Is there some plan to use 2FA with mobile apps like Aegis, FreeOTP, etcetera?. It would be good. The 2FA access sending an e-mail to validate the access is slower, and the necessity to access the e-mail for a validation is not always convenient.
I was surprised when I returned to ISPConfig after many years to find that it is still not standard here. That's a great pity.
There is 2FA support available by email. It's a pity indeed that others don't work enough for you for free for you, isn't it? Or have you donated the few thousand USD that it costs to implement this? And returning after a few years ... with an account opened yesterday?
Agreed with @till. Also there are some discussions about it, at least with Google Authenticator, in this forum somewhere, with link to its MIT code in github, to begin with. Write or hire someone to write or donate so ISPConfig developers can write the same for all.
ok... I thought that a similar 2FA schema than Roundcube plugin would be easy to implement. Sorry my ignorance. About the economics discussion, I wonder if in case of economic issues maybe the developers could consider split the ISCP in one free version for a few limited domains, and another low cost version for unlimited domains to retain the professional user profiles . Well, maybe I talk from a selfish perspective. I'm not a professional user and I confess my economic contributions are a bit random through the time. I manage only 3 little vps, and I could live with a free ISCP version limited to maximum 3 domains or something like that. Anyway, endless cosmic thanks to the developers in their free approach with this panel. There is no many people like yours these days.
Why do I feel like this is written in such a passive-aggressive way? I'm the last person who deserves this, because I send regular donations to all the open-source projects I use. As a game developer, I live off voluntary donations on Patreon that people send me, and I pass on a portion of that. Unlike others, I appreciate the work of others. Anyway, let's not pick on each other here, because it's ironic. I'm not the type of person who goes to forums to discuss things. I was observing, but I had to create an account when a user in the documentation thread pissed me off by talking about how he should get the documentation for free by any principle. And since I already created an account, I saw this topic that interests me as well, because email as 2FA isn't bad, but a mobile authenticator is still better, tho.. BTW: Has an add-on store ever been considered? I would gladly buy any add-ons to motivate the developers more.
@Sheepa I understand your feeling but we have to remember that ISPConfig is very mature project (started in 2005) and teams behind it saw/read many things maybe that's why it sound like passive-aggressive There was a topic here on forum with till considering moving from selfhosted gitlab to github, imo it would be a really great idea so other developers could start writing code and integrate with ispconfig - but a something like store add-on similar to charts, wp plugins, aptitude would be awesome but to be honest no one would like to end up with clogging server with useless plugins like those in wordpress ;-)
I guess @Sheepa probably, or shall I say hopefully, did not understand what he posted. Coming to an OpenSource project, where other people work for free for you, unpaid, and then complain that after x years they still have not worked enough, or fast enough for free, to implement feature XYZ that he wants to see in a software, is not a nice move. The only thing this triggers is that I ask myself why I develop software for such people, and that I might just stop doing so. And as you said, I'm doing this since 2005, which makes ISPConfig probably one of the most longtime stable Hosting Panel projects in the OS space. But users like that make me really question why I shall continue with my work at all. Other developers have been doing that for 20 years now, no need for GitHub for this. That's why we have nearly 11k contributors and reporters and 371 sub-projects and forks in our GIT system.
then don't install them. , it's your server, your control panel, you control what gets installed. having a plugin / add-on area where it's easy to select and install extensions would be great. it would probably encourage a lot of extra external development. and yes, some of them would probably be very niche use, some would be of dubious quality, probably some would be malicious (should get removed/blocked quite quickly) , and yes, there'd end up being a lot of extension offering similar functionality. some would be free, some would likely be licensed / freemium. it could even provide another source of revenue... where external developers can pay to have there plugin/extension go through some vetting/validation process to get marked as trusted / verified / compatible.
This exists since ISPConfig 3.3.0, so for nearly 1 year now. Please see System > Extension installer or its website https://repo.ispconfig.com/ Extension installation with ISPConfig is a single click, so it's very easy.
Please don't use misinformation, you have around ~11k commits not contributors (according to gitlab); yes many sub-projects most of them are forks for making PR or very useful but abandon modules/plugins that would be awesome in that repo/market. Maybe you don't need Github, but exposing new young developers/users to well made tools that is available, active - that's something else. @nhybgtvfr probably didn't know about plugin market because it lacks plugins (there are few very good ones in gitlab but not updated) to pick and play with.
I did not post misinformation. You should be more careful of what you accuse me of. The text I posted: I said nearly 11k contributors and reporters. I did not say contributors only, and I did not say commits. And to be more accurate, we actually have 10,931 contributors and reporters, I guess that number can be called nearly 11k. I'm also well aware what a commit is In fact, we do not need GitHub, and it does not give us any benefits development wise. The only consideration for using it is as a PR hub. You seem not to know GitLab; otherwise, you would be aware that it's a well-made and widely used tool for software development.
My point is not about github vs gitlab, my point is about accessibility and public access. In which small group of people that you allow to even have account can contribute on your WebUI for git and repose there are mostly expose for people that has account there or find it my mistake on google search. In contrast, most developers has account in WebUI for git that is hosted by microsoft (who owns github dot com) and people by searching project there are expose for other projects that could be fun and helpful. But it looks like we doing derailing here, sorry about that.
