Octopress has a pasword protected plugin? - octopress

There are no signs of questions in stackexchange regarding this one and I have done the reasearch. Having said that, I have to protect blog posts which are personal related but always wanted to let it stay online without me having to worry about access - the soultion is password protection as I used to do in Wordpress. e.g: https://pwntoken.wordpress.com/2015/02/17/real-world-penetration-testing-a-gh0st-from-offensive-security/
My question is something similar among those solutions which wordpress plugins provided are possible over the octopress framework? how do one accomplish this?

Ben Balter has really nice way to go. See https://github.com/benbalter/jekyll-auth

Related

Implementing recaptcha on Github pages without php?

Absolute newb here, please forgive me for this basic question.
I have built my portfolio site using Github pages, but am experiencing spam via my contact form (hosted by GetSimpleForm). I am trying to implement Google reCAPTCHA, but I'm a bit stuck in the backend part. As I understand, Github pages don't support PHP, so I can not actually complete the form verification.
Google documentation here was unfortunately a bit overwhelming and cryptic to me as a beginner, since I just stared at my Github html/css/js files and had no clue what to put where.
Am I trying to do the impossible? Is it possible to use reCaptcha on Github pages? If so, is there a beginner friendly tutorial somewhere or a straightforward "copy-paste" thing I could use? (so far, it's not been clear where to use the secret key from the API key pair for example)
Thanks a bunch for any leads or alternative solutions for spam prevention that would work in Github pages!
The short answer is you cannot. Github Pages only support static site. You have to host your own website if you want to do some complex stuffs like backend check etc. and mostly they are not free.
The only suggestion I can come up is simply change your contact form to regular html form instead of hosting by the 3rd party website you are using. I suspect that the main reason you got spam is because you are using it's service.
A really simple way to do it is to make the form with HTML (you can either copy the code from a pre-made HTML site with a form, or find a youtube tutorial that shows you how to make a HTML form, pretty simple), and host it on something like Netlify. Netlify is free for static websites unless you are doing something really complicated, and it has a built in form submission that will send you an email automatically every time someone fills out the form. You don't need PHP or a third party app or anything.
You still create and edit the code of the website through Github, you just need to connect it to Netlify for the forms. I'm a complete beginner and I figured it out. Netfly has some tutorials that explain it nice and simple. No reason to pay or do a lot of complicated stuff, and you can make professional websites with just HTML and CSS.

Create a Plugin-Based System Like Wordpress With Laravel / PHP

This question has been bugging me for quite some time now, I want to create a cms, a School Mnagement System to be more specific, and what matters to me the most, is making this system plugin based, in a way that administrators can download and install plugins right through their admin panel, just like wordpress.
Now I've read about wordpress Hooks, Actions and Filters, and in all honesty i can say i'm just a little familiar with their functionality, but to apply same functionality to a Laravel App... , It's a bit hard to figure out, at least for me.
I've also searched about this question and found out that almost everyone is suggesting packages, But while packages can work great for other developers wanting to get use of the package's functionality, they can't be easily installed by a user not familiar with any programming language, And that's exactly what i want in my application.
Now what i have in my mind so far, as in Wordpress Actions and Filters, almost everything one would want to use in Wordpress theme files ( to make that piece of code flexible for adding plugin functionality ) should be called as functions, and calling that function by Wordpress do_action() is kind of a must-take path, which of course makes sense.
This way plugin developers can just call add_action() / add_filter() in their files and put their plugins into the flow of the application.
So...
Basically what I'm asking here is:
How to apply such functionality to a laravel app?
Is there an easier way than calling everything by a function like do_action()?
Should i write some kind of a file management module for downloading and updating plugins?
Again I must say that I am not very familiar with wordpress ways to achieve this kind of functionality, So I may be wrong about some of the description I mentioned above, But please, I appreciate any clarification around this subject if you can.
Thanks in advance for any insight.
*P.S. I've tried to be as clear as I possibly can about the problem, And I'm not looking for any specific method for the system I`m developing.
What i want is to know Common / Best methods ( If there is a best method ) for achieving such functionality, preferably in Laravel, but a general algorithm would still be very appreciated.
I know lots of people have the same question and are tackling with the same issue, so if you even only provide a link to a useful article it would be great.*
I have been working as a Wordpress Developer for a very long time and I also have sufficient experience in Laravel... and to be honest, making this kind of functionality is not that difficult at all.
How?
First of all, you must understand that the web app that you will be making will have all the functionalities, but they can only be enabled/disabled from the front-end (Admin Panel/Dashboard). In other words, your School Management System app is actually having all the features/functionalities pre-installed, but you are just allowing the users to enable/disable it. This is much simpler.
So, if for eg. you want to provide someone attendance management functionality, you will have to give the admin of the site, the access to enable/disable it.
Why?
Wordpress has a built-in UI for adding/updating plugins. But in Laravel, everything is code based and therefore this I believe is the simplest way to go (especially for making things in your app pluggable).
Steps
Make a site with UI etc...
Create a config and migration file which will have the names of all the plugins you are going to allow the user to enable/disable.
Make a sync command that will sync all the plugins in your app.
Use it render a page from the front-end and manage their status from the back-end (is_active etc etc...)
Now once, these plugins are active, make sure the user (say moderator, editor) has access to manage them, for which you will obviously have to create roles/permissions and use Laravel Policies for such stuff.
Lastly, only the admin will have the enabling/disabling writes and no one else.
For the other part where you want the people to perform their own functions with filters/actions. I'd say this is completely contradictory to the part where you say Installing Laravel Packages isn't easy. Well, if you would really want a developer a way into this, why not straight away ask them to make a package for your app alone? Hmmmm.... Think about it :)
But, even then, if you would like to create such a functionality, create a simple class which the user can call and user its functions to call their own functions... Something like -> SMSPlugin::do_action(). But then again, making things like updating/deleting the plugin will require you to build your own Plugin Store and ask users to upload to it. Then you'll have to make an API to constantly check for updates for all the installed plugins and blah blah.... It's a really long procedure... And I don't believe that feasible too!
Hope I answered everything. Let me know in the comments if you have any doubts :)
I know it was 2 years ago, but for now you can achieve this with laravel with some packages:
So i think the steps will be:
Create new Laravel App and add some packages for BASIC admin UI and things you will need like:
Authentication (https://laravel.com/docs/5.7/authentication)
Roles and Permissions (https://github.com/spatie/laravel-permission)
Users managment
Modules (https://nwidart.com/laravel-modules/v4/introduction)
At this point you must configure and write a UI for manage every thing from every package mentioned.
So i think this is the way or at least some try to do it in 2019 :D
Happy new year to all!
There's a package for this, it supports version 5, didn't test yet with 6:
https://github.com/oneso/laravel-plugins

