1.3.0

This version is a maintenance release. We implemented some new features to make your lives easier.

Domain registration and expiration warnings. You can now see when the domain itself was registered, and when it's expiring. You can receive an email notification before the expiration of your domain name, so you have enough time to renew it.

Force MFA for specific user groups, superusers, or administrators [gh-723]. You can tell Panopticon to enforce use of Multi-factor Authentication for Superusers, Administrators, or specific user groups. Users with forced MFA who have not yet set up MFA on their accounts will be taken to a captive page which requires them to set up MFA before being allowed to proceed any further.

Option to treat MFA failures as login failures [gh-723]. You now have the option to treat Multi-factor Authentication failures as login failures for the purposes of automated IP blocking. This ensures that a malicious actor who has subverted the login information of a user will be locked out after a number of failed MFA attempts, preventing them from brute-forcing a weaker MFA method (e.g. six digit authenticator codes).

Enforce a maximum number of MFA attempts [gh-723]. You can now set a limit on how many times a user can fail to provide a valid MFA method. Once that limit is reached the user is logged out. This ensures that a malicious actor who has subverted the login information of a user will not be able to brute force their way through a weaker MFA method (e.g. six digit authenticator codes) by adding this hurdle which greatly increases the necessary time and complexity of an attack to something impractical.

Accurate PHP CLI path in the CRON job setup page. In the past we were using the generic placeholder /path/to/php to indicate that you needed to replace this with the path to PHP CLI given to you by your host. Unfortunately, many hosts have under-trained first level support staff which can't provide this information, and does not understand the difference between PHP CLI and PHP CGI. We have now added code which tries to identify the PHP CLI binary automatically using our experience of where these files are usually to be found on a very large sample of live and local server environments across all major operating systems (Windows, Linux, macOS, FreeBSD etc.). In most cases, the command line you are given will be one you can just copy and paste into your host's CRON management page without having to do any thinking, or contacting your host. Simplicity, yay!

Improve update installation [gh-803]. Installing updates will now run opcache_invalidate() against the installed .php files to let servers with very conservative OPcache settings to “see” the newly installed files. The tmp/compiled_templates folder is removed at the end of the update so that any updated Blade templates will be forcibly recompiled. These changes will only apply for the NEXT update, after this version is installed. Remember: it's always the previous version's update code which installs an update.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.3 recommended. Experimental support for the upcoming PHP 8.4 release.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute, and an execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

📋 CHANGELOG

• ✨ Domain registration and expiration warnings
• ✨ Force MFA for specific user groups, superusers, or administrators [gh-723]
• ✨ Option to treat MFA failures as login failures [gh-723]
• ✨ Enforce a maximum number of MFA attempts [gh-723]
• ✨ Accurate PHP CLI path in the CRON job setup page
• ✨ Improve update installation [gh-803]
• 🐞 Cannot connect to really old WordPress installations (WordPress 5.5 and earlier)
• 🐞 Cannot connect to old Akeeba Backup for WordPress (version 7)
• 🐞 PHP error when WordPress fails to provide version information
• 🐞 Connection Doctor causes misleading reports on WordPress [gh-807]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix

v.1.2.2

This version is a maintenance release. We implemented some new features to make your lives easier.

Optional environment variables-only configuration of containerized Panopticon [gh-696]. You can now configure a containerized Panopticon installation (e.g. one running in Docker) using nothing but environment variables.

Clear the cache when relinking a site to Akeeba Backup. Not strictly necessary, but it should alleviate the need to click on the refresh button after relinking to Akeeba Backup before you see an up-to-date list of backup records for that site.

