前言介紹
- 這款 WordPress 外掛「Encrypted Post Type」是 2022-10-04 上架。
- 目前尚無安裝啟用數,是個很新的外掛。如有要安裝使用,建議多測試確保功能沒問題!
- 上一次更新是 2022-10-05,距離現在已有 942 天。超過一年沒更新,安裝要確認版本是否可用。以及後續維護問題!
- 外掛最低要求 WordPress 5.5.0 以上版本才可以安裝。
- 外掛要求網站主機運作至少需要 PHP 版本 7.2 以上。
- 有 1 人給過評分。
- 還沒有人在論壇上發問,可能目前使用數不多,還沒有什麼大問題。
外掛協作開發者
newjenk |
外掛標籤
privacy | security | encryption |
內容簡介
當你處理機密、私人或個人的事情時,它們應該保持不公開。
加密文章類型 (Encrypted Post Type) 添加了一個加密的 文章類型,該類型使用 OpenSSL 對文章內容進行加密。您可以使用它來撰寫記事、日記、起草信件、計劃下一個職業生涯甚至項目管理——基本上任何您想保密的重要事情都可以放在加密文章類型中。
此外,該外掛還配備了先進而簡單的標籤系統,讓您可以輕鬆組織文章,打造一個強大且符合您需求的工具。它還可以替代 Roam、Workflowy、OneNote、Evernote 等其他工具。
外掛特色
易於添加標籤,以進行組織並建立您正在處理的事情之間的關聯。從未使用過標籤?這裡有一個方便的標籤使用指南。
與所有核心 Gutenberg 區塊和大多數未對標記進行太多定製的自定義區塊兼容。
開箱即用的協作功能:多個使用者可以查看和編輯文章,加密/解密背景中無縫運行(專業版允許單獨的文章,僅作者可查閱)。
選擇文章類型的名稱。它的默認設置為“筆記”,但您可以隨意命名,甚至在側邊欄中設定圖標!在此閱讀更多關於命名文章類型的信息。
經過測試,即使内容超過 20,000 個字,它也可以完美運行!
文章按照最近編輯的順序顯示在“所有文章”屏幕上;這是快速查看您現在正在工作的內容的好方法。您可以按創建日期、標題重新排序,並將最後更新更改為升序(最舊的首先)。
版本修訂可以正常工作!內容動態解密,因此您可以看到版本之間的差異。
免費版僅有一種加密密鑰存儲方式,但是 專業版 通過引入名為 Rest Key Management (RKM) 的創新,明顯增強了安全性。
您可以通過段落和標題區塊的鏈接彈出窗口輕鬆添加鏈接到其他文章,並在單擊其中一條鏈接時直接進入該文章!
塊編輯器 (Gutenberg) 還包括字數、字符數、段落數和標題數計數器,因此您可以輕鬆跟踪所寫內容的進度,而無需依賴其他工具。 未來版本的區塊編輯器中將添加閱讀長度功能,這將對草擬文件非常有用。
想添加新功能嗎?您可以在此請求添加新功能。
它是如何運作的?
區塊編輯器 (Gutenberg) 以 HTML 標記的方式將數據保存在 post_content 中,並且是此部分進行加密的。
當外掛被安裝並啟用時,一個隨機生成的密鑰會被儲存於您網站的選項表中。該密鑰不用於加密文章內容——我們稍後會回來討論。此外,外掛還創建了一個目錄,該目錄可以維護用於解密文章的加密密鑰。當您對文章進行加密時,它會使用 OpenSLL 生成一個加密密鑰,在目錄中尋找現有的加密密鑰,然後使用公共密鑰加密文章內容。在解密之前,仅持有私有密鑰的用户才能讀取該文章的內容。
原文外掛簡介
When you’re doing things that are confidential, or private, or personal, then they should remain so.
