Greetings to all who devote their precious time to these lines.
In this article, I want to talk about ways to optimally configure the DataLife Engine server and content management system. Over the 4 years of working with Internet sites and servers, I have learned that security is above convenience and that it needs to be paid attention to. Reservation: I do not claim any authorship intellectual property! All material was collected on the Internet.
Below will be described actions that will help to distribute the server load, secure it from DOS attacks, restrict access to FTP protocol and correctly configure the DataLife Engine system.
Protection and configuration of your server.
1. Setting up the server configuration using the front-end Nginx to Apache bundle.
The advantages of such a scheme can be understood with a small example. Imagine that your web Apache server it is necessary to service about 1000 requests simultaneously, and many of them are connected to slow communication channels. In the case of using Apache, we will get 1000 httpd processes, for each of which RAM will be allocated, and this memory will not be freed until the client receives the requested content.
In the case of a scheme using a front-end server, we will get significant resource savings due to the fact that after a request arrives, nginx transmits the request to Apache and quickly receives a response. As a result, Apache frees memory after it responds to nginx. Next, the nginx web server interacts with the client, which is just written to serve static content to a large number of clients with insignificant consumption of system resources.
For the correct operation of our bundle, you need a module for Apache. There is such a need for the following reason: requests to Apache come from the IP address on which nginx is running, respectively, only the IP address of the nginx server will appear in the Apache log files. Also, without using this module, problems will begin with scripts that use the visitor's IP address and the mechanism for restricting access by IP addresses using .htaccess will stop working correctly.
Installing NGINX on popular OS.
Red Hat Enterprise Linux 4 / CentOS 4
To install nginx on these operating systems, you need to connect an additional package repository.
Red Hat Enterprise Linux 5 / CentOS 5
To install nginx on these operating systems, you need to connect the additional EPEL package repository.
ASPLinux Server 5 / Fedora
nginx is included in the standard distribution package.
If the repositories are connected or simply not required, run: yum install nginx
Installing Apache.
To install Apache web server, just run: yum install httpd
Installing mod_rpaf.
1.
Install the httpd-devel package:
yum -y install httpd-devel
2. Download and install mod_rpaf:
We enter the directory / usr / local / src
cd / usr / local / src
Load the mod_rpaf-0.6.tar.gz file into / usr / local / src
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
Unpack mod_rpaf-0.6.tar.gz
tar xzf mod_rpaf-0.6.tar.gz
Go to the directory where you unpacked
We put the module in the system
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
3. Next, you need to create a mod_rpaf configuration file - /etc/httpd/conf.d/rpaf.conf and add the following lines to it:
RPAFenable On
RPAFproxy_ips 127.0.0.1 xx.xx.xx.xx yy.yy.yy.yy
where xx.xx.xx.xx and yy.yy.yy.yy are the IP addresses of your server. If there are more than two IPs on the server, add them using the same analogy.
service httpd restart
4. In nginx, the following lines must be specified inside the http () block:
proxy_set_header Host $ host;
If these lines are specified, you do not need to add them.
If nginx.conf is modified, nginx should be restarted:
/etc/init.d/nginx stop
/etc/init.d/nginx start
5. How to check if an installed module is working?
On any of the domains that are located on your server, place the test.php file with the following content:
"echo $ _SERVER [" REMOTE_ADDR "];?>"
Then follow the link, where domain.tcom is the name of your domain. If the displayed IP is different from the IP of your server, the module is working correctly.
Configuring NGINX.
Below is the nginx config file to act as a front-end server. It is assumed that nginx will run on all interfaces on port 80, while Apache will run on interface 127.0.0.1 and port 8080. Save this configuration file in the / etc / nginx / directory with the name nginx.conf.
user nginx;
worker_processes 10;
error_log /var/log/nginx/error.log debug;
pid /var/run/nginx.pid;
events (
worker_connections 20000;
}
http (
include /etc/nginx/mime.types;
default_type application / octet-stream;
log_format main "$ remote_addr - $ remote_user [$ time_local] $ status"
"" $ request "$ body_bytes_sent" $ http_referer ""
"" $ http_user_agent "" http_x_forwarded_for "";
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
send_timeout 900;
server_tokens off;
server (
listen 80;
server_name _;
server_name_in_redirect off;
access_log /var/log/nginx/host.access.log main;
location / (
proxy_pass http://127.0.0.1:8080/;
proxy_redirect off;
proxy_set_header Host $ host;
proxy_set_header X-Real-IP $ remote_addr;
proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 10m;
}
}
Configuring Apache.
In the Apache configuration file /etc/httpd/conf/httpd.conf find the line:
and replace it with the line:
Listen 127.0.0.1:8080
Configuring mod_rpaf.
