EGOCMS 26.2.0

Our blog offers news about web content management systems and current release notes for EGOCMS

Bot brake

  • The default upper limit for the bot brake, which blocks access by bots if the server load is too high, is now 50%. The upper limit can still be set.
  • All bot brakes triggered by the EGOCMS respond with a 429 Too Many Requests Status Code and a Retry-After 300 (5 minutes) header.
  • The number of parallel bot accesses per second is limited to 30 (regardless of the IP). This value can be adjusted via "Administration > System > Security".
    • This measure is only active if the upper server load limit has not already been reached. In addition, the PHP module APCu must be installed and activated.
  • The EGOCMS image provides an activated rate limit in the Nginx settings, which allows a maximum of 5 page views per second from the same IP.
  • The server load is now calculated via the top.sh script every 5 seconds. The shorter intervals help the bot brake to intervene in good time.

READ MORE ABOUT THIS TOPIC IN OUR ONLINE HELP

Features

  • Front-end administration:
    • If a favourite block was inserted last, the favourites group is automatically selected the next time the block is selected.
    • If the block toolbar is focussed for a short time, all toolbars of any active editors in the block are hidden. This is to prevent the two toolbars from overlapping.
    • The TinyMCE editors in blocks are only initialised when they are focused (e.g. with the mouse or a drag & drop event). This speeds up the loading of the "Content" tab for pages with a large number of blocks and editors.
      • Empty elements are excluded. These are always initialised immediately because only then is the placeholder for the empty element visible.
  • System check:
    • The log of the last execution is written to var/log/systemcheck.log.
    • The ffmpeg tool is checked in the system check and generates a warning if it is not installed. If it does not exist, certain features cannot be used.
  • QR code:
    • The Smarty function {qr} knows the parameters quietzone and colour(details).
    • The QR code tool of a page can also change the border and the colour of the QR code in the preview. These settings are also used for downloading the QR code graphic.
      • The selected colour is reused during the browser session.
    • In the QR Code Tool, the permalink is always automatically preselected, as this is the recommended URL that should be used for a page as a QR code.
  • Materialkit design:
    • IDs for Google Tag Manager and Meta Pixel can be entered in the design settings. If at least one of these is used, a cookie consent is required for which you can set the displayed text.
    • The "Contact form" block automatically sets a captcha if the client and the page have no view restriction.
  • The standard transfer right can be set per client (by default, only superusers are still allowed to do this). This always applies in addition to the submit permission set for individual pages and cannot be removed for individual pages.
  • REST API: The page rights check by view is only executed if auth_or 1=1 has not been explicitly transferred.
  • On the "Information" tab, the data for "created", "modified" and "published" is always updated immediately when saving.
  • The display of the media pool has been changed to a grid system.
  • For the AD import, a regular expression can be set on the "Exchange" tab, which finds user names that may not be imported.
  • In addition to the type_regex parameter, the type_regex_exclude parameter is now also supported (reverse check).

Compatibility

  • In the form block "Text", the type "Date" no longer generates a warning that the element is not supported in all browsers. All modern and current browsers now support this element.
  • The file system icons are now generated dynamically. The bin/admin_skin/egotec/img/icons/ directory has been removed. If you are still referencing icons from this directory, you can use dynamic file system icons instead.

Performance

  • The cron script for cleaning up the rights tables for users that no longer exist has been optimised.
  • Determining whether access is from a bot or which output device is involved has been greatly accelerated.

Bugfixes

  • Mediapool sorting works again.
  • If the Collabora Editor is used for Mediapool files, the dialogue was displayed incorrectly.
  • WebDAV: Multimedia files are clearly identified by the name and file type in the extra field, so that several files with the same name but different file types are possible in the same level.

Created by Günther Dan today at 15:00 o'clock