AWS

Welcome Hulk. Nice to see you here. I fixed the problem with permissions. I also moved you to the visiting admin group.

Let me check permissions. I'll get it fixed for you right away.

After the holidays are behind us I am going to put my attention to getting things done here I've been pushing off. Mainly because I was combining my tech sites. That's done so it's time for Forum Squared to get the things done I should have already done. List of planned items: Upgrade to Invision 5 beta. Currently at beta 9.1 Add the link directory. I removed it after I had a database crash. Revamp the downloads section and add more downloads. Work on the resources section. Get some articles off the drawing board and onto the site. Move my personal blog to here. This is not a priority so it might be a while. That's for starters. There is a lot in v5 so I'm sure there will be more that I come up with. I also plan to incorporate a revenue sharing system to give back to active users. Investigating how to put it together using Pages and Commerce. Happy holidays everyone.

The biggest hurdle is to keep from getting bored. If you get bored you slack off and the community suffers. Everyone goes through burnout. If it happens too soon the community will die. This doesn't hurt older established sites. They have more than 1 person running things.

I am happy to announce a new spam detection module in Discourse AI Over the past few months, we have sadly noticed that Akismet’s performance has been quite uneven. AI-based spam detection allows you to better control how spam scanning works in your community. We have seen very good results on a few forums now. Please share your experience here. For those self-hosting or generally looking for a “free” way of using these tools, have a look at OpenRouter. There are quite a few free LLMs out there that can do a reasonable job scanning for spam. Read all about it at: Configuring and managing AI-powered spam detection in Discourse Site Management This guide explains how to configure and use Discourse AI’s spam detection feature, including the setup process, scanning criteria, classification logic, customizations, and contrasts with AI triage. Required user level: Administrator Discourse AI provides an efficient spam detection feature that identifies and flags spam posts with minimal configuration. While designed for simplicity, it complements the more versatile AI triage system, which supports broader… 1 post - 1 participant Read full topic

New features in 3.4.0.beta3 Check for updates on What’s New page In the What’s New page within the admin settings there is a new Check for updates button. This allows admins to check for any new updates to this page immediately. Filter by user in the review queue Admins can now use the filter Reviewed By in the review queue to see all the flagged content a user raised. Threading in Chat DMs and group chats Enable Threading in Chat settings for DMs and group chats so any reply to a message will create a separate conversation thread Mention counts in Chat threads With this change new messages within a Chat thread will appear as a mention count on the thread itself alongside the Chat channel, Chat icon, and user notification. Simplified invites The process of inviting users is friendlier and easier to use. Creating an invite link now takes one click (editing link options are still available). Learn more… Redesigned /about page The About page has a new look, and is easier to customize. Via a new admin page linked from the page itself, you can add a banner, site summary and description, and specify how you would like to be contacted. Site activity is presented better and can optionally include EU specific visitor statistics. Learn more… Restricting profile visibility of low TL users We have introduced the following changes for low-trust level users to prevent abuse of user profile bios and other fields. Anonymous, TL0 and TL1 users cannot see any user profiles for users with 0 posts except for staff users Anonymous and TL0 users can only see profiles of TL1 users and above Security Updates This release includes fixes for these security issues reported by our community and HackerOne. Bypass of Discourse Connect using other login paths if enabled (CVE-2024-49765) Moderators can view Screened emails even when the “moderators view emails” option is disabled (CVE-2024-52589) Magnific lightbox susceptible to XSS (CVE-2024-52794) Potential Backup file leaked via Nginx (CVE-2024-53991) 2 posts - 2 participants Read full topic

Discourse 3.3.3 Stable Release Discourse strongly recommends that all sites follow the default tests-passed branch of Discourse. The “stable” branch is more focused on lack of change than lack of bugs - all releases, including those on tests-passed and beta are production ready. Security Updates This release includes fixes for these security issues reported by our community and HackerOne. Bypass of Discourse Connect using other login paths if enabled (CVE-2024-49765) Moderators can view Screened emails even when the “moderators view emails” option is disabled (CVE-2024-52589) Magnific lightbox susceptible to XSS (CVE-2024-52794) Potential Backup file leaked via Nginx (CVE-2024-53991) 1 post - 1 participant Read full topic

