Apparix 1.2.6 released - Major improvements

Apparix v1.2.6 — Release Notes

We're excited to announce Apparix v1.2.6, a major update that delivers a completely redesigned Theme Customizer, a new static pages system, and significant security hardening for Docker deployments.

Theme Customizer — Completely Redesigned

• New tabbed interface — Eight organized tabs (General, Logo & Images, Colors, Layout, Typography, Effects, Holidays, Custom CSS) replace the old accordion layout for faster, cleaner navigation.
• Live Preview button — Preview unsaved theme changes on your live storefront in a new tab without committing anything. See exactly what your customers will see before you save.
• Advanced logo typography — New font weight, stretch, and letter spacing controls for logo text, giving you precise control over your brand presentation.

Static Pages System

• Full page management — Create, edit, and delete custom content pages (About Us, FAQ, landing pages, care guides) directly from the admin panel.
• Built-in WYSIWYG editor — Powered by Mintaro, the same rich text editor used in the newsletter composer.
• SEO-ready — Custom meta titles and descriptions for every page.
• Footer integration — Toggle any page to appear in your site footer automatically.
• Update-safe — Pages are stored in the database, so your content is never overwritten by updates.

Docker Security Enhancements

• SecuNX IP blocklist — Over 37,000 known malicious IPs are now blocked at the Nginx level inside every Docker container, out of the box.
• Rate limiting — Admin login limited to 5 attempts per minute. Forms capped at 30 requests per minute. General traffic limited to 10 requests per second. Brute-force attacks are stopped before they ever reach PHP.
• Security status transparency — The admin dashboard now provides clear guidance when additional security tools should be installed on the host server.

Under the Hood

• Smarter security detection — Fail2Ban, ModSecurity, and SecuNX detection now uses process list and Nginx module checks, resolving false negatives caused by file permission restrictions.
• Cross-platform support — Security detection works seamlessly on both traditional server and Docker deployments.
• Scanner blocking — Nginx now returns 410 Gone for common WordPress and CMS vulnerability scan paths, reducing noise in your logs.

This update is available now. As always, we'd love to hear your feedback — drop a reply below or open a topic if you run into anything.