Search the Community

Probably the easiest way to add existing images and variations to PW pages would be via the API – take a look at the PageImage class docs: <?php namespace ProcessWire; // Bootstrap ProcessWire: https://processwire.com/docs/front-end/include/ include './index.php'; $results = $pages->find('id=1'); // Your page query $myImage = '/myImage.jpg'; // The image foreach ($results as $result) { // Add initial image $result->of(false); $result->imageField->add($myImage); $result->save(); // Retrieve added image, add description $lastImage = $result->imageField->last(); $lastImage->description = "My description"; // Create variation of last image $variation = $lastImage->size(500, 500); $result->imageField->add($variation); // Add additional variations here, and format conversion $result->save(); } You'll need to augment this code to accommodate an existing list of images, or multiple images per page, to match against the PW pages. WebP (or any image format conversions, it seems) are not natively supported by PW, but it looks like some folks have figured out some solutions (inline, and more integrated) :

This thread is really exciting. I'm looking forward to offering webp easily. =D Thanks @horst for your hard work.

Hi! Has anyone tried this in their servers? If so, what's your experience with it? I am particularly interested in the auto webp conversion/ https://developers.google.com/speed/pagespeed/module/

@horst If already working in GD, what's necessary to make it work with the core? Or are you saying the ImageSizerEngineGD in the core already supports it? Admittedly I've not had much experience with webp but interested. Btw, how does the Barlow font version render over there? @jmartsch I enabled permanent scrollbars here and now I'm seeing it. I applied a few adjustments that seem to fix it and will push those updates later today. This is the way it has always worked (it did not change with the new site). However, I really have no idea of anyone is using it or not. I might disable it and see if anyone says "hey what happened?" Thanks I fixed it locally and will push the update later today. I don't immediately know how to implement ESC key here but will revisit it later. I think this is what I was feeling too (with Work Sans), there is kind of a typewriter feel going on. I still like it, but just thinking it's not the right fit here. I like Krub better than any others I've seen so far, but if it's got rendering issues then we'd need to determine if the issue is reproducible beyond Horst's computer, which I'm guessing it is, though have not yet heard any other reports. Barlow then Rubik are the other two that I think could do the job. I don't expect it to work with all links, it's just a quick-n-dirty way for us to see different fonts/colors. But it's not going to be retained as a feature of the site. It looks to me like an iPad, which doesn't speak to a development environment for me. Though maybe people are using them that way, I don't really know. But the goal with the frame was just to give the appearance of looking over the shoulder of someone's development and editing environment. While just a browser frame (or some other OS frame) is kind of what I expect to see here, anonymous, so I'd just tune it out. It lacks context of a dev environment that I think is needed here. It's got to be something that implies we're looking at the whole screen of an actual computer of a web developer, not just a window. I also don't want to show an iPad (or any tablet or phone) because that isn't representative of an dev environment, plus it implies something to do with mobile, which isn't a message we're trying to get across here. While we'll start with the current frame, I also see it as a short term thing. I personally like the current setup but I know it's also subjective. Regardless of subjectivity, I think it communicates what needs to be, and that's what I'm focused on rather than whether people think an iMac is ugly or pretty. But an actual video is the end goal, and this needs no frame. I'd like to replace it with that video Jonathan was working on, once that's at a good point (and if he's open to it).

To sum up my favourites: the look and feel of the screen presentation @3fingers linked to, but as a automatic slider with maybe 3 slides, in high image quality without artefacts as picture or srcset elements with webP alternatives. ? Ps: speaking about the screenshot on the entrypage.

Implementing a basic support for additional webP format in PW is just around the corner, (when I next get time to do the implementation in IMagick. In GD is already working.) ?

That's totally fine. We could simply not support different formats besides webp for now. I was really just talking about the configuration, so if there is time in the future to have a more extensive featureset supported we don't need to change the configuration, but can just add the features / remove warnings.

Nice one @horst! This is really great. Browser support (webp) is pretty straightforward easy using <picture> and <source>. Or if you use a library like lazyload it can even switch automatically.

Yeah, there are ways to use webp as progressive enhancement, so there's no need to detect browser support on the server side.

This seems like a pretty good approach to both inline and CSS images: https://css-tricks.com/using-webp-images/ For inline images in a textarea a textformatter module could prepare the picture/srcset.

