Recent content by DeltaHF

I'm having the exact same issue as reported by some of my users. Only a few specific Cloudflare POPs appear to be affected. I was able to confirm it by using a VPN to affected users' area. Specifically, only CSS delivered via XenForo's css.php files are broken (other custom CSS files served by...

I see we can update user_state via the API. I suppose we could write our own webhook endpoint which edits the target user via the API.

Great news!

Same. I have missed a few days here and there for various reasons over the past 23 years, but I have a great moderation team and I'm in daily text communication with my deputy administrator.

Good question. I would guess using URLs with good reputations makes them less likely to be filtered as spam by major email services, too.

I have since added protection to my install page with Cloudflare Access. Surprised this isn't getting more concern or attention. Am I missing something?

Good catch. I just tested it out and it does not ask for 2-factor authentication on the install page.

Yes, hotlink protection also works in emails. Be sure that you're using 2-factor authentication for all accounts with access to your Admin CP. This will provide more security than a CAPTCHA.

Adequate hotlink protection should be enough to prevent this from happening.

Wow. How did you discover this?

My forum has been heavily affected by this as well, and now it seems to be getting even more sophisticated. Today, we had a security locked account doing this same behavior. The spammer actually reset the user's password, so apparently they had full access to the victim's email account and...

Thank you for a great add-on!

It's a dedicated server. Intel Xeon E-2276G, 64GB RAM, primary 1TB NVMe drive, and a 4TB HDD drive. The 4TB drive used to hold the attachments and Image Proxy files but after using @truonglv's Image Optimizer plugin I was able to compress everything and move them onto the 1TB NVMe drive. (You...

Just add i.imgur.com to the "Censoring" word filter in your admin control panel.

Assuming you have a typical XF server configuration, they are stored on the same server as your XF installation.