內容簡介
當你處理機密、私人或個人的事情時,它們應該保持不公開。
加密文章類型 (Encrypted Post Type) 添加了一個加密的 文章類型,該類型使用 OpenSSL 對文章內容進行加密。您可以使用它來撰寫記事、日記、起草信件、計劃下一個職業生涯甚至項目管理——基本上任何您想保密的重要事情都可以放在加密文章類型中。
此外,該外掛還配備了先進而簡單的標籤系統,讓您可以輕鬆組織文章,打造一個強大且符合您需求的工具。它還可以替代 Roam、Workflowy、OneNote、Evernote 等其他工具。
外掛特色
易於添加標籤,以進行組織並建立您正在處理的事情之間的關聯。從未使用過標籤?這裡有一個方便的標籤使用指南。
與所有核心 Gutenberg 區塊和大多數未對標記進行太多定製的自定義區塊兼容。
開箱即用的協作功能:多個使用者可以查看和編輯文章,加密/解密背景中無縫運行(專業版允許單獨的文章,僅作者可查閱)。
選擇文章類型的名稱。它的默認設置為“筆記”,但您可以隨意命名,甚至在側邊欄中設定圖標!在此閱讀更多關於命名文章類型的信息。
經過測試,即使内容超過 20,000 個字,它也可以完美運行!
文章按照最近編輯的順序顯示在“所有文章”屏幕上;這是快速查看您現在正在工作的內容的好方法。您可以按創建日期、標題重新排序,並將最後更新更改為升序(最舊的首先)。
版本修訂可以正常工作!內容動態解密,因此您可以看到版本之間的差異。
免費版僅有一種加密密鑰存儲方式,但是 專業版 通過引入名為 Rest Key Management (RKM) 的創新,明顯增強了安全性。
您可以通過段落和標題區塊的鏈接彈出窗口輕鬆添加鏈接到其他文章,並在單擊其中一條鏈接時直接進入該文章!
塊編輯器 (Gutenberg) 還包括字數、字符數、段落數和標題數計數器,因此您可以輕鬆跟踪所寫內容的進度,而無需依賴其他工具。 未來版本的區塊編輯器中將添加閱讀長度功能,這將對草擬文件非常有用。
想添加新功能嗎?您可以在此請求添加新功能。
它是如何運作的?
區塊編輯器 (Gutenberg) 以 HTML 標記的方式將數據保存在 post_content 中,並且是此部分進行加密的。
當外掛被安裝並啟用時,一個隨機生成的密鑰會被儲存於您網站的選項表中。該密鑰不用於加密文章內容——我們稍後會回來討論。此外,外掛還創建了一個目錄,該目錄可以維護用於解密文章的加密密鑰。當您對文章進行加密時,它會使用 OpenSLL 生成一個加密密鑰,在目錄中尋找現有的加密密鑰,然後使用公共密鑰加密文章內容。在解密之前,仅持有私有密鑰的用户才能讀取該文章的內容。
外掛標籤
開發者團隊
原文外掛簡介
When you’re doing things that are confidential, or private, or personal, then they should remain so.
Encrypted Post Type adds an encrypted post type where the content of posts is encrypted using OpenSSL. Use it to write notes, keep a diary, draft letters, plan your next career move, even project manage – basically anything important that you want to keep private, Encrypted Post Type is the place to put it.
Coming complete with an advanced but simple tagging system you can easily organise your posts to create a powerful tool that works just the way you need it to, and can replace other tools like Roam, Workflowy, OneNote, Evernote, and more.
Features of this plugin
Easily tag your posts to organise them and build relationships between things you’re working on. Never used tags before? Here’s a handy guide on using tags.
Works with all core Gutenberg blocks and should work with most custom blocks that aren’t doing anything too funky with the markup.
Collaboration out of the box: multiple users can view and edit posts, with encryption/decryption happening seamlessly in the background (the Pro version allows individual posts, viewable only to the author).
Choose a name for the post type. By default it’s set to ‘Notes’ but you can name it anything you like, and even set an icon in the sidebar! Read more about naming the post type here.
It’s been tested with content over 20,000 words in length and worked an absolute champ!
Posts display in order of most recently edited on the ‘All Posts’ screen; this is a great way to quickly see what you’re working on right now. You can re-order by created date, title, and you can change last updated to ascending (oldest first).
Revisions work! Content is decrypted on the fly so you can see the differences between versions.
The free version has 1 way of storing the encryption keys, but the Pro version beefs up security significantly by introducing an innovation called Rest Key Management (RKM).
You can easily add links via the link pop-up of the paragraph and heading block to other posts, and when you click on one of the links you’ll go straight to the post!
The block editor (Gutenberg) also includes word, character, paragraph, and heading counts, so you can easily keep track on the progress of what you’re writing all within the block editor without having to rely on additional tools. Reading length will be added in a future version of the block editor, which will come in really handy for drafting documents.
Want a feature added? You can request a new feature here.
How does it work?
The block editor (Gutenberg) saves data in post_content as html markup – it’s this that is encrypted.