Add the mod_rpaf module to your Apache config file. To do this, add the following line to the /etc/httpd/conf/httpd.conf file:
LoadModule rpaf_module modules / mod_rpaf-2.0.so
Then add the lines to the same file:
RPAFenable On
RPAFsethostname Off
RPAFproxy_ips 127.0.0.1 192.168.0.1
RPAFheader X-Real-IP
Instead of 192.168.0.1, you must put the server IP address.
2. Server configuration to protect against dos-attacks.
We enable caching of the main page in nginx for those who do not have cookies.
Add restrictions to nginx.conf:
limit_req_zone $ binary_remote_addr zone = two: 20m rate = 2r / s;
server (
location / (
limit_req zone = two burst = 5;
}
}
}
Using tail and awk:
tail -f /var/log/nginx/access.log | grep GET / HTTP / 1.1 "503
We connect the log:
tail -f /var/log/nginx/access.log | grep GET / HTTP / 1.1 "503 | awk" (print $ 1) "
We get the IP of the machines:
iptables -A INPUT -p tcp -j DROP -s $ IP
Enter the IP into the Firewall:
tail -f /var/log/nginx/access.log | grep GET / HTTP / 1.1 "503 | awk" (print $ 1) "| xargs -t -l iptables -A INPUT -p tcp -j DROP –s
Now let's set the connlimit for iptables to restrict bot connections. In the rules, we set permission for 5 connections from one IP, and 25 from a class C subnet.
DDOS attack from 16000 bots - Load average: 1.4 1.9 2.0
Restricting FTP Access
For this we need a .ftpaccess file. It will help you deny or allow FTP access from specified IP addresses. Someone might ask the question, "I have a dynamic IP, how do I use .ftpaccess correctly?" The answer I mean is only this: “If you need this security add-on, get a static IP from your provider. You will not be asked for a lot of money for it. "
To create the .ftpacces file we need SSH access. You can use the winscp program. There can be a lot of settings in .ftpaccess, but we are only interested in one parameter. By writing these lines in the file, you will completely close access from everyone:
Deny from all
After the above, no one will be able to enter the FTP. To add access permission to a specific IP, you need to specify the following parameters:
Allow from 127.0.0.1
Deny from all
Naturally, the address 127.0.0.1 is indicated for an example and must be replaced with your own.
Important! It is best to deny FTP access to absolutely everyone and connect only via SSH.
Protection of the content management system DataLife Engine.
1. Install and configure.
2. Rename the admin panel file and make a fake at the old address (www.sait.com/admin.php) when switching to which the user will be blocked by banning his ip in .htaccess.
Renamed? Now we create an ip.txt file in the root directory to store ip-addresses. Give it and .htaccess chmod rights – 777.
Create a file admin.php with the following content:
$ ip = getenv ("REMOTE_ADDR");
$ log = fopen ("ip.txt", "a +");
fwrite ($ log, "//". $ ip. "\ n");
fclose ($ log);
$ f = fopen ($ _ SERVER ["DOCUMENT_ROOT"]. "/.htaccess", "a");
fwrite ($ f, "\ ndeny from". $ ip);
fclose ($ f);
DataLife Engine admin panel
Text, for example: Your ip in the logs, I will find you!
Fear, you insignificance, ha ha!
"3. Add additional authentication in the admin center.
You need to come up with another username and password (do not use your administrative account details). The second username and password must be completely different from the first. Have you decided? Fine! Now we will encrypt our password in md5 (you can do this at md5encryption.com).
Next, open admin.php (remember, we renamed it earlier and, therefore, if you called it superadmin.php - you need to open this one) and after the line:
add:
$ login = "enter the invented login";
$ password = "and generated password in md5";
if (! isset ($ _ SERVER ["PHP_AUTH_USER"]) || $ _SERVER ["PHP_AUTH_USER"]! == $ login ||
md5 ($ _ SERVER ["PHP_AUTH_PW"])! == $ password) (
header ("WWW-Authenticate: Basic realm =" Admin Panel "");
header ("HTTP / 1.0 401 Unauthorized");
exit ("Access Denied");)
4. Disable php functions that are not used by the system.
To search for the php.ini file, create a phpinfo.php file with the text:
After searching, be sure to delete phpinfo.php!
disable_functions = allow_url_fopen, eval, exec, system, passthru, scandir, popen, shell_exec, proc_open, proc_close, proc_nice, get_current_user, getmyuid, posix_getpwuid, apache_get_modules, virtual, posix_getgrgrde apache_setenv, disk_free_space, diskfreespace, dl, ini_restore, openlog, syslog, highlight_file, show_source, symlink, disk_total_space, ini_get_all, get_current_user, posix_uname, allow_url_fopen
