Forum Activity for @researchcooperative

Log4J vulnerability

Installation and Configuration

The term "Log4J" does not appear in a search of Jamroom, so I am hoping that this is not an issue for JR sites...unless it is a server-side issue that might affect JR sites (and everything else) on vulnerable servers.

Any public or private advice on this matter would be welcome.


updated by @researchcooperative: 03/15/22 09:06:45AM

Is it possible to know what search terms have been used to find a jr site?

Using Jamroom

I guess the answer is yes with some kind of external monitoring by G**gle, but is there is any way from inside jr to see what search terms have brought visitors to a site?
updated by @researchcooperative: 02/01/22 03:57:13PM

Mark items visible only to Admin while logged in as Admin

Suggestions

Thanks. Maybe it is best to continue as you suggest. What I suggested might be too difficult to implement for too little extra benefit. My fantasy is for the logged-in Admin to have a god-like ability to see all points of view, with a single login. It's just a thought. I'll call this solved for now.

Sending invitations using email address - advice in module is not clear

Using Jamroom

The Invitations module offers two ways to send invitations - to Users (i.e. Followers) or with email addresses. The Documentation for this module only explains the case of selecting followers as recipients.

It is not clear whether or not email invitations can be sent to any email address, inside or outside the list of users/members/followers of a network, or only email addresses that are inside a jr network and match users/members/followers.

Note: The language template gives the following advice message:

QUOTE: Enter the email addresses (one per line) for the users you would like to invite

From the perspective of ordinary members of a network, this is not clear Does the advice mean the email address of any follower, any member of the network, or any person inside or outside the network?

I would like to change the language string to make the message understandable for users of my network, but need to understand it first myself!
updated by @researchcooperative: 01/17/22 11:16:38PM

Mark items visible only to Admin while logged in as Admin

Suggestions

When editing and organising the structure of jr network, we need to be logged in as Admin.

For those of us working with just one small computer, it is not easy to be logged in as an ordinary user (or other non-Admin. category) and as Admin at the same time.

Logistically, it would be very useful if Admin could know, from a highlight, shading or tag effect, whether or not the item visible on a single screen (with a single login as Admin) is visible or not to ordinary users (or any particular user category for which the admin would like to consider, while logged in as Admin)..

With this effect, if something is not visible to a particular user category, then I could quickly decide what action to take, if any, when reviewing the contents of the site.

Would such an optional effect be technically possible to implement and generally useful for jr network owners and developers?
updated by @researchcooperative: 01/20/22 04:47:46AM

Steps to set up a network with subscribers

Using Jamroom

As noted previously in this forum, there is no information provided in the jr Documentation for the Subscriptions module.

I have been scouring the forum for clues, and have found the following:

How to set up a subscriptions system for members of your network.
1. Create a signup quota for "Trial Memberships" or "Free Memberships" or a similar name.
2. Empower members in that quota to pay for a Subscription that offers something more attractive than the trial membership.

Notes:
i. The JR system does not allow signups directly to a quota for paid subscriptions. The technical reasons for this have been explained in this forum. Subscriptions have to be linked to an existing member profile id.

ii. Even when the Subscriptions module (inside JRCore) is activated, and the additionally required eCommerce module(s) are actived, it is not obvious how to give members access to subscriptions.

iii. Step 2 (above) is not actually explained. Ideally, a step by step process would be described using screenshots, in the Documentation, or perhaps here in the jr support forum.

iv. Since my existing members are accustomed to having free accounts, I will make their quota NOT a signup quota, and create a new signup quota for trial memberships. That way I can avoid any bother for existing members. The sting should only be for new members, and it will be a very small sting. I will try to be a good nurse.
updated by @researchcooperative: 01/03/22 10:45:47PM

Can the Polls module be implemented in Site Builder?

Using Jamroom

Thanks. That works perfectly.

It would be nice to have a note in the Poll module documentation stating that the Poll module can be accessed in Site Builder using the" Item List" and the "HTML Editor->Embed Media" routes.

I'm sure to have further questions, but will call this solved for now.

Can the Polls module be implemented in Site Builder?

Using Jamroom

@strumelia made an excellent suggestion some time back: for an Admin who wants to set up a poll, it is good to establish a separate profile for poll making.

For my site, I made a separate profile (The Pollster) in a separate, non-signup Polls quota. This gives a fairly clean page for showing polls, and nothing else, and I can use links to this Profile to make visitors aware of each Poll (e.g. as a link on my Home page, and as a Menu tab linked to the specific poll that I wish to promote).

This does the job, but for a more attractive layout with added images, information, and so on, it would be useful to be able to integrate the Poll itself into a page designed using Site Builder.

Can the Polls module be implemented in Site Builder?
updated by @researchcooperative: 12/03/21 02:22:11PM

How can we keep security certificates up to date and prevent security term violations?

Using Jamroom

Thanks. This suggests that there is no problem for https:// my-url.org (which is also hosted by JR) because I own that domain; I have not seen the warning message for that site. That was my main concern, but...

my-url.jamroomhosting.com is currently an open to view (public) sandbox. Is there any harm in letting stay this way?

Since my other domain and site is hosted at the same IP address (I suppose), will it be tarnished by association with the [seemingly] insecure site?
updated by @researchcooperative: 06/27/21 06:33:16PM

How can we keep security certificates up to date and prevent security term violations?

Using Jamroom

Today when I tried log in to a JR site I manage, Kapersky stopped me with the following message:

"Your connection is not private. Criminals may be attempting to steal your information. We recommend that you leave this website. URL: my-url.jamroomghosting.com (note this is a URL that has the https:// prefix). Reason: Certificate term violation."

So what is this telling me? How can I prevent visitors to my network from receiving this message?

How can I prevent the site or a security certificate from offending Firefox and other browsers before they are offended? Can the JR system send me alerts about this before a problem arises?

Could a security monitoring module be developed that helps us to prevent this happening? Or is this already built into the JR update process, and we should just keep updating when JR provides updates?

updated by @researchcooperative: 09/26/21 09:54:25PM