Do not log CMS Update Found more than once per version. The site actions report would log the CMS update found every time Panopticon checked for an update. This was rather obnoxious and would effectively make useful information hard to find among the endless spam of that message if updates to a site were not installed right away.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.3 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute, and an execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

📋 CHANGELOG

• ✨ Optional environment variables-only configuration of containerized Panopticon [gh-696]
• ✨ Clear the cache when relinking a site to Akeeba Backup
• ✏️ Do not log CMS Update Found more than once per version
• 🐞 Repeated emails for WordPress plugin updates
• 🐞 Wrong lang string used in WordPress plugin/theme update emails
• 🐞 PHP warnings running Connection Doctor on WordPress sites
• 🐞 Wrong "email" label on Backup options [gh-771]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix

v.1.2.1

Welcome to version 1.2! It took a while, but we have implemented a number of major new features and improvements.

WordPress support. You can now monitor WordPress sites. This feature has only been tested with WordPress 5.0 or later, with a few sites only. Please, treat it as a “beta” feature.

Much improved Docker support. You can now use a .env.docker file to configure the Docker instance instead of having to hack through the docker-compose.yml file. The dockerizer instance can have more than one CRON jobs running; this is user-configurable. You can upgrade the Docker instance without losing your settings just by updating the image and restarting the container. For this reason, the integrated Panopticon updater is disabled when running under Docker.

Translatable dates. Previously, you could change the date format, but not the language the dates where in. For example, you'd get "Monday, July 1, 2024" even when your language was set to, say, Greek. Now, the day and month names are properly translatable.

Load TinyMCE translations. TinyMCE, the editor used for mail templates and site notes, comes with its own interface translations. Previously, only the English language was loaded. Now, we check if there's a translation which (kinda) matches your selected language and load it as well. Please note that TinyMCE's translations do not have a one-to-one mapping to Panopticon languages. We try to automatically find the best match. If this is not possible, or if the translation is partial, we fall back to English.

Batch processing sites. You can now select multiple sites to assign them and/or remove them from groups.

Control email sending for scheduled backups [gh-712]. You can choose whether an email will be sent at the end of successful or failed scheduled backup.

Auto-ban IPs after many failed login attempts. Panopticon can temporarily block IP addresses if many failed login attempts have originated from them. This feature is enabled by default, but it can be turned off if it's a problem for you or your clients. The number of failed logins, the period they have to take place in, and the amount of time they will remain blocked is user-configurable.

Check passwords against Have I Been Pwned [gh-728]. Panopticon will check new passwords against the third party Have I Been Pwned service. If the password is found in online password leaks the user will be asked to use a different password. This feature can be disabled in the System Configuration, however we recommend that you always keep this enabled for maximum protection of your monitored sites.

Session data contents are now encrypted at rest. Panopticon uses PHP's default session save path. This means the session data stored is typically placed in a world-readable directory managed by your host along with other sites under the same account or, worse, server. This is bad because potentially privileged information is stored in plaintext where they can easily be found. The contents of the session files are now encrypted with a key generated randomly for each Panopticon installation.

Session improvements. There's an option to force Panopticon to use the tmp/session folder under its root as the PHP session save path, regardless of whether your host offers a writeable PHP session path already. This addresses the issue of getting logged out of Panopticon because PHP's session garbage collection reaped your session files before your session actually expired. Furthermore, we took a few extra security steps to make Panopticon more resistant to session hijacking, session fixing, and other similar session-related security issues.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.3 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute, and an execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

📋 CHANGELOG

• ‼️ Fixing a chicken and egg issue not allowing the update to proceed correctly
• ✨ WordPress support [gh-38]
• ✨ Much improved Docker support [gh-697]
• ✨ Translatable dates
• ✨ Load TinyMCE translations
• ✨ Batch processing sites
• ✨ Control email sending for scheduled backups [gh-712]
• ✨ Auto-ban IPs after many failed login attempts
• ✨ Check passwords against HIBP [gh-728]
• ✏️ System Configuration uses more Show On tricks to show/hide relevant settings
• ✏️ Expose the Avatars setting in System Configuration [gh-729]
• ✏️ Session data contents are now encrypted at rest
• ✏️ Session improvements
• ✏️ Expose the Behind Load Balancer configuration setting
• ✏️ Do not send a failure email if a site queued for update is already updated, or disabled
• 🐞 🔺 Some tasks would disable MySQL autocommit without restoring it, leading to weird issues
• 🐞 ➖ MaxExec task throws fatal exception when tasks are executed over the web
• 🐞 🔻 Wrong message about not having Akeeba Backup installed shown when adding a new site [gh-661]
• 🐞 🔻 Wrong language in mail Blade templates [gh-658]
• 🐞 🔻 Groups for disabled sites may not be displayed in the Sites admin page
• 🐞 🔻 Connection doctor: sometimes ends up with an error page instead of showing what is going on with the connection
• 🐞 🔻 High CPU usage warning when the server does not report CPU usage at all
• 🐞 🔻 Update failure email missing site name if site is already up-to-date
• 🐞 🔻 Update Director would claim a site is enqueued for updates when it's not
• 🐞 🔻 Per-language overrides of extension update emails might not have an effect

