Jonathan Miller
134b9b3693
Generic: Repo Health / Scripts governance (push) Blocked by required conditions
Generic: Repo Health / Repository health (push) Blocked by required conditions
Generic: Repo Health / Report Issues (push) Blocked by required conditions
Generic: Repo Health / Access control (push) Successful in 2s
Generic: Repo Health / Site Health (push) Has been skipped
Universal: Auto Version Bump / Version Bump (push) Successful in 9s
Security: - Add return after all jsonForbidden() calls (13 methods) to prevent ACL bypass if $app->close() fails to terminate - Add throw after requireAuth() in REST API controller (same pattern) - Add path traversal guard to AttachmentService::getAbsolutePath() using realpath + prefix check Error handling: - Log install notification email failures instead of empty catch - Log DB errors in getUserEmail(), getNotificationConfig(), getComponentConfig() instead of silent fallbacks - Log PHP upload error codes in AttachmentService - Check Folder::create() return value before upload loop - Fix searchKb() missing return on short query + log DB errors - Fix ntfy push to capture curl_error() on connection failure - Upgrade AutomationEngine inner catch to LOG_ERROR with rule ID
MokoSuiteClient
MokoSuiteClient is a Joomla 5.x / 6.x system plugin package that provides white-label branding, security hardening, tenant restrictions, health monitoring, and multi-domain management for the MokoSuiteClient platform.
Features
- White-Label Branding — configurable brand name, company, support URL, colors, favicon, custom CSS
- Tenant Restrictions — master user enforcement, installer/sysinfo/config/template access control
- Health Monitoring — 16 diagnostic checks via
/?mokosuiteclient=healthwith Grafana auto-provisioning - Site Aliases — per-alias offline mode, robots directives, backend redirect, canonical URLs
- Remote API — 6 endpoints (health, install, update, cache, backup, info)
- Security Hardening — HTTPS enforcement, session timeouts, password policy, upload restrictions
- Plugin Protection — protected status, hidden from non-master users, disable/uninstall blocked
Requirements
- Joomla 5.0+ or 6.x
- PHP 8.1+ (8.3+ for Joomla 6)
Installation
Download the latest pkg_mokosuiteclient-*.zip from Releases and install via System → Install → Upload Package File.
After installation, the package auto-enables and sets protected status.
Documentation
Full documentation is available on the MokoSuiteClient Wiki:
License
GPL-3.0-or-later — see LICENSE.md
Changelog
See CHANGELOG.md