Encrypted Post Type adds an encrypted post type where the content of posts is encrypted using OpenSSL. Use it to write notes, keep a diary, draft letters, plan your next career move, even project manage – basically anything important that you want to keep private, Encrypted Post Type is the place to put it.
Coming complete with an advanced but simple tagging system you can easily organise your posts to create a powerful tool that works just the way you need it to, and can replace other tools like Roam, Workflowy, OneNote, Evernote, and more.
Features of this plugin
Easily tag your posts to organise them and build relationships between things you’re working on. Never used tags before? Here’s a handy guide on using tags.
Works with all core Gutenberg blocks and should work with most custom blocks that aren’t doing anything too funky with the markup.
Collaboration out of the box: multiple users can view and edit posts, with encryption/decryption happening seamlessly in the background (the Pro version allows individual posts, viewable only to the author).
Choose a name for the post type. By default it’s set to ‘Notes’ but you can name it anything you like, and even set an icon in the sidebar! Read more about naming the post type here.
It’s been tested with content over 20,000 words in length and worked an absolute champ!
Posts display in order of most recently edited on the ‘All Posts’ screen; this is a great way to quickly see what you’re working on right now. You can re-order by created date, title, and you can change last updated to ascending (oldest first).
Revisions work! Content is decrypted on the fly so you can see the differences between versions.
The free version has 1 way of storing the encryption keys, but the Pro version beefs up security significantly by introducing an innovation called Rest Key Management (RKM).
You can easily add links via the link pop-up of the paragraph and heading block to other posts, and when you click on one of the links you’ll go straight to the post!
The block editor (Gutenberg) also includes word, character, paragraph, and heading counts, so you can easily keep track on the progress of what you’re writing all within the block editor without having to rely on additional tools. Reading length will be added in a future version of the block editor, which will come in really handy for drafting documents.
Want a feature added? You can request a new feature here.
How does it work?
The block editor (Gutenberg) saves data in post_content as html markup – it’s this that is encrypted.
When the plugin is installed and activated a key is randomly generated that is saved in the options table of your site. This key is not used to encrypt content of posts – we’ll come back to it in a second. A directory is also created in the uploads directory that is used to store the encryption keys – the keys in this directory are used to encrypt data, but before they are saved in the directory they are encrypted with the key that was saved in the options table (with the Pro version the keys are saved on a different site for added security). So, the encryption keys are themselves encrypted.
When you create a new post the encryption key for that post is saved in the directory mentioned above (but remember, it’s encrypted before being saved) along with something called an Initialisation Vector (IV), which ensures the encrypted output (ciphertext) is unique.
When you save your post the key that was saved in the directory when the post was initially created is first decrypted using [a] the key saved in the options table, and [b] the Initialisation Vector (IV) that was saved alongside the key; the decrypted key is then used to encrypt the content and an IV is also saved alongside the post. The IV is updated each time the post is saved to ensure the encrypted output (ciphertext) is unique.
Encryption is done using aes128 and the OpenSSL library.
Important considerations
Media that you upload to your site is not encrypted. If you want this feature request it here.
If you delete your encryption keys and you don’t have a backup there’s no way of getting your data back. It will be gone for good.
Reusable blocks are not encrypted. If you want this feature request it here.
Each post has its own encryption key that will be saved in a file (or via RKM). These files are very small (approx 255 bytes), which means 3,900 will take up approximately 1MB, and 3,900,000 will take up approximately 1GB of server space. It’s safe to say you’ll have to create lots and lots and lots of posts before space becomes an issue.
Encryption should be part of a broader security strategy. There are a few simple things you can do to help protect your data in addition to using Encrypted Post Type: [1] use a strong password, [2] use 2-factor authentication, [3] minimise the number of plugins you use, and only use plugins from reputable sources, [4] keep WordPress up-to-date, including your theme/s and plugins.
