A plugin to fix a serious security bug in leancloud visitor counter for NexT theme site and other site that integrated this function using a similar way.
And you can also read full explanation of current problem here.
npm install hexo-leancloud-counter-security --save
Activate this plugin in hexo's
_config.yml (which locates in the root dir of your blog) by filling those options:
leancloud_counter_security: enable_sync: true app_id: <<your app id>> app_key: <<your app key>> username: <<your username>> # Will be asked while deploying if is left blank password: <<your password>> # Recommmended to be left blank. Will be asked while deploying if is left blank
leancloud_counter_security not specified (or commented), plugin will totally disabled.
This plugin integrated in «NexT» and after plugin enabled in main Hexo config, need to enable options in NexT config:
leancloud_visitors: enable: true app_id: <<your app id>> app_key: <<your app key>> # Dependencies: https://github.com/theme-next/hexo-leancloud-counter-security security: true betterPerformance: false
Because the Leancloud developer's plan has limits in requst thread amount and running time, counter number may be very slow to load in some times. If set
betterPerformance to true, counter number will be displayed quickly by assuming the request is accepted normally.
You should build the Leancloud background first to make the counter active.
After that, install this plugin and config it to make the counter safe.
hexo lc-counter register <<username>> <<password>>
hexo lc-counter r <<username>> <<password>>
Register a user in your Leancloud database for authority control.