This Week in devot:ee #35 - September 13, 2012
September 13, 2012
by Ryan Masuga
The week we improved our overall site security and see seven new add-ons, bringing our total catalogue to over 1,700.
Recently Rolled Out
This week we increased devot:ee's security by moving a lot of things above web root, including the system folder (see the ExpressionEngine docs on Moving the System Directory Above Webroot). This process, along with additional tips and tricks, is also covered in Securing ExpressionEngine 2 by Mark Huot, from Mijingo, which I re-read before going through this big shift.
devot:ee is hosted at EngineHosting. It was a bit tricky reconfiguring the site so that the system folder (among other folders) is outside of the public folder, but also keeping our account directory simple so when we deploy to our dev site and our live site we're not deploying to the same directory. We ultimately solved this problem with a couple symlinks after an enlightening email discussion with two very smart and helpful fellows: Greg Aker (@gaker) and Nevin Lyne (@nevinlyne). Thanks to both of them for their help. We feel so much better about our site security now.
New Add-ons This Week
Ministash (for EE1) by Dibeja
The Ministash Plugin is aimed to give EE1.x users the opportunity to use partials and layouts.
Export Members ($) by Drez Design
Export member registration data and custom fields to an Excel spreadsheet.
Nerdyform by KeesTM
Forms for hackers. Allows full EE template parsing in your email templates. Configured via template tags.
GWcode FileInfo by Leon Dijk (GWcode)
Get information about files on your server.
Reword by Jean-Francois Paradis
An equivalent to translate() or __() in Wordpress which translates a given string using a dictionary. This implementation can also handle placeholders (eg: Hello %s) and can translate dates formats (eg: Today is %d).
Shortlist ($) by Joel Bradbury
Shortlist is a quick and painless way to allow site visitors to create lists of items on the fly. Shorlist lets you add anything to a list. User's don't even need to have accounts with your site to create, keep and share their list.
Redactee ($) by Jack McDade (Lobster War Machine)
Redactor, the wonderfully simple and lightweight WYSIWYG editor is now lives as an EE Fieldtype, under the secret identity known as "Redactee". Use it as a Channel Field, Matrix Field, a Low Variable Field... even in Safecracker. Simple to use, feature-rich, and smooth as butter. Supports image browsing and image / file uploads, even to Amazon S3.