Jump to content

netcarver

PW-Moderators
  • Content Count

    1,743
  • Joined

  • Last visited

  • Days Won

    33

netcarver last won the day on October 30 2019

netcarver had the most liked content!

Community Reputation

2,597 Excellent

About netcarver

  • Rank
    Code Monkey

Profile Information

  • Gender
    Male
  • Location
    UK

Recent Profile Visitors

13,929 profile views
  1. Hi @Markus (Blue Tomato) Don't know, but here are a few things to get started on. Is production running the same version of PW or one prior to that commit? Does production connect to MySQL on localhost or via a second IP address? Ditto for your dev box. If dev box is connecting to MySQL using "localhost" in your config.php file DB settings, try switching it to "127.0.0.1". Any errors/exceptions in the PW log files or web server log files on your dev box?
  2. Going to package and release as a Textformatter in the modules directory @bernhard or @JoshoB?
  3. Interesting video from MinutePhysics on Youtube. And here's the website for the log-log graph.
  4. Just to confirm, the folks at Folding@Home are using the cluster to search for drugs that might be of use in preventing SARS-CoV2 from initiating infection. So by donating your CPU compute resources you will immediately be helping in research that could save a lot of lives. You can read more about there current efforts here. If you have GPU power that is idle some of the time, you can also have Folding@Home work packets run on that, though I think the SARS-CoV2 research is currently only running on CPUs. There's still plenty for GPUs to work on though. More about the project on Wikipedia.
  5. Hello All, In the middle of this pandemic, I came across a citizen-science site that I think we should all consider helping out. It's called folding@home and aims to produce the largest distributed medical research computer cluster in the world, in order to solve protein folding problems, that should help develop treatments (or cures) for multiple medical conditions we all face. If you, or your company, have any spare internet connected resources, please consider joining the cluster - it's fairly easy to setup the client and connect. I'm running this on my linux laptop and hope to keep doing so. It's quite CPU intensive so you get to choose the level of resource usage it can have. For example, to control my CPU temperature. I've limited to just a single thread on an i7. Please support if you can.
  6. The best educational videos on covid-19 I have yet seen:
  7. You are right; whilst it is possible to get a vhost/.htaccess-based A+ on security headers while keeping the admin interface fully operational, it is a pain and leaves the apache config files in a bit of a mess. Getting the admin interface sorted in the vhosts file prompted this post over in dev-talk that might also help someone out if they go down that route. What you've posted seems to be a fairly nice approach to the issue - thanks!
  8. Sounds like your test_image field is configured to return an array of results - hence access via the first accessor fixing things for you.
  9. Just a heads up, I hope this might save someone some time in the future. TL:DR> It's taken me hours to work out that Apache version 2.4 <If> statements are broken when trying to do regular expression matches against the %REQUEST_URI variable. Try matching against the variable called %THE_REQUEST instead - but be careful with your regex. Background: I've been trying to add more relaxed CSP headers for the admin portion of one of my PW sites because my default, strict, CSP headers stop some admin features from working properly. After diving in to Apache2 regexs and conditionals, I thought I had the answer with this... <If "%{REQUEST_URI} !~ m#^/admin/?#i"> # CSP headers for external visitors. Header set Content-Security-Policy "<strict policy for public site>" </If> <Else> # CSP headers for admin visitors. Header set Content-Security-Policy "<lax policy for admin>" </Else> ...but I couldn't make it work. After experimenting for several hours I found that the regex shown above does work if you limit it to a single-character match; which is essentially useless for determining if we are in the admin interface. However, you can achieve a useful match with the following... <If "%{THE_REQUEST} !~ m# /admin/?#i"> ... </If> <Else> ... </Else> ...which checks verses the entire HTTP request line made to the server. This block can go in your vhosts file or in the site's .htaccess file. Here's the Apache documentation: https://httpd.apache.org/docs/current/expr.html and it seems I'm not alone in having this issue: https://serverfault.com/questions/940953/apache-if-statement-not-working?noredirect=1&lq=1 although neither of these links had workable solutions for me.
  10. @jajaja With both Digital Ocean and Contabo you get a bare VPS that you have to setup and manage yourself - both of these VPS offerings are capable of running Processwire if you are capable of administering the VPS. Costs are comparable between the two services (I've used both), but Digital Ocean has a much better administration interface, whilst Contabo offer a much better spec of VPS server for the about the same price. Feel free to get in contact via Private Message here on the forums if you want any more details. If you are not used to administering your own VPS, then there are managed solutions that might work better for you - but they will cost more. HTH
  11. Hi @Ilyas I'm kind of curious as to your use case for this request. Could you explain a bit more about the reason for wanting to password-protect the login page. Is this something that could be achieved another way - for example by moving the admin login to a less well known location?
  12. @entschleunigung and/or @Vivian Please create an issue on the processwire-issues repository on Github for this, as it needs to be looked at. @entschleunigung If you don't have a github account, just sign up for a free account, then follow the numbered steps on this page to add the issue to the issues repository. Thank you for your co-operation!
  13. Hmm, this reminds me of something from Jeff Starr over at Perishable Press. His stuff usually works very well. Perhaps you made some other inadvertent edit to the htaccess file? Did you do a graceful reload on Apache when you made the edits? If you do find the error to be somewhere else, and do decide to add the track/trace protection, you might want to make it case insensitive and add some other verbs in there too. Something like this... RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|put|trace|track) [NC] RewriteRule .* - [F] Which is just a snippet from Jeff's 6G Firewall. Or just use his entire script at the top of your htaccess file. There's also the beta version of his 7G Firewall available which I am using on a couple of sites.
×
×
  • Create New...