From now on, the FlatPress support forum supports Two Factor Authentication (2FA). (For more information on what’s 2FA, see below.)
Feel free to secure your account!
Activating it is quite easy: Go to the User Control Panel, tab “Two Factor Authentication”. Select “OTP” and hit “Add new key”.
Your OTP secret and a QR code are being generated. (The QR code basically contains the secret.)
Scan the code with your OTP app or enter the secret manually.
Read the OTP from your OTP app and enter it in the “OTP key” field. Hit “Register new key”, and 2FA is activated for your account! From now on, you’ll need to enter the current OTP code after giving your username and password.
Of course, you can disable 2FA at any time by simply deleting the registered keys.
What is Two Factor Authentication?
Two Factor Authentication (2FA) with Time-based One-Time Passwords (TOTP) is a great way to protect your user accounts on any platform providing it. It basically means you do not only need your username and password to login, but also a 6-digit code freshly generated every 30 seconds e.g. in the OTP app on your mobile device.
So even if your username and password get stolen (via phishing, keylogging, social engineering, … you name it), your account can still not be accessed without knowing the 6-digit OTP code (which changes every 30 seconds).
This massive increase in security comes with a price, though: Without your OTP generator (i.e., the OTP app on your mobile or any other program capable of generating the code), you will be not able to access your account. But fear not, a good OTP implementation will provide you with static backup codes you can use instead. Of course, nobody else than you should ever get those backup codes, so keep them well :)
2FA is a widely spread standard. Some examples: Amazon offers it, PayPal does, GitHub and Twitter as well. My personal recommendation: Try it, get used to using it, and activate it on any platform that provides it.
What’s a good OTP app?
There may be countless TOTP generators out there. My recommendations are:
- The password safe KeePass (great for securely managing many different, unique and safe passwords on Windows, Linux and even mobile platforms!) has the OTP plugin KeeTrayTOTP.
- FreeOTP+ (F-Droid / Google Play Store) is great for Android devices.
- Apple users may want to take a look at FreeOTP.
If you have questions regarding 2FA or want to share opinions or recommendations, please feel free to do so on the FlatPress support forum.
All the best,
over the last few years, some of you have asked me how they could send me a small donation to recognize my efforts on the FlatPress project.
This means a lot to me, not for the money, but for your gratitude.
I’ve finally managed to set up a PayPal account and a SEPA bank account for this - so if you want to send a little “Thank you”, feel free to do so now:
Thanks a lot to all of you!
viewed from the outside, it seems rather quiet around the FlatPress project. But just look at the picture to see how hard we’re actually working behind the scenes! ;)
In fact, things are really moving nicely. In total, we have three active development branches:
In the master branch, we’re working on “normal” features and bugfixes for the next FlatPress version. Talking about the new Gallery captions plugin, improvements of the Leggero theme and many smaller and bigger bugfixes. Oh, and the cool PhotoSwipe plugin made it into the standard FlatPress package!
For all details, see the current change log.
PHP 8.1 compatibility
We need to make FlatPress working with PHP 8.1 properly. This aim contains two main tasks:
- Update the Smarty template engine to its current 4.x version.
This has been done in the Smarty update branch - now we need to make sure everything works fine. If you feel like supporting our project, please help us testing!
- Change all internal date formattings.
With the current “%Y-%m-%d” style of the deprecated strftime() function, FlatPress throws ugly warnings under PHP 8.1. We opened issue 92 for that, the development will take place in the strftime branch.
New Admin Area
Honestly, it’s a shame this gem isn’t part of a final FlatPress version yet. Franah built a completely new Admin Area which brings a new fresh touch to working with FlatPress. Also, it’s reponsive, meaning it adapts to your screen size and works flawlessly even on your mobile gizmo.
If you want to take a look into it, please feel free to get it from the Responsive Admin branch. Of course, it also contains all the bugfixes and features from the master branch.
Share your findings and opinion on the new Admin Area on the support forum.
Be part of the development!
You’re warmly invited to grab FlatPress from the described development branches and test the heck out of it.
