Best Of

I have my apache/nginx and cloudflare caching perfectly set up along with memcached/etc.

However, with the native response set by Vanilla's defaults, users and myself were having to force a soft refresh to re-validate the homepage right after login if it was clicked on to re-cache the logged in page.

I managed to force my own headers using the exact method you just mentioned earlier.

2 Minutes is approprite for dynamic content like forums. If you want to set the cache control for static assets like images, that should be done through server config (like .htaccess). The default .htaccess does this:

 <IfModule mod_headers.c>
  <FilesMatch "(?<!embed)\.(css|js|woff|ttf|eot|svg|png|gif|jpeg|jpg|ico|swf)$">
     Header set Cache-Control "max-age=315360000"
     Header set Expires "31 December 2037 23:59:59 GMT"
  </FilesMatch>
</IfModule>

CSP frame ancestors can be extended by adding trusted domains (e.g. when embedding or adding to "Garden.TrustedDomains" in the config).

Transactional email is a bit of a mess to set up. I've spent a non-trivial amount of time doing server admin and have a pretty much a perfect scores on most online tests, but some ISPs just block them anyway, because email is awful. Most of the email issues probably need to be sorted out on your server, not the Vanilla installation. Make sure your DMARC, SPF, DKIM are set up correctly at the very least.

There's a Test email button in the Dashboard you could try. It's under Appearance -> Email. You can use it to send a test email to yourself, or something like https://www.mail-tester.com/. Pull up the email headers and see which tests your mails are passing and failing.

Oh, and check your server logs to see what happens when the forum tries to send emails.

Well I found the problem, just in case anyone faces the same in the future, which I believe is actually a bug and should be seen as such.

The email class of vanilla, located at : library/core/class.email.php includes the following code somewhere:

public function subject($subject) {

    $this->PhpMailer->Subject = mb_encode_mimeheader($subject, $this->PhpMailer->CharSet);

    return $this;

  }

This means that the subject is encoded before sent to phpmailer for handling the email, which again encodes it, so the subject is encoded twice.

I believe this should be removed, as phpmailer takes care of the encoding. The other parts of the email aren't sent encoded so they work ok.

For the quick fix of the issue, one can replace the line inside this function with:

 $this->PhpMailer->Subject = $subject;

in order not to break other parts that the same class is used

Change to registration form "Basic"

Else

https://open.vanillaforums.com/discussion/comment/260868/#Comment_260868

The default role type "Member" dictates the roles users are assigned to upon registration, make sure to only choose the default role type "Member" for roles you want auto-assigned on registration.

https://success.vanillaforums.com/kb/articles/39-roles-permissions

Don't set default for your new role