The official blog extension by TYPO3 GmbH is one of the most widely used solutions for content publishing in TYPO3 projects — with a mature data model built on pages rather than proprietary tables, flexible author management, built-in SEO metadata, and a well-considered categorisation system. The fork in this repository brings the extension fully up to TYPO3 v14.3, focusing on three areas: workspace-safe rendering, Site Set-based configuration, and security hardening.
If you stage blog content in TYPO3 Workspaces and publish it only once it has been approved, the corrected rendering pipeline keeps draft content from appearing prematurely in the frontend. This package builds on the upstream extension from TYPO3 GmbH and carries the port forward specifically for TYPO3 v14.
Table of contents
Overview
What has been done
Features in detail
Installation
Overview
The TYPO3 GmbH blog extension takes an unusual approach: blog posts are regular TYPO3 pages with doktype 137, rather than custom content records in a proprietary table. Content is assembled from standard content elements — no custom content model, no vendor lock-in. Categorisation is handled through TYPO3 system categories, whilst tags use a dedicated taxonomy. Multi-author support with avatars (Gravatar or upload), social links, and bios is built in. The comment system supports moderation, reCAPTCHA, and Disqus as an alternative.
RSS feeds, OG/Twitter metadata, and route enhancers for user-friendly URLs round out the SEO package. This makes the extension a good fit for both traditional corporate blogs and content-driven TYPO3 projects with multiple authors.
This fork requires TYPO3 ^14.3 and PHP ^8.2 (tested 8.2–8.4). TYPO3 v13 and earlier are not supported. The upstream repository from TYPO3GmbH remains the reference for older TYPO3 versions.
What has been done
The fork is based on the original by TYPO3 GmbH and has been fully ported to the v14.3 baseline. Rendering has been migrated from renderPlugin to tt_content.{listType}.20 — a prerequisite for workspace-safe behaviour, since workspace overlays only apply correctly at this level. Static TypoScript includes have been replaced by three new Site Sets (standalone, integration, bootstrap-53) that plug into the TYPO3 v14 Site Set system.
On the security side, the output of comments, links, and Fluid text has been hardened ([SECURITY] commits): input sanitisation, link validator checks, and escaping-safe Fluid partials reduce the risk of XSS and injection attacks. The Extbase domain code has been modernised, the migration wizards updated, and the backend module overhauled.
The new CI uses SQLite functional tests for fast feedback cycles and Playwright smoke tests for end-to-end verification of the frontend rendering — neither of which exists in the upstream version.
Features in detail
| Feature | Benefit |
|---|---|
| Doktype 137 (blog post as a page) | No proprietary content model — posts are regular TYPO3 pages |
| System categories + custom tags | Flexible taxonomy without custom tables |
| Multi-author with avatar, bio, social links | Represent editorial teams using Gravatar or custom uploads |
| Comment system + moderation + reCAPTCHA | Spam protection and moderation workflow out-of-the-box |
| Full Workspace support | Posts, tags, and authors are versioned; comments remain live |
| Three Site Sets (standalone/integration/bootstrap-53) | Clean configuration integration without static TypoScript includes |
| RSS feeds + OG/Twitter metadata + Route Enhancers | SEO-ready out-of-the-box, user-friendly URLs without manual configuration |
Installation
composer config repositories.blog vcs https://github.com/dirnbauer/blog.git
composer require t3g/blog:dev-masterFrequently asked questions
Conclusion
This fork brings the official TYPO3 GmbH blog extension up to TYPO3 v14.3, with a focus on workspace staging, security hardening, and modern Site Set configuration. For teams that rely on TYPO3 Workspaces for editorial approval workflows, the corrected rendering pipeline is the biggest win. The Playwright smoke tests and SQLite-based CI also make reliable regression testing far easier in future maintenance cycles.
We would like to thank TYPO3 GmbH and the TYPO3 community for the excellent TYPO3GmbH/blog extension. We use this extension and have extended it for TYPO3 v14.3 with workspace-safe rendering, Site Sets, and security hardening. The bulk of the work comes from TYPO3 GmbH and the community: the page-based data model, the author and tag structures, comment moderation, and SEO integration. The extension is licensed under GPL-2.0-or-later.