Knock Knock Changelog

Keep up to date with all the changes with Knock Knock.

Knock Knock 3.x is on version 2.0.11, released on Nov 09, 2023

  • theicons.co/svg/photo-09 Created with Sketch. 24 New features
  • theicons.co/svg/others-47 Created with Sketch. 12 Improvements
  • theicons.co/svg/home-36 Created with Sketch. 38 Bug fixes
View latest release (2.0.11) on the Plugin Store

2.0.11 - Latest Release

Released Nov 09, 2023

  • theicons.co/svg/others-47 Created with Sketch.

    Action request endpoints are now no longer protected.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix too-early call on User::getIdentity() when plugin is disabled, for better performance.

2.0.10

Released June 05, 2023

  • theicons.co/svg/home-36 Created with Sketch.

    Fix an error when checking the enabled state of the plugin.

2.0.9

Released May 27, 2023

  • theicons.co/svg/photo-09 Created with Sketch.

    Add Cache-Control headers when redirecting.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix an incorrect check for enabled state for multi-site installs.

2.0.8

Released Mar 02, 2023

  • theicons.co/svg/home-36 Created with Sketch.

    Fix unprotectedUrls as a config option not working correctly.

2.0.7

Released Jan 18, 2023

  • theicons.co/svg/others-47 Created with Sketch.

    Only admins are now allowed to access plugin settings.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix Protected URLs/Unprotected URLs not working correctly for multiple values when set via the control panel.

2.0.6

Released Dec 10, 2022

  • theicons.co/svg/photo-09 Created with Sketch.

    Add enableCpProtection plugin setting.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix login challenge when accessing the control panel.

2.0.5

Released Nov 16, 2022

  • theicons.co/svg/home-36 Created with Sketch.

    Fix an error introduced in 2.0.4.

2.0.4

Released Nov 15, 2022

  • theicons.co/svg/photo-09 Created with Sketch.

    Add support for Cloudflare remote IP checking.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add support to block CP-based pages, not just site-based requests.

2.0.3

Released Oct 19, 2022

  • theicons.co/svg/home-36 Created with Sketch.

    Fix an issue with live preview checks for access control.

2.0.2

Released July 13, 2022

  • theicons.co/svg/home-36 Created with Sketch.

    Fix protectedUrls, and unprotectedUrls URLs partial-matching incorrectly due to Regex rules.

  • theicons.co/svg/home-36 Created with Sketch.

    Better normalising of allowIps, denyIps, protectedUrls, and unprotectedUrls settings.

  • theicons.co/svg/home-36 Created with Sketch.

    Revert infinite loop check, which results in incorrect redirect URLs.

2.0.1

Released July 12, 2022

  • theicons.co/svg/home-36 Created with Sketch.

    Fix an error when installing the plugin.

2.0.0

Released July 10, 2022

  • theicons.co/svg/photo-09 Created with Sketch.

    Add resave console command for elements.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add checks for registering events for performance.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add archiveTableIfExists() to install migration.

  • theicons.co/svg/others-47 Created with Sketch.

    Now requires PHP 8.0.2+.

  • theicons.co/svg/others-47 Created with Sketch.

    Now requires Craft 4.0.0+.

  • theicons.co/svg/others-47 Created with Sketch.

    Now requires Knock Knock 1.2.16 in order to update from Craft 3.

  • theicons.co/svg/others-47 Created with Sketch.

    Rename service classes.

  • theicons.co/svg/others-47 Created with Sketch.

    Rename base plugin methods.

  • theicons.co/svg/others-47 Created with Sketch.

    Use Application::EVENT_INIT to test access to ensure Craft is initialized properly.

1.2.17

Released July 10, 2022

  • theicons.co/svg/photo-09 Created with Sketch.

    Allow arrays in config settings for allowIps, denyIps, protectedUrls, unprotectedUrls. (thanks @Diewy).

  • theicons.co/svg/home-36 Created with Sketch.

    Fix a potential infinite redirect loop if changing from http to https.

1.2.16

Released Sept 17, 2021

  • theicons.co/svg/home-36 Created with Sketch.

    Fix site-based custom templates not working correctly.

1.2.15

Released June 30, 2021

  • theicons.co/svg/photo-09 Created with Sketch.

    Add support for custom CP-based templates. (thanks @seibert-io).

  • theicons.co/svg/photo-09 Created with Sketch.

    Add support for IPv4 and IPv6 CIDR blocks in allowIps and denyIps config. (thanks @onstuimig).

  • theicons.co/svg/others-47 Created with Sketch.

    Deny access to settings for non-admins.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix redirect URL not using the referrer URL after logging in.

