Second release of July has just arrived. It’s packed with new features, improvements and fixes.
Security was one of our primary concerns when it comes to this release. This one contains another feature sponsored by Dale, we couldn’t fit it in the previous release because of the time limits, but it’s finally delivered. For that we all should definitely give him thanks, be sure to check out the blog post written by Dale too.
If your PeepSo is older than version 1.10.0, contact us and we will handle your update ourselves.
IMPORTANT NOTE. We release all plugins at the same time. Sometimes, it can take some time for all available updates to show in the backend of your site. If some plugins’ updates don’t show, wait. Just Wait. Don’t upgrade just some of them. Drink some coffee and wait. Your site needs to catch up to show them all. If you feel like it’s taking too long, contact us. We’re here to help!
For a quick and hassle-free update:
- Make sure your site is backed up. Preferably test updates on a staging site.
- Go to the backend of your site > Dashboard > Updates
- Select all PeepSo plugins that need to be updated
- Click ‘Update Plugins’ (note: this will deactivate all of the add-on plugins), don’t worry, they’ll come back during Step 7!
- Update PeepSo Core
- Go to the backend > Plugins
- Reactivate all PeepSo plugins
The whole operation doesn’t take more than 3 minutes. Should you have any issues or questions, please do contact us.
Post on Activity Stream When Joining a Group
Dale sponsored this feature in this release as well as I mentioned in the intro to this blog post. What it actually does is it creates a post within your community announcing that someone joined a group. There’s a new pair of settings in the backend of your site > PeepSo > Configuration > Groups. A section for New members. The two settings are:
- Action text (on group stream)
For example “joined this group”. Leave empty for default. Applies to old posts too.
- Action text (on other streams)
For example “joined a group:”. Leave empty for default. Applies to old posts too.
When the option is enabled a post is created automatically on user’s stream when they join a group. These posts are deleted automatically when the user leaves or is removed/banned from the group too.
Brute Force Protection Settings
One day few weeks ago we got a support ticket and a tweet saying it’d be great, if there was some more security for PeepSo. What started as a simple idea for adding some brute force password cracking prevention turned out to be a full-blown feature. Not only it’s fully configurable as you get the following options in the backend > PeepSo > Configuration > Advanced > Security > Login security:
- Minimum password length
Applies only to new passwords.
The above was introduced as a setting after a user pointed out on our registration there’s just a simple 6 character password being required. We made this configurable with a new default minimum of at least 10 characters per password.
The minimum password length is a new feature and not really related directly to the brute force settings. Nevertheless, it is related to login security. It doesn’t matter whether the brute force protection is enabled or not, the minimum password length setting is self-contained.
Now to get to the actual brute force protection. When enabled you have the following settings at your disposal:
- Block login after
Maximum failed attempts allowed.
- Block for
hours:minutes – how long to block login attempts after the above limit is reached.
- Email Notification
Send an e-mail notification to the user, warning them about failed login attempts.
- Enable additional block after
Additional security when users block themselves repeatedly.
- Additional block length
How long to block login attempts when additional security is triggered.
- Reset retries after
How long it takes for the system to “forget” about a failed login attempt.
Those settings pretty much guarantee that nobody can get in using brute force. Of course, the settings only work for PeepSo login forms. Maybe one day we’ll find a way to secure all of your forms even 3rd party ones.
Getting Started Page
Every once in a while we need to get back to the basics. Meaning, try to see PeepSo from a perspective of someone who’s never used it. Even though PeepSo is super easy to install, even though it creates all the pages with shortcodes and pretty much sets your community up in an instant, it didn’t use to communicate well with the user in the beginning. After activation you were taken to the PeepSo Dashboard and… well, that’s it.
This is why we introduced a Getting Started page. After enabling PeepSo you’ll be invited to check it out. It contains all the necessary information all fit into three screens:
- First Screen – Welcome to PeepSo!
Contains information on the created pages, shortcodes and navigation.
- Second Screen – Customize
Contains a few selected configuration settings to get started on making the community yours from the start.
- Third Screen – Next Steps
Contains information about available widgets (for PeepSo, not counting Photos or Videos widgets for now), a hint to hook up WordPress menus and a set of links to your community, configuration and dashboard.
Each screen also contains information on where to look for documentation, support, our own community, developer resources as well as info to get the PeepSo Ultimate Bundle and subscribe to our newsletter. If you already have the bundle key added, you won’t see it there. Same goes for the newsletter.
You’ll also notice that on the second screen where you’re customizing options there’s no ‘save’ button. It’s our little playground for introducing a whole new ajaxified backend. But that will come in later releases.
Since we introduced the brute force protection, adding a login widget to get you covered anywhere on your site also feels quite natural here. It does exactly what the name suggests. It’s a… widget… for… well, you guessed it. Logging users in. It also comes with 2 settings in the backend for either vertical or horizontal layout so you can place it in any position and it’ll blend nicely with your theme and content.
Other Improvements and Fixes
This release also comes with a bunch of other improvements and fixes. Some of them are of the under-the-hood type but as important or at times even more important than sparkly new stuff that you can see. We did improve PeepSo forms further, updated the upgrade instructions when there’s a new version available so there’s no confusion what to do and how to do it. Chat has a long-polling interval set to maximum when browser is in the background so it doesn’t use up server resources unnecessarily therefore improving performance. Users can now like and comment on Read-Only (announcement) Groups. With LearnDash integration we made sure users should not get VIP icons after finishing courses that don’t have a VIP icon assigned. We made sure AutoFriends works with latest WooCommerce Social Login too.
You can see the full changelog here.