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.2.0

Welcome to version 1.2! It took a while, but we have implemented a number of major new features and improvements.

WordPress support. You can now monitor WordPress sites. This feature has only been tested with WordPress 5.0 or later, with a few sites only. Please, treat it as a “beta” feature.

Much improved Docker support. You can now use a .env.docker file to configure the Docker instance instead of having to hack through the docker-compose.yml file. The dockerizer instance can have more than one CRON jobs running; this is user-configurable. You can upgrade the Docker instance without losing your settings just by updating the image and restarting the container. For this reason, the integrated Panopticon updater is disabled when running under Docker.

Translatable dates. Previously, you could change the date format, but not the language the dates where in. For example, you'd get "Monday, July 1, 2024" even when your language was set to, say, Greek. Now, the day and month names are properly translatable.

Load TinyMCE translations. TinyMCE, the editor used for mail templates and site notes, comes with its own interface translations. Previously, only the English language was loaded. Now, we check if there's a translation which (kinda) matches your selected language and load it as well. Please note that TinyMCE's translations do not have a one-to-one mapping to Panopticon languages. We try to automatically find the best match. If this is not possible, or if the translation is partial, we fall back to English.

Batch processing sites. You can now select multiple sites to assign them and/or remove them from groups.

Control email sending for scheduled backups [gh-712]. You can choose whether an email will be sent at the end of successful or failed scheduled backup.

Auto-ban IPs after many failed login attempts. Panopticon can temporarily block IP addresses if many failed login attempts have originated from them. This feature is enabled by default, but it can be turned off if it's a problem for you or your clients. The number of failed logins, the period they have to take place in, and the amount of time they will remain blocked is user-configurable.

Check passwords against Have I Been Pwned [gh-728]. Panopticon will check new passwords against the third party Have I Been Pwned service. If the password is found in online password leaks the user will be asked to use a different password. This feature can be disabled in the System Configuration, however we recommend that you always keep this enabled for maximum protection of your monitored sites.

Session data contents are now encrypted at rest. Panopticon uses PHP's default session save path. This means the session data stored is typically placed in a world-readable directory managed by your host along with other sites under the same account or, worse, server. This is bad because potentially privileged information is stored in plaintext where they can easily be found. The contents of the session files are now encrypted with a key generated randomly for each Panopticon installation.

Session improvements. There's an option to force Panopticon to use the tmp/session folder under its root as the PHP session save path, regardless of whether your host offers a writeable PHP session path already. This addresses the issue of getting logged out of Panopticon because PHP's session garbage collection reaped your session files before your session actually expired. Furthermore, we took a few extra security steps to make Panopticon more resistant to session hijacking, session fixing, and other similar session-related security issues.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.3 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute, and an execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