5. Create filtering for GET and POST requests, prevent injections into the database and receiving data from it.
Create a .php file with an arbitrary name and the following content:
// set one if you want to enable debugging of requests
$ debug = 0;
$ bag_req = array ("select", "eval", "echo", "UPDATE", "LIMIT", "INSERT", "INTO", "union", "CONCAT", "INFORMATION_SCHEMA", "OUTFILE", " DUMPFILE "," LOAD_FILE "," BENCHMARK "," SUBSTRING "," ASCII "," CHAR "," database "," HEX "," \\. \\ / ","% 00 "," \\. Htaccess "," config \\. php "," document \\. cookie ");
$ request = serialize ($ _ GET);
if ($ _ GET)
{
foreach ($ bag_req as $ key => $ value) (
{
Request found in array $ value
$ request ";
}
}
}
if ($ _ POST)
{
$ request = str_replace ("selected_language", "sl", serialize ($ _ POST));
$ urequest = urldecode ($ request);
$ brequest = base64_decode ($ request);
foreach ($ bag_req as $ key => $ value) (
if (preg_match ("/ $ value / i", $ request) || preg_match ("/ $ value / i", $ urequest) || preg_match ("/ $ value / i", $ brequest))
{
if ($ debug == "1") $ do_debug = "
Request found in array $ value which blocks the correct operation
$ request ";
die ("BAD REQUEST $ do_debug");
}
}
}
?>
We save it on the server in any directory of the DLE system. Open the engine / classes / mysql.php file and after:
if (! defined ("DATALIFEENGINE"))
{
die ("Hacking attempt!");
}
connect the created file:
include_once (ENGINE_DIR. "/ path_to_file / name.php");
6. Using free components for DLE, be sure to find out the opinion of a specialist about their reliability.
If you have any questions, please contact the search engines - all the material is freely available!
Anything to add? You are welcome to the discussion!
Good luck to you and your projects!
For informational purposes only. The administration is not responsible for its content. Free download .
Dear friends,
Introducing you new version our script DataLife Engine v.13.1 NULLED. This release will add support automatic update plugins for new versions and a number of other improvements in the plugin system, new features have been added for more convenient work with additional fields, a new type of rating "Like and Dislike" has been added, an improved search for publications in the admin panel, and much more, read more about this and more ...
The following changes were prepared and implemented:
1. Added the ability to automatically update the script in the admin panel within the same version of the script, in cases where, for example, fixes of found vulnerabilities or other bugs are released. In cases where changes are made to the distribution within the same version, for example, when fixes for vulnerabilities are released, or other identified problems with the script, it will be possible to update the script in the admin panel, within this current version script.
2. Added the ability to automatically update plugins on the site... To do this, a URL is set in the plugin to receive information about the availability of a new version. At this URL, the plugin developer's site must return an array in JSON format, which must contain information about the current version of the plugin, as well as a link to download the current version of the plugin. For example, this URL should return the value ("version": "2.0", "url": "https://dle-news.ru/test/test.zip")... After that, when checking for updates, the site administrator will be able to find out about the availability of new versions of the plugin and update the plugins in the admin panel in one click.
3. For the plugin management system, added the ability indicate the number of replacements to be carried out for each search criterion in the file. For example, you need to find and replace some code in a file that occurs several times in this file, you can specify how many times this code needs to be replaced. To replace all occurrences of this code, you can leave this parameter empty, thus the replacement will be made wherever the code you specified is found.
4. For the plugin management system, added the ability automatic deletion downloaded together with the plugin in the archive additional files if the plugin is removed from the site. To do this, the ability to choose whether to delete additional files or not is added to the plugin parameters. Thus, you can independently decide whether it is necessary to clean the server from additional files if it is removed from the site, or whether they should be left.
5. For the plugin management system, added the ability use the (THEME) tag in the names of folders in ZIP archives. When uploading an archive through the plugin system, this tag will be replaced with the name of the template used. For example, by placing the file /templates/(THEME)/test.tpl in the archive, your template file will be placed in the template used on the site. Thus, when using complex plugins that contain sample template files, they can be immediately loaded into the desired folder containing the template used by the user.
6. For the plugin management system, added the ability use the control characters of the preg_replace function, such as \\ 1, etc., in the "Find and replace" action in the replacement string, which removes the restrictions on finding and replacing some codes in DLE.
7. For additional fields of type "Image" and " Image gallery" , added the ability to assign each image separately, its own personal description, which is also used as the HTML alt attribute, when displaying these additional fields on the site.
8. For additional fields of the "Image gallery" type, added the ability to change the sorting order of uploaded images by simply moving them with the mouse. After uploading the images, you can swap the images as you wish. Also, uploaded images can be transferred to other additional fields.
9. A new type of rating "Like and Dislike" has been added for posts and comments. which keeps a separate record of both the number of likes and the number of dislikes. For this, new tags have been added for the templates for displaying publications and comments: (likes)- which displays the number of likes, (dislikes) - which displays the number of dislikes, as well as the tag text- which displays the text enclosed in the tag, if this rating type is enabled in the settings.