GD supports webp: http://php.net/manual/en/image.installation.php

Yes, imagemagick supports it: https://imagemagick.org/script/webp.php Thanks @horst!!

Firefox 65 will support WebP. Will be out in January 2019.

PW creates thumbnails for files uploaded to an image field, so the file type needs to be something that the ImageSizer supports. Webp is not yet supported. If you just need the path then you can use a file field.

why webp still is a invalid file extension?? No make sense for me if I only need to use the url to the file in my pages, I'm not processing the image data.. only print the path

Maybe you can try http://modules.processwire.com/modules/auto-smush/ But I'm thinking about using Cloudinary for my next project: http://cloudinary.com/ One of the greatest features of their service is to auto detect and serve .webp files if the browser supports. This format has a better compression that jpg or png.

I am porting a site from http to https, I use pw 2.7.3 with procache On the command line I copied all from public_html to private_html Trouble is that the https homepage keeps redirecting to http homepage, i.e. https://www.domain.com redirects to http://www.domain.com That problem does not exist when I load a page off root, like https://www.domain.dom/one-down does not redirect. Here is my htaccess file for the private_html dir: ################################################################################################# # ProcessWire ProCache recommended .htaccess tweaks for expires and gzip performance settings. # PWPC-3.0 Keep this line here for ProCache identification purposes. ################################################################################################# <IfModule mod_headers.c> Header set Connection keep-alive Header unset ETag <FilesMatch "\.(eot|otf|ttc|ttf|woff)$"> Header set Access-Control-Allow-Origin "*" </FilesMatch> </IfModule> FileETag None <IfModule mod_expires.c> ExpiresActive On ExpiresDefault "access plus 1 month" # html ExpiresByType text/html "access plus 1 hour" # images ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/svg+xml "access plus 1 year" ExpiresByType image/bmp "access plus 1 year" ExpiresByType image/webp "access plus 1 year" # css and js ExpiresByType text/css "access plus 1 year" ExpiresByType text/javascript "access plus 1 year" ExpiresByType application/javascript "access plus 1 year" ExpiresByType application/x-javascript "access plus 1 year" # downloads ExpiresByType application/octet-stream "access plus 1 year" # feeds ExpiresByType application/json "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType text/xml "access plus 0 seconds" # icon / favicon ExpiresByType image/vnd.microsoft.icon "access plus 1 year" ExpiresByType image/x-icon "access plus 1 year" # font ExpiresByType application/x-font-ttf "access plus 1 year" ExpiresByType application/x-font-woff "access plus 1 year" ExpiresByType application/font-woff "access plus 1 year" ExpiresByType application/font-woff2 "access plus 1 year" ExpiresByType font/woff "access plus 1 year" ExpiresByType application/vnd.ms-fontobject "access plus 1 year" ExpiresByType font/eot "access plus 1 year" ExpiresByType font/opentype "access plus 1 year" # audio/video ExpiresByType audio/ogg "access plus 1 month" ExpiresByType video/mp4 "access plus 1 month" ExpiresByType video/ogg "access plus 1 month" ExpiresByType video/webm "access plus 1 month" </IfModule> <IfModule mod_deflate.c> <IfModule mod_setenvif.c> <IfModule mod_headers.c> # Force compression for mangled `Accept-Encoding` request headers # https://developer.yahoo.com/blogs/ydn/pushing-beyond-gzipping-25601.html SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAVE_Accept-Encoding RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding </IfModule> </IfModule> # <IfModule mod_filter.c> # Apache 2.3.7 and above may need to uncomment this line AddOutputFilterByType DEFLATE "text/html" AddOutputFilterByType DEFLATE "text/plain" AddOutputFilterByType DEFLATE "text/css" AddOutputFilterByType DEFLATE "text/javascript" AddOutputFilterByType DEFLATE "application/javascript" AddOutputFilterByType DEFLATE "application/x-javascript" AddOutputFilterByType DEFLATE "application/json" AddOutputFilterByType DEFLATE "application/xml" AddOutputFilterByType DEFLATE "text/xml" # </IfModule> # Apache 2.3.7 and above may need to uncomment this line </IfModule> # End ProcessWire ProCache recommended tweaks ################################################################################################# ################################################################################################# # START PROCESSWIRE HTACCESS DIRECTIVES # @version 2.5 # @indexVersion 250 ################################################################################################# # ----------------------------------------------------------------------------------------------- # Don't show directory indexes, but do follow symbolic links # 500 NOTE: Some cloud hosting companies don't allow +FollowSymLinks. # Uncomment +SymLinksifOwnerMatch and comment +FollowSymLinks if you have 500 errors. # If that doesn't resolve the error, then set it back to +FollowSymLinks. # ----------------------------------------------------------------------------------------------- Options -Indexes Options +FollowSymLinks # Options +SymLinksifOwnerMatch # ----------------------------------------------------------------------------------------------- # Let ProcessWire handle 404s # ----------------------------------------------------------------------------------------------- ErrorDocument 404 /index.php # ----------------------------------------------------------------------------------------------- # Handle request for missing favicon.ico/robots.txt files (no ending quote for Apache 1.3) # ----------------------------------------------------------------------------------------------- <Files favicon.ico> ErrorDocument 404 "The requested file favicon.ico was not found. </Files> <Files robots.txt> ErrorDocument 404 "The requested file robots.txt was not found. </Files> # ----------------------------------------------------------------------------------------------- # Protect from XSS with Apache headers # ----------------------------------------------------------------------------------------------- <IfModule mod_headers.c> # prevent site from being loaded in an iframe on another site # you will need to remove this one if you want to allow external iframes Header always append X-Frame-Options SAMEORIGIN # to prevent cross site scripting (IE8+ proprietary) Header set X-XSS-Protection "1; mode=block" # prevent mime-based attacks via content sniffing (IE+Chrome) # Header set X-Content-Type-Options "nosniff" </IfModule> # ----------------------------------------------------------------------------------------------- # Protect ProcessWire system files (part 1B) for Apache versions 2.4 and newer: # APACHE 2.4+ NOTE: Uncomment this section and remove or comment out section 1A above. # ----------------------------------------------------------------------------------------------- <FilesMatch "\.(inc|info|info\.json|module|sh|sql)$|^(\..*)$"> Require all denied </FilesMatch> <Files .htaccess> Require all denied </Files> # ----------------------------------------------------------------------------------------------- # Override a few PHP settings that can't be changed at runtime (not required) # 500 NOTE: Try commenting out this entire section below if getting Apache 500 errors. # ----------------------------------------------------------------------------------------------- <IfModule mod_php5.c> php_flag magic_quotes_gpc off php_flag magic_quotes_sybase off php_flag register_globals off </IfModule> # ----------------------------------------------------------------------------------------------- # Set default directory index files # ----------------------------------------------------------------------------------------------- DirectoryIndex index.php index.html index.htm # ----------------------------------------------------------------------------------------------- # ProcessWire requires mod_rewrite # ----------------------------------------------------------------------------------------------- <IfModule mod_rewrite.c> RewriteEngine On AddDefaultCharset UTF-8 # ----------------------------------------------------------------------------------------------- # If you only want to allow HTTPS, uncomment the RewriteCond and RewriteRule lines below. # ----------------------------------------------------------------------------------------------- #RewriteCond %{HTTPS} off #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] #RewriteCond %{HTTPS} !=on # This checks to make sure the connection is not already HTTPS #RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # ----------------------------------------------------------------------------------------------- # Set an environment variable so the installer can detect that mod_rewrite is active. # Note that some web hosts don't support this. If you get a 500 error, you might try # commenting out this SetEnv line below. # ----------------------------------------------------------------------------------------------- <IfModule mod_env.c> SetEnv HTTP_MOD_REWRITE On </IfModule> # ----------------------------------------------------------------------------------------------- # OPTIONAL: Set a rewrite base if rewrites aren't working properly on your server. # And if your site directory starts with a "~" you will most likely have to use this. # ----------------------------------------------------------------------------------------------- # RewriteBase / # RewriteBase /pw/ # RewriteBase /~user/ # ----------------------------------------------------------------------------------------------- # Access Restrictions: Keep web users out of dirs that begin with a period # ----------------------------------------------------------------------------------------------- RewriteRule "(^|/)\." - [F] # ----------------------------------------------------------------------------------------------- # OPTIONAL: Redirect users to the 'www.' version of the site (uncomment to enable). # For example: http://processwire.com/ would be redirected to http://www.processwire.com/ # ----------------------------------------------------------------------------------------------- RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301] # ----------------------------------------------------------------------------------------------- # OPTIONAL: Send URLs with non name-format characters to 404 page # Remove this section if it interferes with URLs of any other software you may be running. # ----------------------------------------------------------------------------------------------- RewriteCond %{REQUEST_URI} "[^-_.a-zA-Z0-9/~]" RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule ^(.