I can’t post anything on Forumosa from my office PC, and this is a problem that probably affects other users to a greater or lesser extent. I did a bit of investigating and this is what i found:
People who access the Internet through a dynamic IP-switching proxy can’t post anything on Forumosa. The IP-switching gives the user enhanced security against hackers, but because their IP changes with each page they load on their browser, secure transactions with a server that monitors their IP will fail.
And so it is with the Forumosa site. Let’s say I’m browsing a forum from the IP address 188.8.131.52, and I’m issued a session ID based on that IP address. I click “Post Reply” and the “Post a reply” page loads fine - but it loaded to a new IP address (say 184.108.40.206) because the proxy switched my IP with the new page request. Now, I can fill text in the reply box, and hit “Preview” or “Submit” … but I’ll get the “Invalid session” error. This is because the server tries to match my new IP to the old Session ID (based on the old IP) and it failed.
The thing is that for 99% of Internet activities, having your IP switched by the proxy won’t matter. The user won’t even notice. But if (like the Forumosa site) the software security authenticates your activities by IP address, you’re going to be buggered if your IP dynamically switches.
I do realize that authenticating transactions by Session ID/IP address provides the Forumosa site with additional security … but users can’t change the proxy settings of their ISP. Is there any way around this problem? Is it possible for you to change the security settings for individual members or is there just one phpBB security setting that affects all users?