10. In the settings of user profiles in the admin panel, added the ability set a list of categories in which this particular user is allowed to add publications. This will allow, for example, journalists, to maintain personal sections in which other journalists (or some of them) are not allowed to publish. Or, on the contrary, exclude a journalist from a specific news category if, for example, he is incompetent in it.
11. In the settings of user profiles in the admin panel, added the ability establish a list of trusted categories, in which this particular user is allowed to add publications without moderation. Such personalization will allow much more flexible differentiation of rights, without creating a bunch of user groups, including groups for each specific journalist.
12. For advanced search of publications in the administration panel, in the section for editing publications, added the ability to choose where to search. You can search all content, you can separately by titles, short descriptions, full description and additional fields. Also, the search algorithms have been significantly improved, for a more correct finding of publications.
13. For advanced search of publications in the administration panel, in the section for editing publications, added the ability to search simultaneously in several categories to choose from.
14. For the tag cloud added the ability the use of the symbols "&" and "#", which allows, for example, to use the names of different brands in the cloud, for example, "H&M", etc.
15. In the script settings in the admin panel, added the ability permission for the site administration to log in to the site using social networks. When this setting is enabled, users who are in the administrators group can also log in to the site using their accounts in social networks.
16. In the admin panel, in the section for editing comments, added the ability search for comments in the text. V this section you can search for the comments you need to edit by any keywords. This makes editing comments more convenient.
17. In the admin panel, in the section for managing cross-references, added the ability for bulk actions on links, set the replacement "Only in static pages", as well as "In static pages, news and comments".
18. To preview banners in the ad management section of the admin panel, added connection of styles of your template from the file preview.css. Thus, you can see a more correct design of your advertising code if it uses classes from your template.
19. For the template for displaying short news (shortstory.tpl) added using tags text that display the enclosed text in them, if there are no publications according to these criteria. Thus, you can reassign the standard system message about the absence of publications in any separate section of the site, making it unique, for example, for each section of the site. Also, these tags can be used in templates that are used for custom display of publications using the (custom ...) tag.
20. For a template E-Mail message that is sent when recovering a forgotten password, the use of new tags has been added: (% losturl%) which only outputs the URL of the link to reset and generate a new password, and (% ipurl%) which only displays the URL of the link to reset IP blocking. Thus, you can separately set the design you need in the letter of these links, for example, in the form of buttons. You can also, for example, refuse to display a link to unblock by IP, if you do not use this option on your website.
21. Improved the system for deleting categories in the admin panel... If the deleted category contains subcategories that are also subject to deletion, then all actions for publications that contain the deleted category will automatically be extended to publications that also contain the deleted subcategories. And the same actions will be applied to these publications in subcategories.
22. For the module "Filter by: IP, Login or E-Mail" added the ability adding blocked addresses or logins, or e-mails at once in whole lists, and not one by one. This significantly speeds up the process of adding if you already have a ready-made list of what needs to be blocked.
23. For the module "Filter by: IP, Login or E-Mail" added the ability editing already existing rules. You can select and edit any rule without having to delete and re-add it.
24. For the module "Filter by: IP, Login or E-Mail" added the ability selection of several or all added rules at the same time, and mass unlocking of these rules in one click.
25. For the module "Filter by: IP, Login or E-Mail" added support using IPv6 addresses that can be specified to block access to the site. Also added the ability to specify IPv6 subnets for blocking.
26. Added the ability to specify IPv6 addresses in the user profile from which authorization is allowed for the user. Also, you can specify not only a separate address, but also an IPv6 subnet.
27. For the module of custom sorting of publications on the site displayed by the (sort) tag added the ability to set sorting for each specific category, and not for all categories at the same time.
28. For links published in publications, added the ability using block elements such as "p", "div", etc. This allows DataLife Engine to more accurately and correctly comply with HTML5 standards.
29. Added the ability to add new users in the DataLife Engine control panel when working with the panel using smartphones.
30. Changes have been made to the work of tree-like comments... If the maximum nesting is reached for replies to comments, then in the case of a reply to a comment, these answers remain in the discussion thread at the maximum nesting. Previously, when the maximum nesting was reached, it was impossible to reply to the comment. Now the answer remains in any case.
31. For additional fields of the "Cross-references" type, added the ability to use double quotes and ampersands in values.
32. If for the template E-Mail of the message that is sent when recovering a forgotten password, the use of the HTML format for this letter is set, then the links generated by the (% lostlink%) tag in this template will be formed already in the form of a ready-made HTML code, and not just text links.
33. Added the ability to install sorting posts by default, by the number of comments. The same has been added to customize sorting criteria when browsing a catalog.
35. Changes have been made to the work of additional fields, if the field has restrictions on adding by user groups. If the value of the additional field was added by a user who has the right to do so, and later the publication is edited by a user who does not have the rights to fill in this field, then the value of this field is no longer cleared, but remains as it was filled in earlier by the user who has the right to do so.