📋 CHANGELOG

• ✨ WordPress support [gh-38]
• ✨ Much improved Docker support [gh-697]
• ✨ Translatable dates
• ✨ Load TinyMCE translations
• ✨ Batch processing sites
• ✨ Control email sending for scheduled backups [gh-712]
• ✨ Auto-ban IPs after many failed login attempts
• ✨ Check passwords against HIBP [gh-728]
• ✏️ System Configuration uses more Show On tricks to show/hide relevant settings
• ✏️ Expose the Avatars setting in System Configuration [gh-729]
• ✏️ Session data contents are now encrypted at rest
• ✏️ Session improvements
• ✏️ Expose the Behind Load Balancer configuration setting
• ✏️ Do not send a failure email if a site queued for update is already updated, or disabled
• 🐞 🔺 Some tasks would disable MySQL autocommit without restoring it, leading to weird issues
• 🐞 ➖ MaxExec task throws fatal exception when tasks are executed over the web
• 🐞 🔻 Wrong message about not having Akeeba Backup installed shown when adding a new site [gh-661]
• 🐞 🔻 Wrong language in mail Blade templates [gh-658]
• 🐞 🔻 Groups for disabled sites may not be displayed in the Sites admin page
• 🐞 🔻 Connection doctor: sometimes ends up with an error page instead of showing what is going on with the connection
• 🐞 🔻 High CPU usage warning when the server does not report CPU usage at all
• 🐞 🔻 Update failure email missing site name if site is already up-to-date
• 🐞 🔻 Update Director would claim a site is enqueued for updates when it's not
• 🐞 🔻 Per-language overrides of extension update emails might not have an effect

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.1.3

This is mostly a bugfix version, but we also did manage to sneak in a new feature.

✨ Send scheduled reports to specific groups [gh-521] When you set up a scheduled email task, you can (optionally) select one or more user groups to send emails to. This allows you to fine-tune who receives the emails by creating and assigning user groups.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Kindly remember that the order and timeframe for implementation largely depends on our available time, our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• ✨ Send scheduled reports to specific groups [gh-521]
• ✨ Connection doctor: detect Akeeba Backup Core for Joomla! 3
• ✨ Improve the X-Mailer and Reply-To headers in sent emails
• ✨ Internal support for sending email only to selected user groups
• 🐞 🔺 Cannot launch installation due to a missing character
• 🐞 🔺 Tasks would be picked up by multiple task runners running in parallel (MySQL race condition)
• 🐞 ➖ No visible error message when the site information update fails [gh-523]
• 🐞 ➖ PHPmailer throws a simple RuntimeException in some cases, which was not being caught
• 🐞 ➖ Custom CLI commands in user_code where not autoloaded
• 🐞 ➖ Custom tasks in user_code where not autoloaded
• 🐞 🔻 Extraneous slash in mail messages' [URL] variable [gh-519]
• 🐞 🔻 Joomla update failures could result in the wrong error message displayed
• 🐞 🔻 Missing or small favicons can create layout issues [gh-522]
• 🐞 🔻 Connection to Akeeba Backup reset when saving site without changing connection information [gh-534]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.1.2

This is mostly a bugfix version, but we also did manage to sneak in a new feature.

✨ Send scheduled reports to specific groups [gh-521] When you set up a scheduled email task, you can (optionally) select one or more user groups to send emails to. This allows you to fine-tune who receives the emails by creating and assigning user groups.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Kindly remember that the order and timeframe for implementation largely depends on our available time, our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• ✨ Send scheduled reports to specific groups [gh-521]
• ✨ Connection doctor: detect Akeeba Backup Core for Joomla! 3
• ✨ Improve the X-Mailer and Reply-To headers in sent emails
• ✨ Internal support for sending email only to selected user groups
• 🐞 🔺 Cannot launch installation due to a missing character
• 🐞 🔺 Tasks would be picked up by multiple task runners running in parallel (MySQL race condition)
• 🐞 ➖ No visible error message when the site information update fails [gh-523]
• 🐞 ➖ PHPmailer throws a simple RuntimeException in some cases, which was not being caught
• 🐞 ➖ Custom CLI commands in user_code where not autoloaded
• 🐞 ➖ Custom tasks in user_code where not autoloaded
• 🐞 🔻 Extraneous slash in mail messages' [URL] variable [gh-519]
• 🐞 🔻 Joomla update failures could result in the wrong error message displayed
• 🐞 🔻 Missing or small favicons can create layout issues [gh-522]
• 🐞 🔻 Connection to Akeeba Backup reset when saving site without changing connection information [gh-534]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.1.1

This is mostly a bugfix version, but we also did manage to sneak in a new feature.

