I succesfully installed phplists. I’m on a no-funds project, therefore I use a existent webhosting account from hetzner that does not allow shell-access, therefore I can’t use composer and thus downloaded https://github.com/phpList/phplist3/archive/refs/heads/main.zip and uploaded /lists via ftp.
Everything works great - but the version is shown as “vdev”. I’d like to upgrade to the most recent stable version and use the “Updater Plugin”. I tried to install that, using the gui, but it can’t be enabled: “Failure on system requirement phpList version 3.5.4 or greater”
Can you point me to an upgrade path?
I’d like to “harden” my installation:
can I use basic auth (via .htaccess) on the ‘admin’ dir?
is there an example for a CSP Header?
anything else, I should consider regarding security?
My use case is: I have a website, users shall be able to sign-up to our newsletter, using phplist
Great! Overwriting /list and applying the config.php + upgrade the db worked like a charm. I’m still into ‘hardening’ especially CSP and basic auth for /admin (in order to have the backend-login not open to the public.
One thing I noticed: Sending Mail fails at first (timeout connecting to smtp) I can’t access the php error log so I don’t know whatr really happens. I can ‘fix’ the issue, setting the smtp_debug of phpmailer6 to level 4 - send one mail and then set it back to 0. Works, but I have no clue why. If I find out why, I’ll let you know.