Today, we are pleased to release XenForo 1.5.6. This release fixes a number of bugs and issues that were found since the release of 1.5.5. As this is a maintenance release, the vast majority of the focus was an increase in stability. In addition to the usual bug fixes, we've made a few improvements: In June, PayPal will be making changes to force all requests to use TLS 1.2. If your server does not support TLS 1.2, after this date, user upgrades will not be processed correctly. As of 1.5.6, we attempt to ensure that we use a connection type that supports TLS 1.2 so service will not be interrupted when the change happens. Unfortunately, your server may not support TLS 1.2. If you are using user upgrades, it's important to check this. To do so, we have added an automatic TLS test to the List User Upgrades page. You will see a message printed on this page if your server lacks TLS 1.2 support. A new config.php option $config['untrustedHttpClient'] has been added to allow you to specify a custom configuration when making untrusted HTTP calls such as via the image proxy. For example, this can allow you to direct the connection through a proxy to keep your server's IP hidden. A new config.php option $config['enableReverseTabnabbingProtection'] has been added to allow you to disable the reverse tabnabbing protection that was added in a recent version. The reverse tabnabbing protection can interfere with some services that manipulate link targets (for example, to include affiliate links). While disabling this removes the protection, the trade off of lost revenue may be worthwhile. When importing from vBulletin and IPB, thread tags will now be imported. Please note that we are now formally recommending that you upgrade to PHP 5.4 or newer. Our intention with XenForo 2.0 is to require PHP 5.4 or newer. If you are running PHP 5.3 or 5.2, you will receive a warning when installing or upgrading XenForo. Some of the bugs fixed in 1.5.6 include: Autofocus two-step verification inputs and select the remember device option automatically to improve usability. Clear moderator session caches when using Test Permissions. Include thread prefix in the title of post reports. Don't attempt to create a Flash object to workaround a Firefox issue unless the Flash uploader is enabled. Don't autolink in signatures if the user lacks permission to include links. Workaround for an issue that could prevent a discussion update happening if its parent container could not be found. Included banned and non-valid users in trophy and promotion checks. Fix for user mentions not displaying in some profile posts. Improve index usage when displaying user online statuses with messages. Fix an issue with Imagemagick thumbnailing that could create a thumbnail that wasn't the correct size. Don't change the user state when awaiting approval unless we're sure the user will go back to that state. See the Resolved Bug Reports forum for further information. The following templates have had changes: login_two_step news_feed_item_profile_post_insert page_container_js_body two_step_backup two_step_email two_step_totp Where necessary, the merge system within the "Outdated Templates" page should be used to integrate these changes. All customers with active licenses may now download the new version from the customer area. Download XenForo 1.5.6 From the Licensed Customer Area More Stable This release follows our principle that third-point (x.x.X) releases should always be more stable than the preceding version, so for the most part you will not find new features in this release. Major new features will be reserved for second point versions (x.X.x). Installation and Upgrade Instructions Full details for how to install and upgrade XenForo can be found in the XenForo Manual.