1.2.14

Released Nov 29, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix potential error redirecting to non-site URLs after login. In some cases, this caused redirecting to a cpresources asset.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix cookie not respecting the Craft defaultCookieDomain config setting.

1.2.13

Released Sept 10, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix incorrect loginUrl route, causing issues on some site setups (subdirectory installs).

1.2.12

Released Aug 14, 2020

  • theicons.co/svg/photo-09 Created with Sketch.

    Allow env variables to be used in allow/deny IPs.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix login path not resolving correctly for some multi-site installs.

1.2.11

Released Aug 10, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix challenge URL not being correct for nested URLs.

1.2.10

Released July 13, 2020

  • theicons.co/svg/photo-09 Created with Sketch.

    Add useRemoteIp to opt-in to more stricter IP checks if security is your concern.

  • theicons.co/svg/home-36 Created with Sketch.

    Revert behaviour of using remote IP for checking user IP. Too many issues and edge-cases.

1.2.9.2

Released June 22, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix potential issue splitting multi-line settings (allowIps, denyIps, protectedUrls).

1.2.9.1

Released June 18, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix error introduced in 1.2.9.

1.2.9

Released June 17, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Deprecate whitelistIps. Use allowIps instead.

  • theicons.co/svg/home-36 Created with Sketch.

    Deprecate blacklistIps. Use denyIps instead.

1.2.8

Released May 20, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix fetching the IP for a user that could allow spoofing via headers. Vulnerability IP Whitelist bypass reported by Paweł Hałdrzyński.

  • theicons.co/svg/home-36 Created with Sketch.

    Ensure redirect param is validated to prevent malicious redirection. For custom forms, please update the redirect input to use {{ redirect | hash }} otherwise logins will not work. Vulnerability Open-redirect reported by Paweł Hałdrzyński.

1.2.7

Released Apr 21, 2020

  • theicons.co/svg/photo-09 Created with Sketch.

    Add forcedRedirect to force a redirected URL once logging in.

1.2.6

Released Apr 16, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix logging error Call to undefined method setFileLogging().

1.2.5

Released Apr 15, 2020

  • theicons.co/svg/others-47 Created with Sketch.

    File logging now checks if the overall Craft app uses file logging.

  • theicons.co/svg/others-47 Created with Sketch.

    Log files now only include GET and POST additional variables.

1.2.4.2

Released Apr 01, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Realllly fix live preview from cross-domains.

1.2.4.1

Released Mar 31, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix error thrown for console requests.

1.2.4

Released Mar 31, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Re-organise access testing code, and support cross-domain live preview (properly, through tokens).

1.2.3

Released Mar 30, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Exclude live preview requests from blocking access.

1.2.2

Released Mar 14, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix asset bundles causing style issues in the CP.

1.2.1

Released Feb 25, 2020

  • theicons.co/svg/photo-09 Created with Sketch.

    Add support for Regex in protected URLs.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix protected URL comparison taking into account query strings, when it shouldn't.

1.2.0

Released Jan 30, 2020

  • theicons.co/svg/photo-09 Created with Sketch.

    Add Craft 3.4 compatibility.

1.1.2

Released Jan 07, 2020

  • theicons.co/svg/home-36 Created with Sketch.

    Fix yii\base\InvalidConfigException error thrown in some instances.

1.1.1

Released Nov 27, 2019

  • theicons.co/svg/photo-09 Created with Sketch.

    Added Custom login path. Thanks @X-Tender.

  • theicons.co/svg/photo-09 Created with Sketch.

    Allow IPs to be whitelisted from login protection.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add Protected URLs to set specific URLs (and only those) for password protection.

  • theicons.co/svg/home-36 Created with Sketch.

    Update redirect input.= Fix redirection after login.

1.1.0

Released June 05, 2019

  • theicons.co/svg/photo-09 Created with Sketch.

    Add lock-out and security behaviour.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add multi-site settings.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add custom template setting.

  • theicons.co/svg/photo-09 Created with Sketch.

    New icon.

  • theicons.co/svg/photo-09 Created with Sketch.

    Add override notice for settings fields.

1.0.3

Released Feb 09, 2019

  • theicons.co/svg/home-36 Created with Sketch.

    Fix console requests throwing an error.

1.0.2

Released Feb 02, 2019

  • theicons.co/svg/others-47 Created with Sketch.

    Downgrade requirement to Craft 3.0.x.

  • theicons.co/svg/home-36 Created with Sketch.

    Fix settings not saving.

1.0.1

Released Jan 30, 2019

  • theicons.co/svg/photo-09 Created with Sketch.

    Added enabled setting.