Background Under the current default settings, when signing up for an account with an e-mail that has already been registered, the sign-up form will inform of that: We are changing the default setting to not give away this information. Instead, the sign-up form will look like this, regardless of whether the e-mail is already registered or not: This also affects password resets in similar ways. With the setting disabled, the form provides immediate feedback that the e-mail is in the system: With the setting enabled it does not disclose that information: Why are we changing it? A malicious actor can use this feedback to perform an account enumeration, letting them know whether certain users exist on this forum, which can then let them target those users with phishing. Won’t this affect legitimate users negatively? The case here is if a user forgot that they already have an account, and they try to sign up or reset password using the same e-mail, which should be a relatively rare occurrence. But even then, they will just receive an e-mail letting them know they already have an account. The change ultimately does not affect legitimate users’ ability to sign up or access their accounts. But I prefer the old default If you have changed this setting at any point, the new default will not override the custom setting. If you want to change back to the old default, you can set the hide_email_address_taken setting back to false. Note: we are considering hiding this site setting from the admin settings page in the future. 1 post - 1 participant Read full topic

We’ve updated the terminology in Discourse’s interface to improve consistency across the platform. What was previously called a “color scheme” is now referred to as a “color palette” throughout the user interface. What’s Changed The term “color scheme” has been replaced with “color palette” across the Discourse interface. This change affects what you’ll see in the admin area, customization settings, and other UI elements. The functionality remains exactly the same - only the terminology has changed. What to Expect If you’re writing documentation or guides about Discourse, please use “color palette” going forward. You may still see references to “color scheme” in some documentation as we gradually update all materials. For developers: References to “scheme” will remain in the codebase (variable names, function names, etc.) for technical stability. Why This Change? This update brings more consistency to our interface language and aligns with modern design terminology. While this is a small change, we believe that consistent terminology makes the platform more intuitive to use. Questions? If you have any questions about this change, or notice any areas where it has not been appropriately updated, please reply below. 1 post - 1 participant Read full topic

I've been following along with the topics in the forum for the cloud customers. It seems like things are real good for them. Not sure how it would be for someone like me with more than one site. I might put a site on the Invison cloud and see what it's like. Prices aren't bad.

Here is a scenario. A visitor signs up for your site. His first post is an introduction. In the introduction he drops a link to his community. The next post are his sites stats which he comes back to everyday to add too. Each time with a link in the stats. Doesn't add any real content or engage with other users threads. What would do? Warn? Ban? Thoughts.

I've heard good thing about Knownhost. Good choice for sure.

It's tough to get a forum going now that there is Reddit, Facebook and the like. It can still be done. Takes lots of hard work. You need to decide on a niche. After that decide on the software. If you want just a forum and don't want to pay for the software use phpBB or myBB. You can convert ti a paid software after the community gets off the ground. If you want more than a forum then you should look into using Wordpress with a forum addon. You can add galleries later if you like. Once you get the forum running the real work starts. Promote it, add content and promote it. Promotion is the hardest part. As long as you have content that is. Good luck. When you get started let us know. Some of us can help get you started.

I'll look into it.

A community’s data is more than just numbers and names; it reflects the community’s pulse—what members care about, discuss, and engage with. This data includes all of the knowledge generated through those discussions which should be a lasting resource, always accessible to your community. However, many platforms make it difficult to access your community’s history, or even limit how much history you can access, hindering your ability to retain and leverage valuable insights. Others may prevent you from taking your data with you if you decide to move. Choosing the right platform from the start helps you future-proof your community. This is a companion discussion topic for the original entry at https://blog.discourse.org/2024/12/the-importance-of-data-ownership-for-community-leaders 1 post - 1 participant Read full topic