✨ Send scheduled reports to specific groups [gh-521] When you set up a scheduled email task, you can (optionally) select one or more user groups to send emails to. This allows you to fine-tune who receives the emails by creating and assigning user groups.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Kindly remember that the order and timeframe for implementation largely depends on our available time, our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• ✨ Send scheduled reports to specific groups [gh-521]
• ✨ Connection doctor: detect Akeeba Backup Core for Joomla! 3
• ✨ Improve the X-Mailer and Reply-To headers in sent emails
• ✨ Internal support for sending email only to selected user groups
• 🐞 🔺 Cannot launch installation due to a missing character
• 🐞 🔺 Tasks would be picked up by multiple task runners running in parallel (MySQL race condition)
• 🐞 ➖ No visible error message when the site information update fails [gh-523]
• 🐞 ➖ PHPmailer throws a simple RuntimeException in some cases, which was not being caught
• 🐞 ➖ Custom CLI commands in user_code where not autoloaded
• 🐞 ➖ Custom tasks in user_code where not autoloaded
• 🐞 🔻 Extraneous slash in mail messages' [URL] variable [gh-519]
• 🐞 🔻 Joomla update failures could result in the wrong error message displayed
• 🐞 🔻 Missing or small favicons can create layout issues [gh-522]
• 🐞 🔻 Connection to Akeeba Backup reset when saving site without changing connection information [gh-534]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.1.0

Happy New Year!

We are happy to present you with Panopticon 1.1.0, nicknamed “Dawn”.

✨ Dashboard layout for Sites Overview [gh-395] The main page of Panopticon, the Sites Overview, now comes with two alternate styles. On one hand we have the classic tabular format you love, or love to hate. On the other hand we have the brand new, much more compact, Dashboard format which can also reload periodically – really useful when you're keeping tabs on dozens of sites being updated. This feature is currently in beta. Most importantly, it paves the way for auto-refreshing page areas in future releases, by introducing Petite Vue to our workflow. Yes, there are plans to make parts of the Site Information page dynamic in the future.

✨ Scheduled Site Action Report Emails [gh-303] You can now have an excerpt of the Site Action Reports (normally available from Overview, Site Reports) for a specific site and time period emailed to you on a schedule. This is useful if you want to receive a daily, weekly, or monthly recap of all the automatic and manual actions which took place on your site through Panopticon.

✨ Basic uptime monitoring [gh-491] Panopticon ships with a (very basic) uptime monitoring system. It is only meant to notify you when a site goes down and comes back up as seen from Panopticon's server. It will not provide any kind of history, or public status page, or multiple locations, or service integrations, etc. It also needs extra CRON jobs on your server to handle the load, which is why it's disabled by default. The architecture does, however, offer plugin events so that integrations with third party services will be possible.

✨ Plugin system. We have introduced a basic plugin system, allowing to write code which hooks into the plugin events offered by Panopticon. What use is running your own monitoring if you can't extend it, right? Please remember that since plugins are included by and make use of Panopticon's code they MUST be licensed under the GNU AGPLv3.

✨ SSL/TLS certificate information display, and sending expiration warning emails [gh-397] All of our sites are now using HTTPS – if not, they should. Most of them use automatically renewing, free of charge TLS (incorrectly called SSL; SSL has been dead for nearly 30 years) certificates issued by Let's Encrypt, CloudFlare, etc. Some sites don't have their certificates auto-renew. In others, the automation breaks. When a certificate expires without being replaced the site starts throwing errors for its visitors. Don't panic! Panopticon will now show you the TLS certificate status and warn you, including by email, when it's about to expire. You get to choose when to get a reminder.

✨ Report latest backup status [gh-396] You can now quickly see the latest backup status in the Sites Overview page. This is updated when the site information is updated (by default: every 15'), and will show you the status of your backups even if the backup is taken outside of Panopticon, e.g. CLI CRON jobs, Joomla! Scheduled Tasks etc. You will also be warned if the backup is older than a certain amount of time, which can be configured per site.

