Jump to content

netcarver

PW-Moderators
  • Content Count

    1,743
  • Joined

  • Days Won

    33

Everything posted by netcarver

  1. Hi @Markus (Blue Tomato) Don't know, but here are a few things to get started on. Is production running the same version of PW or one prior to that commit? Does production connect to MySQL on localhost or via a second IP address? Ditto for your dev box. If dev box is connecting to MySQL using "localhost" in your config.php file DB settings, try switching it to "127.0.0.1". Any errors/exceptions in the PW log files or web server log files on your dev box?
  2. Going to package and release as a Textformatter in the modules directory @bernhard or @JoshoB?
  3. Interesting video from MinutePhysics on Youtube. And here's the website for the log-log graph.
  4. Just to confirm, the folks at Folding@Home are using the cluster to search for drugs that might be of use in preventing SARS-CoV2 from initiating infection. So by donating your CPU compute resources you will immediately be helping in research that could save a lot of lives. You can read more about there current efforts here. If you have GPU power that is idle some of the time, you can also have Folding@Home work packets run on that, though I think the SARS-CoV2 research is currently only running on CPUs. There's still plenty for GPUs to work on though. More about the project on Wikipedia.
  5. Hello All, In the middle of this pandemic, I came across a citizen-science site that I think we should all consider helping out. It's called folding@home and aims to produce the largest distributed medical research computer cluster in the world, in order to solve protein folding problems, that should help develop treatments (or cures) for multiple medical conditions we all face. If you, or your company, have any spare internet connected resources, please consider joining the cluster - it's fairly easy to setup the client and connect. I'm running this on my linux laptop and hope to keep doing so. It's quite CPU intensive so you get to choose the level of resource usage it can have. For example, to control my CPU temperature. I've limited to just a single thread on an i7. Please support if you can.
  6. The best educational videos on covid-19 I have yet seen:
  7. You are right; whilst it is possible to get a vhost/.htaccess-based A+ on security headers while keeping the admin interface fully operational, it is a pain and leaves the apache config files in a bit of a mess. Getting the admin interface sorted in the vhosts file prompted this post over in dev-talk that might also help someone out if they go down that route. What you've posted seems to be a fairly nice approach to the issue - thanks!
  8. Sounds like your test_image field is configured to return an array of results - hence access via the first accessor fixing things for you.
  9. Just a heads up, I hope this might save someone some time in the future. TL:DR> It's taken me hours to work out that Apache version 2.4 <If> statements are broken when trying to do regular expression matches against the %REQUEST_URI variable. Try matching against the variable called %THE_REQUEST instead - but be careful with your regex. Background: I've been trying to add more relaxed CSP headers for the admin portion of one of my PW sites because my default, strict, CSP headers stop some admin features from working properly. After diving in to Apache2 regexs and conditionals, I thought I had the answer with this... <If "%{REQUEST_URI} !~ m#^/admin/?#i"> # CSP headers for external visitors. Header set Content-Security-Policy "<strict policy for public site>" </If> <Else> # CSP headers for admin visitors. Header set Content-Security-Policy "<lax policy for admin>" </Else> ...but I couldn't make it work. After experimenting for several hours I found that the regex shown above does work if you limit it to a single-character match; which is essentially useless for determining if we are in the admin interface. However, you can achieve a useful match with the following... <If "%{THE_REQUEST} !~ m# /admin/?#i"> ... </If> <Else> ... </Else> ...which checks verses the entire HTTP request line made to the server. This block can go in your vhosts file or in the site's .htaccess file. Here's the Apache documentation: https://httpd.apache.org/docs/current/expr.html and it seems I'm not alone in having this issue: https://serverfault.com/questions/940953/apache-if-statement-not-working?noredirect=1&lq=1 although neither of these links had workable solutions for me.
