Alpha v2.5.0

NOT RECOMMENDED FOR PRODUCTION USE.

• Clickjacking prevention
• CSS improvements
• More configuration options
• Upgradability (upgrade script, better config management, software stores version information)
• Redirects for actions on most pages for smoother user experience
• Support for installing somewhere other than the web root (e.g. example.com/blog instead of just example.com)
• Installer improvements, better error catching
• Logins are rate limited (5 logins/attempts per hour)
• Registrations are rate limited (10 minute delay)
• Max number of accounts per IP limit (3 per IP)
• Post creation is rate limited (a 5 minute delay)
• Post editing is rate limited (a 5 second delay)
• All of those delays are configurable
• Users can now actually set their names
• Many minor visual fixes and enhancements

This version of the software is still an alpha version. However, it is relatively usable and has enough rate limiting in place to be resilient against most spammers. There are an almost total lack of administration features, however, and multi-user blogs would definitely push the software's current limits. There is no CAPTCHA to help stop or slow automated spam. Technically, the software can be used in production for one person's small blog. This is not recommended, as there are likely bugs and there may be serious security flaws present at this stage in development. A great many features are planned and not yet implemented. Use at your own risk.

Alpha v2.0.0

NOT INTENDED FOR PRODUCTION USE.

• Now properly supports Nginx.
• Post editing is a thing.
• Post deleting is a thing.
• Posts can be starred/unstarred.
• Sessions are handled in a more secure fashion.
• More web crawler friendly.

Overall some unnecessary things have been removed (unused database fields), webp support is planned when image uploads are implemented, a few more things are configurable (registration, prettyURLs), and the software has more features than before. This is still an early development version, but is much more passable as usable blogging software. It is missing key security features such as rate limiting and captchas, and will not be production ready at least until those are implemented.

Alpha v1.1.0

NOT INTENDED FOR PRODUCTION USE.
See previous release (Alpha v1.0.0) for a more exhaustive feature description. This description lists only changes since that version, so assume everything the prior release's description says is true of this one unless specified otherwise. There is now a basic dark theme (needs tweaking), full CSRF protection for every form, better form logic, better error displaying, and blog posts now display author information. Overall, minor but substantial improvements in terms of security and usability.

Alpha v1.0.0

NOT INTENDED FOR PRODUCTION USE.
This version of AtomicBlog is barebones. There are few features, and few security mechanisms. XSS and SQL injection vulnerabilities should not be present, but I do not guarantee that. CSRF protection is partially implemented. There is no rate limiting, nor is there any form of CAPTCHA. Image uploading for blog posts is planned but not implemented. Blog post editing is planned but not yet implemented. There are no administrative features as of yet. The home page has very basic blog post categorization. The theme is very basic, and there is only one theme. Language localization is planned but not implemented. There are likely many bugs. The user interface/experience is inconsistent and needs more work. I recommend only using this software on a local server that is not exposed to the Internet. For now, it is to be considered in early development and thus not suitable for production.