36. The limit on the number of characters of the Description meta tag for categories has been increased to 300 characters... The maximum length is now maximum length established search engine Google to display this information in search results.
37. Improved search for similar news on the site. Displaying related news has become more relevant in terms of the sorting of posts found.
38. Improved support for IPv6 addresses of site visitors. In some specific cases, the full address might not fit in the database. The length of the fields is now reserved according to the RFC 4291 specification.
39. Improved the formation of the og: description meta tag of the Open Graph protocol when watching full news. Formation occurs more correctly when additional fields for publications are used as the main content.
40. Improved work of the DataLife Engine security system, in order to more correctly check data on subdomains, on some hosting, it has a structure of subdomains, in the form of subfolders of the main domain.
41. Added support for the tel protocol: for links published on the site using BB tags.
42. Updated visual editors TinyMCE and Froala before current versions ... A number of detected errors in these editors have been fixed.
43. Fixed problem using in the additional fields of the user profile, fields of the "List" type, in which values were used using the "|" symbol.
44. Fixed problem in which, in the plug-in management section, if the action on the file in the menu was changed, some symbols could change incorrectly in the values specified in the fields.
45. Problem fixed in which it was impossible to use tags for internal pages site, and was only allowed to be used for external sites.
46. Problem fixed, in which it was impossible to start updating the site to a new version, if the site was in an encoding other than UTF-8, while the administrator's login or password contained letters written in Cyrillic.
47. Fixed problem in which a pop-up window about the arrival of new personal messages did not appear if the user independently logged out of his account on the site, and then entered it again after some time.
48. Fixed problem when editing comments in the script control panel did not work, if the TinyMCE editor was enabled in the script settings.
49. Problem fixed, which did not display the number of days during which you can add comments to the publication, if such limits were set in the script settings in the admin panel.
50. Problem fixed, in which an additional field of the "Downloadable file" type was not displayed on the site as a link to download a file, but was displayed as a simple tag.
51. Minor errors in the script detected and announced earlier have been fixed.
You can always find the latest releases of the DataLife Engine on the site. Choose different - nullified and licensed versions of cms DLE, CP1251 or UTF-8, all the freshest right from dle-news. For example new DataLife Engine 13.0 Final and nulled DLE 13.0 you can download without registration for free, and by direct link.
the site is always the first to offer the freshest releases!
DataLife Engine 13.0 Final and nulled DLE 13.0 for free
Getting Started with the New Datalife Engine: How Simple It Really Is!
Many have heard of such a CMS as Datalife Engine. And certainly no less people have heard about its obvious advantages. About functionality. About MySQL support and its extensions. And, of course, about how convenient the Datalife Engine is for both users and those who administer web sites.
Many people wanted to experience all the delights and tried to download DLE. But, alas, you can try only the test version for free, while you can evaluate all the advantages of CMS 13.0 only with a license. By the way, it is undesirable to use illegal software. This can harm the site created on DLE and its owners. There is no point in risking at all - the cost is slightly over one hundred dollars. Therefore, you should not download dle from a torrent. It is much easier to download from us, try and then decide - to hack cms, or buy a license.
What should you do if you decide to test this wonderful engine?
The procedure is very simple, but it has its own nuances:
unpacking to the server into the site folder;
PHP 5.0 server support;
server with adequate traffic;
disk space of 20 MB.
If the website is installed on a local terminal, then you need to install special software here that plays the role of a server. The best way for this - Apache or Denwer.
MySQL is assumed, where the database is created so that the latter has full access. Rights are also assigned to several folders, about which it is desirable to see in more detail in the instructions. There are other folders inside the folders and they will need write permission CHMOD 777. Internal files must have CHMOD 666.
The program is launched using absolutely any browser. Its line contains the following address install.php. Further installation recommendations will follow. Enter your username / password.
When the installation is complete, install.php is removed from the directory, as well as the contents of the upgrade. What is this action for? Without uninstalling, each launch of the Internet resource will begin with the DLE Nulled 13.0 installation that you are using. The CMS is accessed using the url shown in the instructions. This "url" leads directly to the admin panel.
What will website visitors get?
They will be able to register quickly, they will be able to add comments immediately. A big plus of the system is the introduction of news by the "users" themselves. After registration, the rating of the "user" profile begins to form.
News can be deleted or edited, photos in profiles can be changed, forgotten or lost credentials can be restored. The opportunities are very serious. "Admins" will receive no less functionality. They can do everything that the "users", including managing the profiles of the latter.
In short, CMS DLE is enough simple system that doesn't require anyone to be a web programming guru. A simple user can easily create their own website with many great features. And fans of this control system are waiting for the imminent release of version 13.1. So far, nothing is really known about it, since the press release 13.0 has just been released, but many are waiting for the release.