*)$ index.php?it=/http404/ [L,QSA] # ----------------------------------------------------------------------------------------------- # Access Restrictions: Protect ProcessWire system files # ----------------------------------------------------------------------------------------------- # Allow screenshot files (for install.php only: this 1 line below may be removed after install) RewriteCond %{REQUEST_URI} !(^|/)site-[^/]+/install/[^/]+\.(jpg|jpeg|png|gif)$ # Block access to any htaccess files RewriteCond %{REQUEST_URI} (^|/)\.htaccess$ [NC,OR] # Block access to protected assets directories RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) [OR] # Block acceess to the /site/install/ directory RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/install($|/.*$) [OR] # Block dirs in /site/assets/ dirs that start with a hyphen RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets.*/-.+/.* [OR] # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php RewriteCond %{REQUEST_URI} (^|/)(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ [OR] # Block access to any PHP-based files in /templates-admin/ RewriteCond %{REQUEST_URI} (^|/)(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ [OR] # Block access to any PHP or markup files in /site/templates/ RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ [OR] # Block access to any PHP files in /site/assets/ RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/assets($|/|/.*\.php)$ [OR] # Block access to any PHP files in core or core module directories RewriteCond %{REQUEST_URI} (^|/)wire/(core|modules)/.*\.(php|inc|tpl|module|info\.json)$ [OR] # Block access to any PHP files in /site/modules/ RewriteCond %{REQUEST_URI} (^|/)(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module|info\.json)$ [OR] # Block access to any software identifying txt files RewriteCond %{REQUEST_URI} (^|/)(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md|textile)$ [OR] # Block all http access to the default/uninstalled site-default directory RewriteCond %{REQUEST_URI} (^|/)site-default/ # If any conditions above match, isssue a 403 forbidden RewriteRule ^.*$ - [F,L] # ----------------------------------------------------------------------------------------------- # Ensure that the URL follows the name-format specification required by ProcessWire # ----------------------------------------------------------------------------------------------- RewriteCond %{REQUEST_URI} "^/~?[-_.a-zA-Z0-9/]*$" # PROCACHE xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx RewriteCond %{REQUEST_METHOD} !=POST RewriteCond %{QUERY_STRING} !.*=.* RewriteCond %{HTTP_COOKIE} !^.*(wire_challenge).*$ RewriteCond %{DOCUMENT_ROOT}/site/assets/ProCache-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/$1/index.html -f RewriteRule ^(.*) %{DOCUMENT_ROOT}/site/assets/ProCache-xxxxxxxxxxxxxxxxxxxxxxxxxx/$1/index.html [L] # /PROCACHE RewriteCond %{REQUEST_URI} "^/~?[-_.a-zA-Z0-9/]*$" # ----------------------------------------------------------------------------------------------- # If the request is for a file or directory that physically exists on the server, # then don't give control to ProcessWire, and instead load the file # ----------------------------------------------------------------------------------------------- RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !(favicon\.ico|robots\.txt) # ----------------------------------------------------------------------------------------------- # OPTIONAL: Prevent ProcessWire from attempting to serve images or anything in /site/assets/. # Both of these lines are optional, but can help to reduce server load. However, they # are not compatible with the $config->pagefileSecure option (if enabled) and they # may produce an Apache 404 rather than your regular 404. You may uncomment the two lines # below if you don't need to use the $config->pagefileSecure option. # ----------------------------------------------------------------------------------------------- # RewriteCond %{REQUEST_FILENAME} !\.(jpg|jpeg|gif|png|ico)$ [NC] # RewriteCond %{REQUEST_FILENAME} !(^|/)site/assets/ # ----------------------------------------------------------------------------------------------- # Pass control to ProcessWire if all the above directives allow us to this point. # For regular VirtualHosts (most installs) # ----------------------------------------------------------------------------------------------- RewriteRule ^(.*)$ index.php?it=$1 [L,QSA] # ----------------------------------------------------------------------------------------------- # 500 NOTE: If using VirtualDocumentRoot: comment out the one above and use this one instead. # ----------------------------------------------------------------------------------------------- # RewriteRule ^(.*)$ /index.php?it=$1 [L,QSA] </IfModule> ################################################################################################# # END PROCESSWIRE HTACCESS DIRECTIVES ################################################################################################# Help much appreciated, if someone has a checklist for porting http to https that would be great!

