I have an update on this problem. My host has fixed all of the redirect issues as far as I know. Redirects now work for everything.

Now I am stuck with 2 major problems/issues:

(1) When you click the email icon next to my name so someone can send me an email, b2evolution comes back with supplied email address is invalid.

(2) Can someone please explain to me what a member (level 1) user can do or not do. I want users to be able to register and subscribe to blogs.

Thanks,

First, I hope you're aware of the security risk present in all the 1.8 releases except 1.8.6. Upgrading is often a scary proposition, especially for an active blog, but having your blog hijacked and defaced is even worse. I therefore firmly recommend you upgrade to 1.8.6 ASAP.

So the permissions thing. It's a bit unfriendly, and I'm not completely hip to how it works, but here's my take: you need to set up the group permissions AND the user permissions for things to actually work. On your users tab you can click the name of each group and set some permissions for the group. Then over on your blogs tab you can select perms for each group AND for each user. I've finally gotten through clicking a million little boxes so I think my users can finally log in. Blech!

As I said, and just to be clear, I'm not an expert on this aspect and am only offering what I think I know.

Do you have for yourself a level 1 user account? If not you should make one for yourself so that you can log in as admin and make a change, then log out and log in as "you-level-1" and test how the average Joe will experience your blog. That, by the way, is another thing I need to be very careful to always do.

The message form link depends on a valid email addy in the back office. Are you sure your address is in there correctly? Have you gotten any email from that feature? I tried to test it just now but I get confused by twisted letter captchas and basically just give up.

Hope this helps a bit!

Thanks Ed for the response.

stk fixed the email thing for me. Apprarently there is a bit that checks to see if the email looks like a valid email address. It was not working on my Blog, so he disabled it so I can get messages. I have captcha enabled to I am not too worried about spam. I am using captcha fonts that would be almost impossible for a machine to read. Heck even I have a hard time reading them!!

As far as the security issues, stk is doing the customization of my Blog, he tells me he put in the fix for the security problem.

I did what you said and created a test account at level 1. They are allowed to subscribe to blogs and get an email everytime something is posted. I guess that is cool. I want people to register so I can send them a newsletter every so often.

Now going back to the security issues, I know stk did a fix, should that make me good for now?

Storm_Law wrote:

Now going back to the security issues, I know stk did a fix, should that make me good for now?

Yes, Scott assured me he did all there was to do to make you secure