As soon as the publication takes place, we will definitely review it. Until then, stay tuned and read what's new in Celsoft 13.0:
For your attention is presented DLE 13.0, downloaded from off. site, which will be a demo version without activation. But specially for you was prepared which will do with a demo license. But we offer this for informational purposes only! And as always DLE 13.0 nulled - which is different from original version the fact that we decoded and removed the code that asks for the key in the files - \ engine \ inc \ include \ init.php and \ engine \ inc \ include \ functions.inc.php, no other code edits were made! Site administrators remind that they offer nulled version and keygen - for reference only with all the possibilities of the script, and after studying, we ask you to buy a license... We bought a license for the portal site and we strongly recommend that you do the same!
The following changes were prepared and implemented:
4. Added the ability creating a description, for a video that will be visible when displayed in the player, for this, the following format is used in the video insert tag: , the same can be set for all files if a playlist of files is used, added with a comma. You can see an example of the display in the screenshot above.
5. Added the ability to use in the tag, also links to videos on Youtube. This way you can organize mixed playlists including your videos and videos on the Youtube service.
7. Added the ability to create a description, for audio that will be seen when playing music in the player, for this, the following format is used in the audio insert tag: ... You can see an example of the display in the screenshot above.
8. For the audio player, added the ability add links to play streaming audio. Thus, you can set and display playlists for listening to radio stations on your site.
13. For additional fields of type"Downloadable image" and "Downloadable file", added automatic prohibition on re-uploading images and files until the previous uploaded image or file is deleted. This reduces the likelihood of attaching unused files and images to news.
14. For additional fields of the "Uploaded image" type added new tags: and which only output the URL for the thumbnail of the uploaded image and the URL for the full image, respectively, where "X" is the name of the custom field. These tags will be useful for webmasters who want to personalize the uploaded publications on the site, for example, together with other additional fields.
17. Due to the fact that the developers of the WYSIWYG editor LiveEditor decided to stop any work on this editor, and it has not received any updates for several years, it was decided to remove this editor from the DataLife Engine. Sites that previously used this editor will automatically switch to using the FroalaEditor.
19. Added automatic reset of Zend OPCache cache when changing site settings. Thus, with this caching enabled in the server settings, you do not need to reset the cache yourself, or wait for the changes to take effect.
22. Added the ability to subscribe to comments to the news, when posting a comment, even when the comment is being moderated.
24. In the user profile on the site, added the ability to automatically subscribe to receive notifications of new comments that are added to the news of which he is the author. Thus, the user does not need to subscribe separately to each of his news, it is enough to cancel the corresponding checkbox in the settings of his profile. To display the checkbox, in the template userinfo.tpl added use of new tag (news-subscribe).
25. In the user profile on the site, added the ability to automatically subscribe to receive notifications of new comments, which are replies to his own comments. To do this, just uncheck the corresponding checkbox in your profile settings. To display the checkbox, in the template userinfo.tpl added use of new tag (comments-reply-subscribe).
26. Added support for PHP Memcached extension. The DLE script automatically detects which PHP extension is installed, Memcache or Memcached on the server, and, depending on this, uses one or another PHP extension, if Memcache caching is enabled in the script settings. Thus, it is no longer necessary to install the PHP Memcache extension on the server.
28. For the template tag Text added the ability specify a news range using a dash character. For example, you can specify Text Text... This makes it easier to create the design you need, and there is no need to write all the required publication IDs separated by commas.
29. For the template tag Text added the ability specify the range of pages you want using the dash character. For example, you can specify Text... Similarly, the range can be set for the opposite tag. Text... This makes it easier to create the design you need, and there is no need to write all the numbers of the pages you need separated by commas.
31. Added auto-add for all external links, which are published in news and comments, attribute rel containing parameters "external noopener noreferrer"... This attribute allows you to reduce the likelihood of a possible attack on the site using social engineering mechanisms.
34. In the admin panel, in the section for editing users, added the ability quick recalculation of the number of publications by the user. To do this, you need to click on the number of user publications and select the recalculation of publications in the menu. This option will be useful if mass manipulations with publications were performed, or adding to the database bypassing the script.
36. Improved performance of news display when using sorting by rating and views. Also, the performance of displaying comments using rating sorting has been improved.
37. Improved the system for recording the number of user comments in his profile statistics. In case of mass deletion of news, users' comments are also automatically recounted. This eliminates the need for periodic recalculation of statistics.
38. Optimization of the display of the DataLife Engine admin panel has been carried out on mobile devices in portrait orientation. Thus, the control panel has become more convenient when using it on smartphones.
39. Jquery library has been updated to line 2.xx
40. Updated editor TinyMCE to the current version.
41. Fixed a problem in which it was impossible to use the point in add. fields of the cross-reference type.
42. Fixed a problem in which Invalid HTML comments were formed when using tree-like comments.
43. Fixed problem whereby for the (category-url) tag, the URL to the category was displayed using the CNC, regardless of the CNC settings in the script admin panel.