✨ Support for site favicons Panopticon will now display the favicons of the sites in the Sites Overview and Site Information pages, helping you visually identify which site is which.

✨ Select language in Setup [gh-384] You can now choose the language to display the installer in when installing Panopticon. Enfin!

✨ Language selection after logging in [gh-490] Have you ever logged into Panopticon only to find yourself starting at the wrong language? Fear not. You can now switch to a different language without having to log out.

✨ Change the rotated log names [gh-398] The rotated log files are now given more reasonable names, without showing up as log files for an unlreated site.

✨ Preload hints, and HTTP 103 Early Hints [gh-458] As long as your web server supports it, Panopticon will send HTTP/2 and HTTP/3 preload hints. If you are using FrankenPHP it will also send HTTP 103 Early Hint headers with that information, making the page load even faster.

✨ Access a site's logs and tasks directly from the Site Information page. Wanna take a look at the log entries and the scheduled tasks for a site? You no longer need to hunt for that site. The link is under the new Troubleshooting menu item at the top of the Site Information page.

✨ Additional colour themes (CSS) and easier theme selection. Panopticon now comes with additional colour themes (CSS files), and a drop-down to select them:

• Aegean. Deep blue and white, the colours of the Aegean Sea.
• Minty (by Bootswatch). Pastel greens and pink, like a mint candy.
• Scuderia. Legendary racing livery.
• WinterCandy. Pastel blues and plum.

All additional colour themes, except those marked as “by Bootswatch”, were created by us. Additional colour themes, except Aegean, are not very good for accessibility and/or look weird in Dark Mode.

Loads of accessibility and design tweaks. A lot of time and effort was spent by @brianteeman to tweak a lot of views for design consistency and accessibility. Hats off to Brian for his rigorous testing and prolific PRs!

Last, but not least, we identified and terminated a number of bugs with extreme prejudice. Quality of life matters.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Kindly remember that the order and timeframe for implementation largely depends on our available time, our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• ✨ Dashboard layout for Sites Overview [gh-395]
• ✨ Scheduled Site Action Report Emails [gh-303]
• ✨ Basic uptime monitoring [gh-491]
• ✨ Plugin system
• ✨ SSL/TLS certificate information display, and sending expiration warning emails [gh-397]
• ✨ Select language in Setup [gh-384]
• ✨ Change the rotated log names [gh-398]
• ✨ Report latest backup status [gh-396]
• ✨ Support for site favicons
• ✨ Preload hints, and HTTP 103 Early Hints [gh-458]
• ✨ Language selection after logging in [gh-490]
• ✨ Additional colour themes (CSS) and easier theme selection
• ✨ Access a site's logs and tasks directly from the Site Information page
• ✏️ Running composer install will now always create the version.php file
• ✏️ Don't show backup and scanner scheduling buttons unless corresponding software installed [gh-413]
• ✏️ More accessible ID column labels [gh-446]
• 🐞 🔺 The Joomla! Update state could appear to be inconsistent
• 🐞 🔺 Users should not be able to be copied [gh-481]
• 🐞 ➖ Sending emails with the default language results in untranslated variables
• 🐞 🔻 PHP error when the browser returns invalid data during WebAuthn [gh-406]
• 🐞 🔻 TinyMCE content always dark [gh-410]
• 🐞 🔻 Backup not Pro when extension not installed [gh-414]
• 🐞 🔻 Date/time parsing on reports view [gh-419]
• 🐞 🔻 MFA method setup has non-functional toolbar buttons [gh-468]
• 🐞 🔻 Filtering the log files by site name did not work consistently

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.0.7

🔣 This is a bug fix release

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Kindly remember that the order and timeframe for implementation largely depends on our available time, our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• 🐞 🔺 Error when your PHP version is out of date [gh-392]
• 🐞 🔺 “You do not seem to have Akeeba Backup Professional installed.” viewing some sites

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)

v.1.0.6

🔣 This release is focused on improving the translation experience, and brings small improvements to the application.