  10. @jajaja With both Digital Ocean and Contabo you get a bare VPS that you have to setup and manage yourself - both of these VPS offerings are capable of running Processwire if you are capable of administering the VPS. Costs are comparable between the two services (I've used both), but Digital Ocean has a much better administration interface, whilst Contabo offer a much better spec of VPS server for the about the same price. Feel free to get in contact via Private Message here on the forums if you want any more details. If you are not used to administering your own VPS, then there are managed solutions that might work better for you - but they will cost more. HTH
  11. Hi @Ilyas I'm kind of curious as to your use case for this request. Could you explain a bit more about the reason for wanting to password-protect the login page. Is this something that could be achieved another way - for example by moving the admin login to a less well known location?
  12. @entschleunigung and/or @Vivian Please create an issue on the processwire-issues repository on Github for this, as it needs to be looked at. @entschleunigung If you don't have a github account, just sign up for a free account, then follow the numbered steps on this page to add the issue to the issues repository. Thank you for your co-operation!
  13. Hmm, this reminds me of something from Jeff Starr over at Perishable Press. His stuff usually works very well. Perhaps you made some other inadvertent edit to the htaccess file? Did you do a graceful reload on Apache when you made the edits? If you do find the error to be somewhere else, and do decide to add the track/trace protection, you might want to make it case insensitive and add some other verbs in there too. Something like this... RewriteCond %{REQUEST_METHOD} ^(connect|debug|move|put|trace|track) [NC] RewriteRule .* - [F] Which is just a snippet from Jeff's 6G Firewall. Or just use his entire script at the top of your htaccess file. There's also the beta version of his 7G Firewall available which I am using on a couple of sites.
  14. Just noticed this post on the issues-repo that might happen to fix the above as it contains a space -> "+" mapping. Untested, might be worth a shot.
  15. @Robin S That looks like a better fit for this scenario.
  16. Try posting the same URL but with the '%20's replaced with a '+'. Have you - or the hoster - added any rules to the htaccess file, or enabled any security modules?
  17. @Peter Falkenberg Brown Hello Peter, I've not used this on a new site in a while (ie, not tested on a recent version of PW) but have no doubts the method works as presented above as I'm using on my own internal site to generate invoice numbers. The version of PW I am using there is 3.0.119. If your general approach is the same, (given what you wrote above, I can't tell for sure) then I think this could work for you. Best wishes, Steve
  18. Hi Bernhard, Thanks for this. There is also Marc's FontAwesomePro module that might be similar.
  19. Here are a couple more PW-related calendar options, courtesy of my secret project.
  20. @Mikeinnc I think you have an error in the first line of your virtual host config. You posted that it has... <VirtualHost \*:80> I think it should be... <VirtualHost *:80> You will need to restart Apache after the edit.
  21. Hi @Mikeinnc, I assume that if you do a ping processwire.test that it resolves to localhost? Also, have you checked for permission issues on the file system? Specifically, can the user account that Apache runs under actually access /var/www/html/Processwire? Finally, have you had a look in Apache's logfile for the site? (Should be something like /var/log/apache2/errors.log or something like it.) Best wishes
  22. Hello @alex159753 Good to see you back again - I initially thought you were a spammer as your first post was a close fit to a very common pattern we see here as moderators. I am glad I was wrong! Regarding my points earlier, I wasn't aware your company was a startup and you have a fair point about certification. I don't know of any places doing online certified CCNA training, but you could look at itpro.tv as they might. However, that's not a free service, so if you do think of signing up with them do grab a sign-up code from somewhere like the Security Now podcast as that will give you a significant lifetime discount. Hope things work out for you in the startup. Best wishes, Steve
  23. Hello @alex159753, I've redacted the link from your post as you are a newcomer to the forum. Questions... If you are working at a networking firm, surely they can advise you about professional qualifications. Does your firm have a policy about continuing professional development? I would have thought google or youtube would be good places to find answers to this question - are you looking for something more specific than either of those can provide?
×
×
  • Create New...