BuddyPress.org

This sort of functionality is something that’s definitely required for BP – there’s no way an admin can go round reading everything on a busy site, abuse monitoring has to be crowdsourced to the members.

The plugin I’ve been testing, which was last updated in 2013, is this one: https://wordpress.org/plugins/bp-moderation/

Interestingly it covers just about everything – from members, private messages & their senders, statuses, activity comments, topics, forums, groups, posts, pages, blog comments, and probably a whole bunch of other things. I have a hunch they are hard-coded though.

It works to an extent, but glitches I’ve found so far include:

* Setting to define what text appears on the ‘Flag’ links don’t get applied to all links
* Flag link text for things like posts (and possibly pages) starts appearing in excerpts
* It’s using images rather than FontAwesome / Fontello via CSS = ugly and slow
* The admin menu icon is broken somewhat (looks ugly) but that’s minor thing

IMHO if the UI could be cleaned up, images replaced with icon fonts, and somewhat improved control over link text implemented, this plugin would be pretty much there and would cover just about all aspects of WP, BP and (with some extra coding) probably even bbPress.

Unfortunately I’m pants when it comes to PHP so can’t help with this task 🙁

This sounds like something that can be achieved without multisite.You can use Buddypress Groups and bbPress running as a forum for each group to achieve the discussion / chat.

Each project could become a BuddyPress Private Group with its own forum / docs.

If you want a seperate blog for each project then that would require multisite,but one blog categorised by project could achieve the same thing without the additional comlexity.

https://wordpress.org/plugins/private-bp-pages/
https://wordpress.org/plugins/private-community-for-bp-lite/

above 2 work for me absoutely fine. great plugins by @bp-help

There’s no actually need any plugins, you can easily do this by adding these lines to your themes function.php file:

`<?php

add_action( ‘wp’, ‘custom_private_area’, 3 );
function custom_private_area(){
global $wp;
if (!is_user_logged_in()){
if ( bp_is_activation_page()
|| bp_is_register_page()
|| is_page_template( ‘wp-login.php’ )
|| ( in_array( $GLOBALS[‘pagenow’], array( ‘wp-login.php’ )))
)
return;
bp_core_redirect(get_option(‘siteurl’) . “/wp-login.php”);
exit;
}
}

?>

The best approach is to list all of the places a member can enter text then try to lock each one down.

Off the top of my head I can think of:

The WP admin area – creating posts and pages etc

Comments (if you have comments enabled)

The BP profile area (xProfile fields)

The activity stream (commenting, replies, new updates etc)

Private messaging?

Private BuddyPress by Dennis Morhardt works an absolute treat for me.

I am having the same issue. I am getting 404 error for requests to a private group. Very frustrating.

Confirming this bug, which lead to some drama on our forum. You think private topics are private, but turned out that if you click on the last reply links from a private forum, you sometimes can get in even when you don’t belong to the group. Not funny.
Also, subforums don’t inherit the settings from their parent forum.

1GB RAM is a minimum, 2GB RAM is ideal. As you scale up you may need more. On a good server setup you can actually see live (via SSH) how much of your RAM is being used up and how much is free. If you’re bottlenecking, you can contact the hosting company to add more RAM or bump you up to the next server. That is not the same as migrating to a new host… if it’s within the same company they should handle it for you seamlessly in the background.

Another option is to use Amazon (AWS) instead of a private server and it just scales up automatically as needed – they mostly charge by data rather than by server. They will be more expensive for most sites and will be slightly harder to set up, but they are also incredibly scalable.

A CDN isn’t really a “cache” in the way you imagine W3 working. It’s only caching resources (stylesheets, images, javascript files, etc) but not caching “content”. Your resources usually don’t go stale because they are not updated often. And if you do it properly, the cache can be broken any time you update a resource (by adding a version number to the enqueue in your theme). The version number gets appended to the URL of the resource, so if it changes the CDN thinks it’s a different file and immediately serves up a new file.

Content does go stale. By content I mean the data that is outputting for everyone to see right on the website. Like a profile, activity page, member directory, etc. This is the stuff that plugins like W3 are primarily used to cache (among other things as well).

You can integrate a CDN very easily using WP Super Cache. You can just turn off the content caching stuff and use it only for pushing your resources into a CDN. It’s a set it and forget it kind of setup for the most part.

If you happen to be in the Miami area on May 9, I’ll be speaking about scaling BuddyPress at the BuddyCamp (1st day of WordCamp Miami). http://2014.miami.wordcamp.org/
Should be a fun event.

