dcsimg
RealTime IT News

Pligg 1.0.4 Gets Plugged

pligg_small.gif
From the 'Digg This' files:

Pligg, which is an open source project that develops a Digg-line social networking and voting system, is out this week with its new 1.0.4 release.

It's the first big update to Pligg since 1.0.3 came out in December.  The new 1.0.4 release includes a long list of new features, though what I noticed is a number of interesting security updates.

There is now login brute force protection - which could potentially help against a Pligg user account from being compromised. There is also an Cross-Site-Scripting (XSS) fix in Pligg's search function as well.

One thing that many socially-oriented sites are at risk from is spammers (then again who isn't at risk from spam). Spammers can attempt to submit their own spam stories or comments to a Pligg powered site, but in the 1.0.4 version, developers made improvements in spam protection.

There are a pair of key items that really stood out to me on the spam protection front. One is a fix to remove
spam stories from top users data. That's right a spammer might have been able to get listed a top users by being a spammer (D-oh!). The other notable fix is that stories marked as Spam can now only be seen by admins.

Those might seem like simple (and yeaah obvious) changes, but in my view they'll make a big difference to Pligg administrators.

Comment and Contribute