CB bugs

Dear Community Builder -


I am happy to be using your extension - I believe that it is a very useful addition to the open source community, and am hoping to make it a permanent solution on my website, barring the addressing of a few small but important bugs. I have a few simple questions, and I am hoping that you will be able to point me in the right direction.

Thank you in advance for taking the time to read this!

The site is based on Joomla!, and integrates Community Builder, as well as Kunena, which is running error-free. I haven't had a chance to thank the developers, but they have done a wonderful job with that extension, and deserve props for it.

I installed the Joomla! extension Brute Force Stop, in order that the site not be vulnerable to Brute Force attacks, which is obviously very important as it could be an exploit in several different ways.

This seemed to work fine at first with the CB login module, but now, users get a 403 response whenever they log in, consistently. Often the second attempt at a login works, but the first time they get a 403, and this is, of course, a deal breaker in terms of the site moving forward and becoming a credible public site. Any user who gets a 403 on login, even if the second login works, is very unlikely to trust the site, and it is not a tenable solution to ask users "to just login twice" every time, so this has to be addressed if CB is to be used functionally.

In order to debug this, I uninstalled CB and tested the site with the inbuilt Joomla! login, not the CB login, and there was no problem, everything worked fine. However, as you know, one must use CB's login if they are going to use Community Builder, and so I must find a solution to this if I am going to use CB on the site. I have enjoyed working with CB, this is very important, and I am hoping that you can help me.

The second problem is in terms of UI and UX - for a long time, the CB UI and UX worked seamlessly, but then the drop-down menus (edit profile and manage connections), as well as the connections drop-down icon hover, and the blog edit hover over icons, all started having issues.

When a user hovers over them now, the drop-downs appear in the wrong place, sometimes at the top of the screen, sometimes below and to the right, and sometimes not at all. A similar problem is occurring with the input field tooltips.

At first it was just in Safari; over time it migrated to firefox, and then chrome.

At first I wrote some simple JS to correct the position of the tooltips when they appeared, to listen for their appearance and then correct; however, this did not solve it permanently, even though I explored several different methodologies of application.

I then tried reordering the scripts loaded on the page, as well as using the Jquery Easy extension to load other versions of jQuery/jQuery noconflict, etc., as well as disabling other extensions that could be interfering with CB.

In the end nothing solved the problem - sometimes they would solve the problem temporarily, and then it would appear again, and I have put a considerable amount of time into this already, and so have to either find solutions or move forward with another global solution (unfortunately, this may mean dropping CB. As mentioned, I appreciate CB and believe it is a useful addition to the open source community, and am hoping to make this work).

Thank you for taking the time to read this. I know your time and energy is valuable, and am grateful for the extension, as well as for your help.

I have developed the site from the ground up on faith - I do not have any money right now and have put all my eggs in one basket, developing this site to draw in clients for charitable work that I do, to then move on from there. I am, unfortunately, not in a position to pay for the developer options you offer, and am hoping you can help direct me to solutions to these two problems, so that we can get CB to work.

So, I just have two simple questions, to get CB working: 1) how can I get the CB login to work with Brute Force stop, or some other brute force attack solution, without getting a 403 error, and 2) how can I get CB's UI and UX to work out of the box, as advertised?

Thank you!

~~Herbert~~

I installed the Joomla! extension Brute Force Stop, in order that the site not be vulnerable to Brute Force attacks, which is obviously very important as it could be an exploit in several different ways.

This seemed to work fine at first with the CB login module, but now, users get a 403 response whenever they log in, consistently. Often the second attempt at a login works, but the first time they get a 403, and this is, of course, a deal breaker in terms of the site moving forward and becoming a credible public site. Any user who gets a 403 on login, even if the second login works, is very unlikely to trust the site, and it is not a tenable solution to ask users "to just login twice" every time, so this has to be addressed if CB is to be used functionally.

In order to debug this, I uninstalled CB and tested the site with the inbuilt Joomla! login, not the CB login, and there was no problem, everything worked fine. However, as you know, one must use CB's login if they are going to use Community Builder, and so I must find a solution to this if I am going to use CB on the site. I have enjoyed working with CB, this is very important, and I am hoping that you can help me.

I don't see this being a problem with CB it self or a bug in CB, but a problem in the extension you're using which likely has no compatibility with CB and is simply acting on Joomla login events. We provide CB AntiSpam plugin that can protect against multiple failed login attempts (brute forcing) to deny and further attempts however you like (e.g. block ip address, deny attempt, etc..). If you don't want to use CB AntiSpam then I suggest contacting the developer of your extension.

When a user hovers over them now, the drop-downs appear in the wrong place, sometimes at the top of the screen, sometimes below and to the right, and sometimes not at all. A similar problem is occurring with the input field tooltips.

This is almost always due to the Joomla template being incorrectly styled or JS/CSS compression extensions (or feature as part of template) compressing in the wrong order (which is very important to JS and CSS). Wrong viewpoint or bad styling on the html or body elements will cause offsetting to be wrong. Switch to default Joomla protostar, clear cache, and see if issue persists. There's nothing we can really do about this. All JS positioning we use is done using jQuery UI own API for positioning.

1) how can I get the CB login to work with Brute Force stop, or some other brute force attack solution, without getting a 403 error

That would be entirely up to the developer of that extension. Does not appear they integrate with CB.

2) how can I get CB's UI and UX to work out of the box, as advertised?

Yes, but we can't account for conflicts from other things you install. Everything works 100% out of the box on a clean Joomla install, which we re-test regularly.