When the plugin is installed and activated a key is randomly generated that is saved in the options table of your site. This key is not used to encrypt content of posts – we’ll come back to it in a second. A directory is also created in the uploads directory that is used to store the encryption keys – the keys in this directory are used to encrypt data, but before they are saved in the directory they are encrypted with the key that was saved in the options table (with the Pro version the keys are saved on a different site for added security). So, the encryption keys are themselves encrypted.
When you create a new post the encryption key for that post is saved in the directory mentioned above (but remember, it’s encrypted before being saved) along with something called an Initialisation Vector (IV), which ensures the encrypted output (ciphertext) is unique.
When you save your post the key that was saved in the directory when the post was initially created is first decrypted using [a] the key saved in the options table, and [b] the Initialisation Vector (IV) that was saved alongside the key; the decrypted key is then used to encrypt the content and an IV is also saved alongside the post. The IV is updated each time the post is saved to ensure the encrypted output (ciphertext) is unique.
Encryption is done using aes128 and the OpenSSL library.
Important considerations
Media that you upload to your site is not encrypted. If you want this feature request it here.
If you delete your encryption keys and you don’t have a backup there’s no way of getting your data back. It will be gone for good.
Reusable blocks are not encrypted. If you want this feature request it here.
Each post has its own encryption key that will be saved in a file (or via RKM). These files are very small (approx 255 bytes), which means 3,900 will take up approximately 1MB, and 3,900,000 will take up approximately 1GB of server space. It’s safe to say you’ll have to create lots and lots and lots of posts before space becomes an issue.
Encryption should be part of a broader security strategy. There are a few simple things you can do to help protect your data in addition to using Encrypted Post Type: [1] use a strong password, [2] use 2-factor authentication, [3] minimise the number of plugins you use, and only use plugins from reputable sources, [4] keep WordPress up-to-date, including your theme/s and plugins.
Encryption happens server-side. End-to-end encryption was considered but there are limitations to end-to-end encryption that make it impractical in many applications. There are plenty of legitimate use cases where server-side encryption makes more sense. For example, there are several potential features in the pipe-line like reminders and mentions that would be very very difficult to pull off with end-to-end encryption.
Encryption is complex, and Encrypted Post Type aims to bring encryption to WordPress in a way that is accessible to all. As with all software, there may be bugs present. The plugin is open source and if you spot a bug please feel free to contribute over on Github here: github.com/NewJenk/EPT, pull requests are welcome.
Why WordPress, the block editor (Gutenberg), and Encrypted Post Type make a great combo
The block editor is flexible; whether you need easy access to tags when you’re writing (they display in the sidebar), or if you want a screen free of distractions to do your best work, the block editor can do it with ease. And combined with Encrypted Post Type, you can confidently maximise the true potential of the block editor safe in the knowledge that your data is secure.
WordPress is very mature and works great for managing lots of content – tags have been part of WordPress since 2008!
The details pop-up (the i icon in the block editor toolbar) includes super useful information perfect for note taking, drafting documents and more!
The block editor comes with some really smart keyboard shortcuts that can boost productivity. For example, highlight text and use CTRL+K (CMD+K on Mac) to add a link, or use CTRL+S (CMD+S on Mac) to save your work.
The WordPress block editor (also called Gutenberg) is an excellent writing tool. It’s better than Microsoft Word at word processing (although that probably says more about Word), and is also a formidable website page builder (albeit a significant departure from WordPress of old). And it is so powerful, and has so much potential, that it could conceivably become the de-facto editor of the internet. It makes an excellent tool for taking notes, writing documents, and building web pages. And it has another trick up its sleeve that lends itself very well to encryption. Because of the need for Gutenberg to be backwards compatible with the rest of WordPress, the output of Gutenberg is simple html markup. Because the markup Gutenberg generates is so simple, almost all Gutenberg blocks are compatible with encryption.
Pro version
If you want to make your content even more secure you can upgrade to the Pro version that includes an innovative way to manage your encryption keys called REST Key Management (RKM). RKM stores your encryption keys on a separate WordPress site that you control, meaning that both the site where your encrypted content is stored AND the site where your keys are stored would have to be compromised for your data to be at risk – and it would have to be a very bad day for that to happen.
Included with Pro:
Rest Key Management (RKM) – offers a significant security boost!
Archive Posts – don’t want a post to show up in ‘All Posts’? Mark it as archived and it’ll only be viewable in a special ‘Archive’ mode.
Individual Posts – only the author of an individual post can view and edit it.
Hide the front-end of your site – only use your WP site to write notes, or draft documents? Easily hide the front-end.
Premium email support.
PRO VERSION COMING SOON – get on the waitlist*
*Your email will only be used to let you know when the Pro version is available.
Request a feature
The core plugin is available for anyone to contribute to on Github here: github.com/NewJenk/EPT, pull requests are welcome. In addition, you can request a feature by filling in the form here.
Compatibility with other plugins
Developer-friendly plugins can be extended to encrypt/decrypt content. Here are examples of how content can be encrypted and decrypted:
Encrypting content
See the method en_p_t_encrypt_the_post in encrypted-post-type.php for an example of how to encrypt content.
Decrypting content
See the example here: https://encryptedposttype.com/kb/about#decrypting-content