@Macrura Here's what's above the PW directives in my .htaccess. Notice that I'm pointing explicitly to a 403 html file, right below the 6G directives: ErrorDocument 403 /403.html Start of .htaccess: # 6G FIREWALL/BLACKLIST # @ https://perishablepress.com/6g/ # 6G:[QUERY STRINGS] <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{QUERY_STRING} (eval\() [NC,OR] RewriteCond %{QUERY_STRING} (127\.0\.0\.1) [NC,OR] RewriteCond %{QUERY_STRING} ([a-z0-9]{2000}) [NC,OR] RewriteCond %{QUERY_STRING} (javascript:)(.*)(;) [NC,OR] RewriteCond %{QUERY_STRING} (base64_encode)(.*)(\() [NC,OR] RewriteCond %{QUERY_STRING} (GLOBALS|REQUEST)(=|\[|%) [NC,OR] RewriteCond %{QUERY_STRING} (<|%3C)(.*)script(.*)(>|%3) [NC,OR] RewriteCond %{QUERY_STRING} (\\|\.\.\.|\.\./|~|`|<|>|\|) [NC,OR] RewriteCond %{QUERY_STRING} (boot\.ini|etc/passwd|self/environ) [NC,OR] RewriteCond %{QUERY_STRING} (thumbs?(_editor|open)?|tim(thumb)?)\.php [NC,OR] RewriteCond %{QUERY_STRING} (\'|\")(.*)(drop|insert|md5|select|union) [NC] RewriteRule .* - [F] </IfModule> # 6G:[REQUEST METHOD] <IfModule mod_rewrite.c> RewriteCond %{REQUEST_METHOD} ^(connect|debug|delete|move|put|trace|track) [NC] RewriteRule .* - [F] </IfModule> # 6G:[REFERRERS] <IfModule mod_rewrite.c> RewriteCond %{HTTP_REFERER} ([a-z0-9]{2000}) [NC,OR] RewriteCond %{HTTP_REFERER} (semalt.com|todaperfeita) [NC] RewriteRule .* - [F] </IfModule> # 6G:[REQUEST STRINGS] <IfModule mod_alias.c> RedirectMatch 403 (?i)(wp-admin|wp-content|wp-login) RedirectMatch 403 (?i)([a-z0-9]{2000}) RedirectMatch 403 (?i)(https?|ftp|php):/ RedirectMatch 403 (?i)(base64_encode)(.*)(\() RedirectMatch 403 (?i)(=\\\'|=\\%27|/\\\'/?)\. RedirectMatch 403 (?i)/(\$(\&)?|\*|\"|\.|,|&|&amp;?)/?$ RedirectMatch 403 (?i)(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\") RedirectMatch 403 (?i)(~|`|<|>|:|;|,|%|\\|\s|\{|\}|\[|\]|\|) RedirectMatch 403 (?i)/(=|\$&|_mm|cgi-|etc/passwd|muieblack) RedirectMatch 403 (?i)(&pws=0|_vti_|\(null\)|\{\$itemURL\}|echo(.*)kae|etc/passwd|eval\(|self/environ) RedirectMatch 403 (?i)\.(aspx?|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rar|rdf)$ RedirectMatch 403 (?i)/(^$|(wp-)?config|mobiquo|phpinfo|shell|sqlpatch|thumb|thumb_editor|thumbopen|timthumb|webshell)\.php </IfModule> # 6G:[USER AGENTS] <IfModule mod_setenvif.c> SetEnvIfNoCase User-Agent ([a-z0-9]{2000}) bad_bot SetEnvIfNoCase User-Agent (archive.org|binlar|casper|checkpriv|choppy|clshttp|cmsworld|diavol|dotbot|extract|feedfinder|flicky|g00g1e|harvest|heritrix|httrack|kmccrew|loader|miner|nikto|nutch|planetwork|postrank|purebot|pycurl|python|seekerspider|siclab|skygrid|sqlmap|sucker|turnit|vikspider|winhttp|xxxyy|youda|zmeu|zune) bad_bot # Apache < 2.3 <IfModule !mod_authz_core.c> Order Allow,Deny Allow from all Deny from env=bad_bot </IfModule> # Apache >= 2.3 <IfModule mod_authz_core.c> <RequireAll> Require all Granted Require not env bad_bot </RequireAll> </IfModule> </IfModule> ErrorDocument 403 /403.html <FilesMatch "\.(js|css|html|htm|php|svg)$"> SetOutputFilter DEFLATE </FilesMatch> <ifModule mod_headers.c> Header set Connection keep-alive </ifModule> # ---------------------------------------------------------------------- # Expires headers (for better cache control) # ---------------------------------------------------------------------- <IfModule mod_expires.c> ExpiresActive on # Your document html ExpiresByType text/html "access plus 0 seconds" # Data ExpiresByType text/xml "access plus 0 seconds" ExpiresByType application/xml "access plus 0 seconds" ExpiresByType application/json "access plus 0 seconds" # Favicon (cannot be renamed) ExpiresByType image/x-icon "access plus 5 days" # Media: images, video, audio ExpiresByType image/gif "access plus 1 week" ExpiresByType image/png "access plus 1 week" ExpiresByType image/jpeg "access plus 1 week" ExpiresByType image/webp "access plus 1 week" ExpiresByType image/svg+xml "access plus 1 week" # HTC files (css3pie) ExpiresByType text/x-component "access plus 1 month" # Webfonts ExpiresByType application/x-font-ttf "access plus 1 month" ExpiresByType font/opentype "access plus 1 month" ExpiresByType application/x-font-woff "access plus 1 month" ExpiresByType application/vnd.ms-fontobject "access plus 1 month" # CSS and JavaScript ExpiresByType text/css "access plus 1 week" ExpiresByType application/x-javascript "access plus 1 week" </IfModule> ################################################################################################# # START PROCESSWIRE HTACCESS DIRECTIVES # @version 3.0 # @indexVersion 300 ################################################################################################# ....

