SECURITY RATING The National Vulnerability Database (NIST) … View the full article

The latest test results from Beta 6