✨ Connection Doctor [gh-345]. You've got a site which “suddenly” won't connect to Panopticon? Troubleshoot the connection using the new Connection Doctor feature. It will give you detailed information which will help figure out what is going on, or get help more efficiently.

✨ Site notes [gh-363]. You can now add notes to your sites. They are visible only to users who can edit the site. DO NOT STORE SENSITIVE INFORMATION, the notes are stored unencrypted.

✏️ Translations now use PO files instead of a third party service. The struggle is real, y'all! Hosted Weblate was great, but it seemed to be forgetting about the existence of some language strings in translated languages. Different strings in different languages. Alternatives were expensive, or we couldn't trust that their debatable definition of what constitutes FOSS deserving of free service form them would not change (we're not paranoid; it's happened before). Instead of trying to shoehorn our translations around the restrictions of proprietary services we decided to use standard PO files and FOSS to translate them, then use our own, custom-built FOSS to convert them to a format we can use. Openness all around; we practice what we preach. You can take a look in our brand-new translation instructions and start, or resume, translating now.

✏️ Light and Dark Mode for the TinyMCE and ACE editors. We had this weird situation where the TinyMCE (HTML) editor was always in light mode, and the ACE (plain text) editor was always in dark mode, ensuring that everyone was unhappy. Not any more! When your interface is in light mode, so are both editors. When your interface is in dark mode, so are both editors. Law and order has been restored across the land!

✏️ Improve login language selection. The language selection in the login page "sticks" between user sessions, and is applied after logging into Panopticon as long as the logged-in user does not have an explicit language preference already set up.

🖥️ System Requirements

• PHP 8.1, 8.2, or 8.3. PHP 8.2 recommended.
• MySQL 5.7 or later, or MariaDB 10.3 or later. MySQL 8.0 recommended.
• Ability to run CRON jobs, either command-line (recommended) or URLs with a frequency of once every minute and an
  execution time of at least 30 seconds (up to 180 seconds is strongly preferred).
• Obviously, the server it runs on must be connected to the Internet, so it can communicate with your sites.

🔮 What's coming next?

Development of Akeeba Panopticon takes place in public. You can see what we're planning, thinking of, and working on in our issues tracker.

Issues marked as contemplating are those where we're still figuring out how to best implement in a way that makes
sense.

Issues marked as planned are those which are being actively worked on, or queued up for implementation in the next version.

Some issues may have been opened by third parties. Usually, they are relegated to Discussions, which is the best way to provide your feedback, and/or engage in discussion about a new feature, improving an existing feature, or describing a behaviour you find confusing. When there's something actionable in a discussion we will create a new issue with one of the aforementioned tags, or with the bug tag to indicate something that's broken and needs to be fixed.

Kindly remember that the order and timeframe for implementation largely depends on our available time, and our assessment of expected complexity, and interdependencies between features. Security issues and bugs always take priority over new features; there's no point polishing a broken glass. Thank you for your understanding!

📋 CHANGELOG

• ✨ Connection Doctor [gh-345]
• ✨ Site notes [gh-363]
• ✏️ Improve login language selection [gh-367]
• ✏️ Translations now use PO files instead of a third party service
• ✏️ Light and Dark Mode for the TinyMCE and ACE editors
• 🐞 🔺 Wrong assignment of sites to groups if there are gaps in numbering [gh-360]
• 🐞 ➖ No fallback to English if the browser, user configuration, and global configuration don't include it [gh-368]
• 🐞 ➖ No TinyMCE editor when using the .htaccess file
• 🐞 🔻 SMTP Authentication radio always appears disabled when loading System Configuration [gh-390]

Legend:

• 🚨 Security update
• ‼️ Important change
• ✨ New feature
• ✂️ Removed feature
• ✏️ Miscellaneous change
• 🐞 Bug fix (🔺 High priority, ➖ Medium priority, 🔻 Low priority)