Nostr Web Client

!! WordPress #Nostr Login Plugin Update !!

Good news YEGHRO #Nostr plugin for #WordPress is now more secure.

We've added NIP98 authentication to the login process making even better.

Update now to version 1.6 and enjoy more peace of mind.

Big thanks to nostr:nprofile1qyx8wumn8ghj7cnjvghxjmcpz4mhxue69uhk2er9dchxummnw3ezumrpdejqzrthwden5te0dehhxtnvdakqz8thwden5te0dehhxarj94c82c3wwajkcmr0wfjx2u3wdejhgqg6waehxw309ahx7um5wghx7unpdenk2urfd3kzuer9wcq36amnwvaz7tm0vf5h2un8v96x7u3ww35x2amgv9kxctnrdakszynhwden5te0wp6hyurvv4cxzeewv4esz9rhwden5te0wfjkccte9ejxzmt4wvhxjmcpzemhxue69uhhyetvv9ujumn0wd68ytnzv9hxgqgkwaehxw309aex2mrp0yh8qunfd4skctnwv46qzgnhwden5te0wfjkccte9eex2enfdejhy7fwvdhhyctrd3jjuar0dak8xqgcwaehxw309aex2mrp0yh8xmn0wf6zuum0vd5kzmqqyr8vpazdp4jddkwh58yycvc023n7w5kv3vr97uswsa9qhmgu2stdygsq7mx for his contribution to this update. Give the man a follow and a thanks.

https://wordpress.org/plugins/nostr-login/

YEGHRO 1y ago

Ok my frens,

My apologies for the mix up and confusion the past couple of days. The bugs in the plugin have been addressed and secure login and authentication is working as it should be.

Feel free to update to version 1.7 to get the latest plugin updates.

!! PS !!

It's important that you install something called php-gmp on your #WordPress servers so that your wordpress site has the nostr crypto tools it needs to properly authenticate and verify your logins. It's easy enough, the instructions are listed on the plugins wordpress page as well as github repo but I'll also add it here for your convieniance:

* For Ubuntu/Debian:

Run: sudo apt-get update && sudo apt-get install php-gmp

Restart PHP/web server: sudo service php-fpm restart (or apache2 if using Apache)

* For CPanel:

Contact your hosting provider to enable the PHP-GMP module

Most managed WordPress hosts can enable this through the hosting control panel

* For Windows:

Open php.ini file

Uncomment the line: extension=gmp

Restart your web server

After installation, verify GMP is enabled by checking your site's PHP info page.

I wanted to avoid installing extra stuff on your Wordpress server but this appears critical for security.

Reply to this note

Please Login to reply.

Discussion

Rob Woodgate 11mo ago

Glad we finally got there nostr:nprofile1qy2hwumn8ghj76rfwd6zumn0wd68ytnvv9hxgqg6waehxw309ahx7um5wfjkccte9euk2emgwfhjucm0d5q3yamnwvaz7tmsw4e8qmr9wpskwtn9wvq3gamnwvaz7tmjv4kxz7fwv3sk6atn9e5k7qghwaehxw309aex2mrp0yhxvmm4de6xz6tw9enx6qgkwaehxw309aex2mrp0yhxummnw3ezucnpdejqz9nhwden5te0wfjkccte9ec8y6tdv9kzumn9wsqzp7ppz7dat453ccd5x43nvwy2mtwresfsfay7wudg0sudulk5l5pzr0eztk 🤜 🤛

I can confirm v1.7 addresses the login security issue, and implements the NIP-98 authentication checks properly.

I know adding the GMP (GNU Multiple Precision) extension for PHP is a hassle, but this is a small price to pay for cryptographic security.

Great plugin! 🫡

YEGHRO 11mo ago

Fantastic. And you're right it's a small price with a big pay off. 🍻