Simply follow the link to each branch on GitHub, hit the green “Code” button in the upper right, and select “Download ZIP”. Then just install FlatPress on any web server, e.g. in a subdirectory of your blog site. To get rid of it later again, simply delete this subdirectory :)
Report any bugs and glitches or simply let us know what you think about the new features on the support forum.
Also, follow FlatPress on Mastodon or Twitter to stay in touch with the latest progress of your favourite blogging engine.
For any further questions or suggestions, please drop a line in the comments below.
All the best,
Image: “HRA computer lab - ~1983” by Blake Patterson - licensed under CC BY 2.0
here’s a little update on the current development status of FlatPress. We’re actively working on two main topics: The new Admin Area and getting FlatPress PHP 8.1 compatible.
New Admin Area
As described in the last blog posting, franah created a great new Admin Area for FlatPress: It looks fresh and awesome, adapts to your screen size, and also works great on mobile devices.
It is quite complete, and now it needs a lots of testing with different themes, plugins, and page content. We have to make sure everything works fine, so please help us testing!
Check out the future of FlatPress, and test the heck out of it :)
PHP 8.1 compatibility
FlatPress throws ugly errors when run under the current PHP version 8.1. This is because it uses functions PHP 8.1 marks as deprecated. In order to keep running correctly, FlatPress needs to be reworked.
One main issue here is that we still utilize the outdated version 2.6 of the template engine Smarty - which is not ready for PHP 8.1. So our first step to PHP 8.1 compatibility is to update Smarty to its current version 4 (Issue 94). What sounds quite easy, is actually a lot of work, since Smarty changed a lot in between. I’m still working on it (Branch on GitHub), but some effects become clear already:
- With the new Smarty version, FlatPress will require at least PHP 7.1. (Until now, PHP 5.6 is minium.)
- Themes and plugins may need some overhauling. The name of many Smarty functions has changed, and it has become less tolerant when it comes to template syntax.
As soon as Smarty is up-to-date, we can work on the PHP 8.1 compatibility of the FlatPress code itself (Issue 92). Main task here is the strftime() function that has become deprecated. Its date and time formats (e.g., “%Y-%m-%d” - check out the “International settings” options in your FlatPress settings!) most likely have to be changed to the format of the date() function (e.g., “Y-m-d”). This also may require some sort of automatically updating these date format settings.
Schedule for the next FlatPress versions
PHP 8.1 compatibility is quite urgent, since this is the current PHP version for quite a while now. And since the Admin Area still needs testing, the next FlatPress version 1.3 could bring PHP 8.1 compatibility and then 1.4 the new Admin Area. But this order is not finally decided and simply depends on when each topic is finished; we’re actively working on both.
Stay up to date!
If there is any news on the developments, I’ll let you know here on the project blog (you may want to subscribe to the RSS feed). Also, feel free to follow FlatPress on Twitter and on Mastodon.
All the best,
hope you had a good start into 2022. These are strange and sometimes exhausting times out there, stay safe and keep smiling!
As you may or may not know, franah works on a complety new Admin Area for quite a while now. It presents all the known administrative functions in a stylish new way and also works great on your mobile gizmo, e.g. smartphone or tablet.
What we need to do now is testing the new Admin Area in every possible way. Is everything working fine, does it look good on any device, does it break anything?
This is where YOU come into play: Please help us testing!
Download the latest development snapshot here:
(The “responsiveadmin” development branch contains everything you find in the main branch - but with the new Admin Area instead of the old one.)
You could set up a new FlatPress installation, say, under yourwebsite.com/responsiveadmin. Then simply copy the fp-content and fp-plugins folders from your productive website there, so you can edit your very own blog content in the new Admin Area. Also, add the folder of your productive theme to fp-interface/themes to see if your own blog theme works well with the new Admin Area.
Since we are in very early testing, we strongly recommend not to use the new Admin Area on productive sites. Let’s make sure everything works and looks fine first :)
If you have opinions about the new Admin Area, or you want to suggest changes or report bugs, please join the discussion on the FlatPress support forum:
Thank you very much for supporting us!
All the best,