Iceclog 2.4.2 Release Notes: Security and UX Improvements

Avatar for icecat
iceclog 2.4.2

Version 2.4.2 of Iceclog is released, based on user and member feedback, and security scans.

Register page with Google reCaptcha

During performance and membership account reviews we noticed fake (bot) accounts. To reduce this, we have added the Google reCaptcha mechanism on the registration page.

This will decrease the number of spoilers, fake accounts.

Google ReCaptcha on Register page

UX Improvements

Featured main images now have nicely rounded border, more elegant.

Action buttons under posts – like, comment, favorite, delete, edit, spam – are now unified across the social network, making UX cleaner and easier to understand.

Furthermore, a mechanism for rendering of shared image is improved, resulting in a better preview of shared images and stopping blurry images from being generated.

The social sharing buttons are positioned differently, and are now on top of the posts. This way, you can interact and share content that you like right away.

Bug Fixes

The Reported bug “Not possible to cancel membership request” has been resolved.

And AMP related coverage issues have been resolved as well. This will enable a better visibility on search engines for our members’ content.

Deployment Improvements

We have introduced additional improvements in development and deployment. We updated our tests with commonly used features to ensure a minimum number of issues in production.

Security maintenance

We performed regular security maintenance and updated our whole infrastructure, server and CMS based. We updated our CMS to the latest available version. Furthermore, we updated all our modules to the newest versions and removed several modules which were no longer supported or needed.

Furthermore, this version includes some major security fixes recognized by our ongoing vulnerability scans. These security fixes include protection from cross-site vulnerabilities, improvements of HTTPS responses, and adding Missing Headers that could cause Clickjacking.

Finally, we have improved the protection against Cross Site Request Forgery (CSRF/XSRF) making our forms safer for usage, according to the latest standards.

Leave a Reply

Your email address will not be published. Required fields are marked *

Manual for Icecat URL: Integrating Links to Product Data Sheets and Images

Version: 1.21, August 28, 2019. The purpose of this post is to explain the Icecat URL method to get...
 October 4, 2018
 November 3, 2019

Manual for Icecat Live: Real-Time Product Data in Your App

Icecat Live is a (free) service that enables you to insert real-time product content from some hundr...
 June 1, 2018

Manual for the Icecat CSV Interface

This document describes the CSV (Comma-Separated Values) variant of Icecat's Open Catalog Interface...
 September 28, 2016

Iceclog: Content Log and Playground for New Ideas like a Free Vendor Central and Social Media Functions

“Iceclog” (Icecat content log) is the Icecat blog, where you will find...
 June 26, 2019

Manual for Open Icecat JSON Product Requests

JSON (JavaScript Object Notation) is an increasingly popular means of transferring to data, compa...
 September 17, 2018
icecat addons

Icecat Add-ons including Magento, PrestaShop, Oracle, SAP Hybris, Google Shopping. NEW: Shopify

Icecat has a huge list of integration partners, that make it easy for clien...
 May 1, 2020

Manual for your Personalized Interface File and Catalog from Icecat

Via the Icecat website and login area, a user can generate personalized or customized CSV or Excel f...
 October 5, 2016

Iceclog Editor Guidelines: Writing Compelling Posts

The Iceclog Editor Guidelines are a quick guide for contributors to the Iceclog blog or "cl...
 August 17, 2016