phpBB forum, self hosting or not?

I want to set up a forum using phpbb.
I've done that in the past by using websites that host it for you, for example:
http://www.phpbbweb.com/ , http://www.free-phpbb-forum.com/ or http://www.prophpbb.com/
These kind of websites are using the phpBB software.
I do not direcly want to register hosting and domainname because I'm not sure if people will actually sign-up, so I was thinking about making a free forum first on one of the above websites (or similar), and if people like it I want to export all the content(users, posts, maybe the theme) to a self hosted site wich I can build a website around and stuff.
Would this be possible ?(apart from the fact that it might be confising for members searching the forum)
Also I would like to know if it is possible to make your own themes(/styles?) for the free hosted ones.
Maybe this is a really stupid question but I'm wondering because at WordPress you have a big diffrence between wordpress.com and wordpress.org, for example the theme design.
For others that are also searching for this:
I made a forum at http://www.prophpbb.com/
It is NOT possible to use ftp on your forum, however, there are a lot of themes avalible for use wich you can customise by changing the css sheet.
As a free user it is possible to send an email to the admins of the prophpbb website to ask for a backup of your forum.
This way you can incluse that when you 'move' your forum.
As a premium member, you can backup the database yourself.

Codeigniter: Replace captcha in Tank_auth

Has anyone ever tried to replace the default captcha in Tank_Auth with their own customized captcha? The default captcha for Tank_Auth is just too difficult for most users. I want to replace it with Cool Captcha and would like to know if replacing it is a good or bad idea.
I recently did this. I replaced Codeigniter's default catpcha with Cool Captcha. Download a copy of it in my github Tank_Auth fork.
I'm doing this atm. You might want to do some research on captcha first though. A lot of these are even easier to get past if they are easy to read.
Check out this related question:
Most effective form of CAPTCHA?
And these two blog posts dealing with that same question:
http://www.evengrounds.com/developers/alternatives-to-captcha
and
http://www.sitepoint.com/captcha-alternatives/
Of course it all depends what and where you use your captcha.
you can configure tank_auth to use reCaptcha, you have to edit the config file
Follow the below mentioned 2 simple steps.
Go to 'yourprojectname/application/config/tank_auth.php'.
Search for $config['captcha_registration'] = TRUE; make it FALSE

Captcha failing, now what?

Installed a captcha on my blog, been good up until now.
There have recently been a bunch of legit-at-first-glance-but-actually-spam entries along with stuff like this:
message: IDevY7 sdbgztbczgpj
from: fmfwls
The IP changes per submission and they must be correctly filling in the captcha. Is my only option manual approval of comments?
The thing is all captchas can be beaten by bots now, even reCaptcha which is a really great solution (Google) Try reCaptcha, you might have better results with that then what you are using now. I found it kept most things out when I was using it, but stuff still did get through.
Other than that look at some other non-captcha spam fighting solutions. Have you looked into akismet? Its a great server side solution that looks at the content and attempts to identify it as spam. Perhaps if you combine the two you may catch the majority of it.
There are various other tricks you can try too. I'd definitely recommend checking out akismet though.
Which captcha system are you using? Has it been broken? Have you tried recaptcha?

Resources