44. Fixed a problem in which there was a duplication of indices of additional fields, which has the option of cross-references, if the news is published in several categories.
45. Fixed an issue where the tags text and text for the main page did not work correctly if the display of the static page on the main page was enabled in the script settings.
46. Fixed a problem in which if the news was cleared from comments in the section for editing publications, then there was always a return to the first page of the section for editing news, regardless of the set search filters and display of publications for editing.
47. Fixed a problem in which it was impossible to enter the correct answer to the "Question-Answer" system if the user replies to a comment, and does not add a new one.
48. Minor errors in the script detected and announced earlier have been fixed.
Information for downloading the script for clients:
Attention! Viewing this information is available only to users who have a license for the script. If you have already purchased the script, then you need to go to the site under your client account.
If you are not yet our client, then you can visit our website.
You can discuss the release at
Dear friends,
The main stage of development of version 12.1 is completed, the release is under testing and pre-release preparation, but in the meantime, we invite you to familiarize yourself with the information about what awaits you with the release of the new version.
The following changes were prepared and implemented:
1. Added support for headings in the ad management module. You can create headings in this module and place your advertising materials in these headings. Categories are displayed at the very top, in front of the list of added advertising materials, in the form of folders. In the headings themselves, you can also create an unlimited number of additional subheadings. Thus, for a large number advertising materials, you can place them for ease of navigation through them, in various headings and subheadings.
4. Added the ability to track the number of clicks for promotional materials added to the script control panel. DataLife Engine automatically intercepts HTML tags published using tags <а href="..."> , and automatically keeps track of clicks on them. Any special design of these links is not required, they can lead to any addresses you need. You also have the option to specify whether you want to count all clicks on a link, or count only clicks from unique users.
5. For advertising materials in the admin panel added the ability limit the display of a banner based on the number of clicks on your banner, and you can turn off the display of the banner when the specified maximum number of clicks is reached.
Html "> 7. Added the use of canonical links in the code of the pages, for all pages of the site including section navigation, viewing the full news, etc. This feature allows you to increase SEO optimization sites, and also allows you to avoid duplicate pages if incorrect links to your site are published somewhere on the Internet, or if for some reason it is necessary to disable the control of incorrect CNCs.
9. In the category settings in the control panel, added the ability set by default for a category, whether comments are allowed for posts from this category. These settings are in effect at the time of adding or editing a publication, and if comments are disabled for a category, then the corresponding option is removed at the time of adding or editing a publication.
10. In the category settings in the control panel, added the ability set by default for a category, whether the rating is allowed for publications from this category. These settings are in effect at the time of adding or editing a publication, and if the use of rating is disabled for a category, then the corresponding option is removed at the time of adding or editing a publication.
13. Added new global template tags text that display the text enclosed in them if a title for the page being viewed has been set in the "Titles, Descriptions, Meta Tags" module. And also added opposite tags text which display the text enclosed in them if no title has been set for the page being viewed. Also added similar tags and for description: text that display the text enclosed in them if a description for the page being viewed has been set in the "Titles, Descriptions, Meta Tags" module, text which display the text enclosed in them if no description has been specified for the page being viewed.
14. For the category menu template (categorymenu.tpl) text that display the text enclosed in them if the category or news viewed on the site does not belong to a category from the menu. This tag can only be used inside tags and is used, for example, to display some information (for example, links) only for inactive categories from the menu.
15. Expanded options for displaying publications based on the values of additional fields in publications. When contacting the address http: // your site / xfsearch / field name / field value / publications will be displayed, as before, containing the specified value in this particular field, if the field is set to "use as cross-references". When contacting the address http: // yoursite / xfsearch / field value / publications containing this value for all additional fields will be displayed. When contacting the address http: // your site / xfsearch / field name / all publications in which this specified field is filled in will be displayed.
21. Added support for Yandex Turbo technology for regular RSS feeds, without using the inclusion in the settings of the type of RSS stream as "Yandex news", for this added support for displaying the full news tag (full-store) for any type of RSS stream. A also updated standard template/templates/rss.xml which demonstrates how a template with full Yandex Turbo support should look like. Similarly, the ability to customize the RSS template for the Yandex Zen technology is fully supported.
24. Added the ability for unregistered users on the site, send complaints about news and comments to the administration of the site, just as such an opportunity existed previously only for registered users.
25. Added use of schema.org micro-markup to display a rating with the "Score" type. The use of this micro-markup allows for full news, when displaying them in Google search results, to display the publication rating as well.
26. Added automatic orientation detection photos when they are uploaded to the server, based on meta information contained in graphic files. If original photo was turned over, then when it is uploaded to the server, the script will also automatically deploy it to the desired position. This eliminates the need for additional editing of pictures on a computer, if the camera was turned while taking a picture.