@batmanfan You can make a forum private, public or hidden.
Check out the doc: https://codex.bbpress.org/getting-started-with-bbpress/

You have no idea what you can learn by reading it. =)

Basically yes.
The Sitewide Forums are available to everyone, while the Group Forums are a private forums for a specific group. Other than that, they just share all the normal forum functions.

Have you looked in the db to verify they weren’t deletes? Do you have any plugins installed that might effect that? I remember testing a private activity once that sent notifications even though someone didnt have access to them.

You can prove your theory about the majority being messages by looking in the notification table. In there there are fields that will tell you what component the notification is for (messages, mentions, friend requests, and so on). Hover you mouse over the read/delete actions for the notifications with missing titles. You’ll see the notification ID. Look for those specific IDs to see if there is a common component where this is happening. Either way, you can get the item_id (what you were actually notified on) and verify that item actually exists. If the component is ‘activity’ look for item_id in the activity table. If its from the messages component, then you can look for the item_id in the messages_messages table. (though even if the sender deletes the message, it will still be in the db, so this might not get you anywhere actually)

I’m curious to know what you find. Good luck.

I have the same thing to me and not display private message button, etc

First question would be to ask if your on shared hosting vps or private server?
maybee this link will help you if you take a look. i dont know what hosting your with but have a read anyhows.
https://wordpress.org/support/topic/godaddy-iis-and-removing-indexphp-in-url

p.s i dont know if there is a solution within that post but it may help you find out a little more.

also just found this post too for you.

https://wordpress.org/support/topic/getting-rid-of-indexphp-from-url

@xxxtristamxxx
Try: https://wordpress.org/plugins/private-bp-pages/
Full disclosure, I am the plugin author.
Good luck!

1. Event integration would be great, including inviting people to an event and being able to mark as attending not attending etc for users.

2.More privacy options on public groups such as being able to stop them from showing in the activity stream altogether but still allowing people to join without requesting.

3.Option to turn on some form of automatic activity refresh (for those people who have dedicated servers with good resources)

4.Privacy in general, being able to set your profile to public private or friends only etc.

5.Notifications to show avatars.

The fix is posted here: https://buddypress.org/support/topic/404-error-on-request-membership-for-private-group-in-bp-1-8-1/#post-179495

Most of wordpress plugins mentions above work like

Attacker > HTTP server > PHP > WordPress > PLUGINS

We all need to have something before WordPress that’s why I recommend

NinjaFirewall (I do not have any relation with the plugin creator)

https://wordpress.org/plugins/ninjafirewall/

Block the attacker before the WordPress

Attacker > HTTP server > PHP > NinjaFirewall > WordPress > PLUGINS

As always in installing any plugins that possibly can block your admin access you have to read the Installation note and have access to the FTP.

NinjaFirewall will work as another layer to protect your site.

In addition if you have not done it:

1. Change your “Admin” username to something dificult and at least 10 characters (+) but easily to remember (+ for you – for security) or you have to read a note (-) safely secured in your safe locker (+)
2. Make your password at least 25 COMBINATION of characters (+) but easily to remember (+ for you – for security) or you have to read a note (-) safely secured in your safe locker (+)

NinjaFirewall:

• Web Application Firewall
• Full standalone web application firewall
• Multi-site support
• Compatible with shared hosting accounts
• Protects against RFI, LFI, XSS, code execution, SQL injections, brute
• force scanners, shell scripts, backdoors and many other threats
• Scans and/or sanitises GET / POST requests, HTTP / HTTPS traffic, cookies, server variables (HTTP_USER_AGENT, HTTP_REFERER, PHP_SELF, PATH_TRANSLATED, PATH_INFO)
• Sanitises variables names and values
• Advanced filtering options (ASCII control characters, NULL byte, PHP built
• in wrappers, base64 decoder)
• Blocks username enumeration scanning attempts through the author archives and the login page
• Blocks/allows uploads, sanitises uploaded file names
• Blocks suspicious bots and scanners
• Hides PHP error and notice messages
• Blocks direct access to PHP scripts located inside specific directories
• Whitelist option for WordPress administrator(s), localhost and private IP address spaces
• Configurable HTTP return code and message
• Rules editor to enable/disable built-in security rules
• Activity log and statistics
• Debugging mode

Hi 🙂
Did you enable the messaging system in the first place?
If not you can activate it in : Settings/Buddypress/ and on the first page, check the messaging box

If you enabled this option already you should have a tab in your profil to send private message

[Edit] Wait what do you mean by “forums”? there are no forums on buddypress, are you talking about bbpress?