Encryption happens server-side. End-to-end encryption was considered but there are limitations to end-to-end encryption that make it impractical in many applications. There are plenty of legitimate use cases where server-side encryption makes more sense. For example, there are several potential features in the pipe-line like reminders and mentions that would be very very difficult to pull off with end-to-end encryption.
Encryption is complex, and Encrypted Post Type aims to bring encryption to WordPress in a way that is accessible to all. As with all software, there may be bugs present. The plugin is open source and if you spot a bug please feel free to contribute over on Github here: github.com/NewJenk/EPT, pull requests are welcome.
Why WordPress, the block editor (Gutenberg), and Encrypted Post Type make a great combo
The block editor is flexible; whether you need easy access to tags when you’re writing (they display in the sidebar), or if you want a screen free of distractions to do your best work, the block editor can do it with ease. And combined with Encrypted Post Type, you can confidently maximise the true potential of the block editor safe in the knowledge that your data is secure.
WordPress is very mature and works great for managing lots of content – tags have been part of WordPress since 2008!
The details pop-up (the i icon in the block editor toolbar) includes super useful information perfect for note taking, drafting documents and more!
The block editor comes with some really smart keyboard shortcuts that can boost productivity. For example, highlight text and use CTRL+K (CMD+K on Mac) to add a link, or use CTRL+S (CMD+S on Mac) to save your work.
The WordPress block editor (also called Gutenberg) is an excellent writing tool. It’s better than Microsoft Word at word processing (although that probably says more about Word), and is also a formidable website page builder (albeit a significant departure from WordPress of old). And it is so powerful, and has so much potential, that it could conceivably become the de-facto editor of the internet. It makes an excellent tool for taking notes, writing documents, and building web pages. And it has another trick up its sleeve that lends itself very well to encryption. Because of the need for Gutenberg to be backwards compatible with the rest of WordPress, the output of Gutenberg is simple html markup. Because the markup Gutenberg generates is so simple, almost all Gutenberg blocks are compatible with encryption.
Pro version
If you want to make your content even more secure you can upgrade to the Pro version that includes an innovative way to manage your encryption keys called REST Key Management (RKM). RKM stores your encryption keys on a separate WordPress site that you control, meaning that both the site where your encrypted content is stored AND the site where your keys are stored would have to be compromised for your data to be at risk – and it would have to be a very bad day for that to happen.
Included with Pro:
Rest Key Management (RKM) – offers a significant security boost!
Archive Posts – don’t want a post to show up in ‘All Posts’? Mark it as archived and it’ll only be viewable in a special ‘Archive’ mode.
Individual Posts – only the author of an individual post can view and edit it.
Hide the front-end of your site – only use your WP site to write notes, or draft documents? Easily hide the front-end.
Premium email support.
PRO VERSION COMING SOON – get on the waitlist*
*Your email will only be used to let you know when the Pro version is available.
Request a feature
The core plugin is available for anyone to contribute to on Github here: github.com/NewJenk/EPT, pull requests are welcome. In addition, you can request a feature by filling in the form here.
Compatibility with other plugins
Developer-friendly plugins can be extended to encrypt/decrypt content. Here are examples of how content can be encrypted and decrypted:
Encrypting content
See the method en_p_t_encrypt_the_post in encrypted-post-type.php for an example of how to encrypt content.