Are you sure you got the right link here? @topic Browser detection on the server side is quite flawed, so try to not use it. But there are things you can do on the server, like detecting webp support and other things based on the request headers, which does help in terms of squeezing the last bits of performance out of your website, but it's a long way before these really matter.

It appears that this is now happening on another site as well. If I try to update a module, the browser navigates to admin/module/download/ and the home page is displayed. Request Header: POST /admin/module/download/ HTTP/1.1 Host: <redacted> Connection: keep-alive Content-Length: 103 Pragma: no-cache Cache-Control: no-cache Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: http://<redacted> User-Agent: Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2358.0 Safari/537.36 Content-Type: application/x-www-form-urlencoded DNT: 1 Referer: http://<redacted>/admin/module/?update=VersionControl Accept-Encoding: gzip, deflate Accept-Language: en-GB,en-US;q=0.8,en;q=0.6 Cookie: WireTabs=tab_new_modules; modules_section1=; modules_section2=; modules_section3=; modules_section4=; wire=3ddcf3e516910183700aed4d8dd7d5e8; wire_challenge=lKTmEV1SH83NgceBpBytCpSOUKuitA8Q Response Header: HTTP/1.1 404 Page Not Found Date: Wed, 24 Jun 2015 14:10:52 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache X-Frame-Options: SAMEORIGIN Vary: Accept-Encoding,User-Agent Content-Encoding: gzip X-XSS-Protection: 1; mode=block Content-Length: 1868 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 What could be causing this? It's really so unusual...

I'm getting reports from a client that PCs running IE8 & 10 on an internal network with ChromeFrame plugin installed won't stay logged in to a site that is set up with all the content behind a login form, i.e. on the front-end, not logging into the control panel. Disabling the plugin in the browser makes the problem go away. So does updating .htacess from <IfModule mod_headers.c> Header set X-UA-Compatible "IE=edge,chrome=1" <FilesMatch "\.(appcache|crx|css|eot|gif|htc|ico|jpe?g|js|m4a|m4v|manifest|mp4|oex|oga|ogg|ogv|otf|pdf|png|safariextz|svg|svgz|ttf|vcf|webm|webp|woff|xml|xpi)$"> Header unset X-UA-Compatible </FilesMatch> </IfModule> to <IfModule mod_headers.c> Header unset X-UA-Compatible </IfModule> This seems to have solved the issue but I thought it was worth mentioning here anyway.