New system requirements. Improved accounts security. Custom Terms and Privacy pages. Name Based Avatars. Performance improvements. And much more!
PHP 7.2 is now required (but you should upgrade to 7.4)
PeepSo 220.127.116.11 drops support for PHP 7.0 and 7.1, making PHP 7.2 the minimum required version. We are also planning to follow up with another bump in March, making PHP 7.3 the required version throughout 2021, starting with PeepSo 18.104.22.168.
Our recommended PHP version does not change – it’s still PHP 7.4, so if you are on PHP 7.0, 7.1 or 7.2 you should upgrade to PHP 7.4 if you can and 7.3 if you can’t.
The current version of PeepSo is compatible with PHP 8 already, but until the same can’t be said about WordPress until version 5.7, which is why we still recommend 7.4. We will re-evaluate our position on PHP 8 in the second quarter of 2021 once the dust after WordPress 5.7 release settles down.
“Closed” groups are now “Private”
This is a purely cosmetic change and does not change anything about the actual functionality. The change is aimed to alleviate user confusion who sometimes tend to think “closed” groups no longer approve members. We also think “private” feels more in line with the “auto accept” feature we just rolled out.
As always, you are free to rename the group types with language overrides – which is something you should pay close attention to if you have customized the labels.
It’s not all breaking changes, though
On top of the aforementioned breaking changes, PeepSo 22.214.171.124 introduces some major account & security and performance features and improvements.
Accounts & Security
You are now able to disable logins with username (require e-mail to login) which will improve security and make brute force attacks much harder – since usernames in PeepSo are a part of the profile URL (akin to other social networks), a potential attacker already knows half of the puzzle and is only missing the password. Disabling username logins solves that problem – you need to know the e-mail in the first place. And users can further make it harder by doing things like firstname.lastname@example.org if their e-mail provider supports such syntax.
This improvement is more of a quality of life feature, though. If your members have good password hygiene, a security risk from knowing an username is miniscule (which is why they are not a secret in most social networks). It can get pretty annoying, though, if someone (or some bot) causes the brute force protection scripts to kick in and flood the user with warning e-mails.
Along with the new ReCaptcha on login feature (which should help prevent the less sophisticated attackers / bots from even attempting to log in) we consider the login process pretty well hardened, and expect no other changes to be required until we dip our toes in the two factor authentication topic (much later).
We will attempt to avoid loading unnecessary scripts and fonts, or at least improve the situation a little bit. There is a delicate balance here, since the cost of calculating what is needed with PHP might be higher than just serving all assets indiscriminately.
Our AJAX engine now handles exceptions (mostly connectivity errors) more gracefully, and we introduced a basic queueing system, so that all AJAX calls don’t fire all at once. This should prevent issues in some less powerful environments, where the amount of connections per user is limited. This is an ongoing improvement which we plan to develop further in the next releases.
Name Based Avatars
The Name Based Avatars are now available for everyone, after a period of testing in the Early Access Program. It improves the profiles of users who never uploaded an avatar by generating one for them based on their initials or username. PeepSo keeps things interesting by randomizing the color backgrounds, while keeping the same background and font brightness (defined by you in the settings). You can also switch to grayscale, to keep things more toned down and uniform.
The mobile PeepSo User Bar toggle now displays a total sum of notifications, so it’s no longer necessary to expand it to see if you have any new notifications. Group search was modified to search by “exact phrase” by default, and we added a choice of “any of the words” as well.
This is just the tip of the iceberg, and I highly recommend going through our changelog to get a good idea of all the changes in this release.
Watch our live stream!
PeepSo Engineering Update is a series of live videos covering some more technical topics, whenever something big or interesting enough happens with PeepSo. Check it out!