Decrypting content
See the example here: https://encryptedposttype.com/kb/about#decrypting-content
各版本下載點
- 方法一:點下方版本號的連結下載 ZIP 檔案後,登入網站後台左側選單「外掛」的「安裝外掛」,然後選擇上方的「上傳外掛」,把下載回去的 ZIP 外掛打包檔案上傳上去安裝與啟用。
- 方法二:透過「安裝外掛」的畫面右方搜尋功能,搜尋外掛名稱「Encrypted Post Type」來進行安裝。
(建議使用方法二,確保安裝的版本符合當前運作的 WordPress 環境。
延伸相關外掛(你可能也想知道)
Cookie Notice & Compliance for GDPR / CCPA 》Cookie Notice 提供簡單易定制的網站橫幅,以協助你的網站遵守歐盟 GDPR cookie 法律以及 CCPA 法規下的某些cookie同意要求,並與 Cookie Compliance 無縫集...。
Complianz – GDPR/CCPA Cookie Consent 》Complianz 是一款支援 GDPR、ePrivacy、DSGVO、TTDSG、LGPD、POPIA、APA、RGPD、CCPA/CPRA和PIPEDA 的插件,提供基於Cookie掃描結果的條件Cookie通知和自定義...。
WP Consent API 》WP Consent API 是一個外掛,可以標準化插件之間同意的同意類別溝通。它需要使用 Cookie 標語插件和至少一個支援 WP Consent API 的其他插件。, , 有了這個插...。
Termly – GDPR/CCPA Cookie Consent Banner 》Termly 的 GDPR Cookie Consent Banner 是 WordPress 中最簡便、有效、且流行之 cookie 同意外掛之一。透過 Termly 所提供之自訂 cookie 同意橫幅及 cookie ...。
Statify 》Statify 提供了一個簡單明瞭且節省空間的網站瀏覽次數查詢功能。它是隱私友好的,因為它既不使用 Cookies,也不使用第三方。, 一個互動圖表後面會顯示參照來...。
Usercentrics Cookiebot – Cookie Banner & Privacy Compliance for GDPR/CCPA/Google Consent Mode 》Cookiebot Consent Management Platform (CMP) 是一個易於使用且全自動的 WordPress Cookie 橫幅。它可符合 GDPR、LGPD、CCPA 及其他隱私法規,並通過讓網站...。
Koko Analytics 》Koko Analytics 是一款針對 WordPress 的隱私友好型分析外掛程式。它不使用任何外部服務,所以您的訪客資料永遠不會與任何第三方公司分享。, 此外,它不會收...。
Force Login 》這款 WordPress 外掛能夠輕鬆地透過設定需要登入來隱藏您的網站,讓訪客必須先進行登入才能查看網站。只需按下開關,就能完成。, 讓您的網站在還未公開之前保...。
WP DSGVO Tools (GDPR) 》一站式解決方案, 作為 WP GDPR 的使用者,您只需要完成兩個簡單的任務:, , 選擇使用的服務, 填寫幾個輸入欄位, , WP GDPR 其他所有事項都會處理:, , 創建 c...。
Restricted Site Access 》此外掛能限制訪客的存取權限,只有登入或從特定IP地址存取的訪客才能訪問您的網站;同時,還能將被限制的訪客引導至登入頁面、重新導向、顯示訊息或頁面等功...。
Statify – Extended Evaluation 》這個外掛程式評估了使用隱私友好的Statify外掛所收集的數據。Statify僅儲存每個頁面瀏覽的日期、引薦人和目標網址。, 這個外掛程式根據以下標準進行評估:, ,...。
WP Hide Post 》這個外掛強在幫助你完全控制文章的顯示方式。在 WordPress 網誌上,一般加入的文章會顯示在首頁中,通常是第一篇位置,也會同樣顯示在分類、標籤、存檔頁面等...。
PublishPress Permissions: Control User Access for Posts, Pages, Categories, Tags 》或標籤,你會看到一個名為「權限:編輯此內容」的方塊,它允許你為每個用戶角色、個別用戶或用戶群組設置「啟用」或「拒絕」的權限。你還可以設置所有訪客和...。
Plausible Analytics 》Plausible Analytics 是一個簡單、開源、輕量且注重隱私的網站分析工具,是 Google Analytics 的替代品。, , Plausible Analytics 不使用 cookies,完全符合 ...。
Lazy Load for Videos 》這個外掛改善了頁面加載時間,提高了你的 Google PageSpeed 指數。它與 oEmbed 配合使用,可以將嵌入的 YouTube 和 Vimeo 視頻替換為可點擊的預覽圖片。, 通...。