27. Added the ability to automatically notify the site administration about the receipt of new news from users who are under moderation (if this is enabled in the script settings), if the news was added from the script control panel. Previously, the notification was sent only if the publication was added directly from the site.
28. If the user edits the publication in the control panel, which was previously already published on the site, but according to the settings of his group, it is forbidden to publish without moderation, or it is allowed to publish not in all categories, then the site administration will also be sent a corresponding e-mail notification that this news is awaiting moderation.
29. Changes have been made to the work of the Breadcrumbs module on the site. If you are viewing news from a certain category, then for the category in which the user is directly located, this category will be displayed in the form of plain text, and not a link. Only categories that are higher in the hierarchy will be displayed as a link, or there will be a link to this category if, for example, the user has gone further along the navigation through the pages in this category. Thus, this innovation allows you to avoid cyclic links of pages to themselves.
33. Added the ability to delete all comments awaiting moderation from a specific user. To do this, in the user management section, click on the number of his comments and select the appropriate menu item.
35. For templates for displaying comments and adding comments (addcomments.tpl and comments.tpl) added support for new tags text- displays the text in the tag if the news belongs to the specified categories, as well as tags: text- displays the text in the tag if the news does not belong to the specified categories. Thus, you can set a different design for displaying comments and adding comments for publications from different categories.
36. Added support for declensions for the tag displaying the number of votes that were set for the rating of publications. For example, you can use (vote-num) review || a | s. Previously, this was not available for this tag, since it contains HTML code, not just a number.
37. If the use of the site only via HTTPS protocol is enabled in the script settings, then cookies by the browser will also be sent to the server only via the HTTPS protocol and will be automatically blocked if the usual HTTP protocol is used.
38. Added control of invalid CNCs for static pages whose publication text is split into several pages. If an incorrect page number is specified, an automatic 301 redirect will be made to the starting address of this page.
39. Added support for importing images from the enclosure tag for RSS import of publications containing an image for publication. If short description in the RSS stream is just text, and the picture is given in it separate tag, then a picture for this publication will also be added to the short news when importing at the very beginning.
40. Added support for redirects to receive full news when using RSS import of publications. If the link from the RSS feed is a redirect for further transition to the full text of the news on the source website, then DataLife Engine will automatically follow this redirect and will take content from the final source. Thus, receiving full news will be of better quality than before.
41. Changes have been made to the work of tags and... If the use and addition of comments is prohibited for a specific publication, then these tags will also hide the content in them.
42. If comments are allowed for publication, but at the same time the user or a group of users, according to other settings, was prohibited from publishing comments, then a message about this will not be displayed at the end of all comments, but in the place where you define the output of the form for adding a comment with the tag (addcomments) in your template, thereby you can determine the location yourself of this message on your website.
43. For authorization using social network"Classmates", added the ability to automatically receive a user's E-mail, provided that the application itself has received the appropriate rights from Odnoklassniki. Attention, by default, Odnoklassniki does not give the right to receive E-mail, and to obtain appropriate access, you need to additionally contact the social. network for permission to receive e-mail. If permission is granted, then DLE will also automatically import the e-mail address.
44. Improved the system for calculating the aspect ratio of the image when creating reduced copies. Thus, a more correct and high-quality reduced copy is created.
45. Improved publication search system when the simple search type is enabled in the script settings. The new algorithm makes it possible to find publications more accurately and correctly.
46. Improved control system for the appearance of duplicate pages when viewing all the latest comments on the site.
47. Processing of additional fields of publications has been optimized when displaying short publications, as well as when the display module for popular publications is running.
48. Updated visual editors TinyMCE and Froala to the latest versions. A number of detected errors in these editors have been fixed.
49. For TinyMCE editor added support for inserting tags hidden text, using the corresponding button in the editor.
50. When using the editor Floara for comments, added the ability fast loading and inserting images into the comment. You can either click on the icon to insert a picture and select a file to upload, or simply transfer the picture file from your computer to the editor field with the mouse, after which the picture will be automatically loaded and inserted at the cursor position in the editor.
51. Small changes have been made to the layout of the script control panel aimed at eliminating some layout errors and improving interaction with the control panel.
52. Updated to the latest versions a library for sending mail from a site; and a library for determining mobile devices.
53. Fixed problem at which in preview publications were not processed tags and.
54. Fixed problem in which meta tags for social media were formed incorrectly. networks of video and audio, if the video was published in add. fields and consisted of playlists and descriptions of video and audio files.
55. Fixed problem in which, under certain situations and server settings, the preview of publications might not work when adding publications from the site.
56. Fixed problem in which the dynamic loading of comments did not work, if it was enabled in the script settings, and the tag (jsfiles) was placed at the very bottom of the site.
57. Fixed problem at which the display of the last comments did not work, if for a certain group viewing of some categories was prohibited.
58. Minor errors in the script detected and announced earlier have been fixed.
