isit.pw does not detect processwire

[clsource]

http://isit.pw/?url=www.processwire.com

Oddly tells is not using processwire

[cstevensjr]

You have already brought this up in the following post:

https://processwire.com/talk/topic/11629-developing-barbaracolcom/#entry109521

Where I commented"

I have a few internal ProcessWire websites that have the Protected Mode module and they also show as not being ProcessWire.

Maybe someone needs to look at the code that determines whether it's ProcessWire or not.  There have been many changes in the ProcessWire code or third party modules. I am not an expert on how the website code makes the ProcessWire determination.  I believe that no code is absolutely fool-proof, so there is always the chance that this code will give a false reading.

 

At least cross-reference this post in that one.  Thanks.

Edited December 28, 2015 by cstevensjr
Changed Protect Module to Protected Mode Module

[clsource]

You have already brought this up in the following post:

https://processwire.com/talk/topic/11629-developing-barbaracolcom/#entry109521

Where I commented"

At least cross-reference this post in that one.  Thanks.

Thanks,

yes I think this is related to the processwire version running the site.

I do not use any protect module in the sites I developed, but only recent versions of pw.

maybe isit.pw should be updated to the current pw versions

[cstevensjr]

I don't believe the ProcessWire version is the cause.  All of my internal systems are running current (at least 2.7.2 versions of ProcessWire).  There are in deed unknown factors that are causing this problem and now that you have identified a problem, it can be researched and fixed.

[kongondo]

Drop the www and use https://, http:// or none of these

Edited December 28, 2015 by kongondo

[teppo]

http://isit.pw/?url=www.processwire.com

Oddly tells is not using processwire

What's even more odd is that this link gives me "yup". Either I'm doing something wrong here, or there was some kind of temporary glitch in connections or whatnot. 

[cstevensjr]

I finally figured out why the websites with the Protected Mode module (yes I didn't use the correct module name earlier) are not showing up ---- a look at the view source shows the following for my internal website odmc.sdtool.info:

                <!DOCTYPE html>
                    <head>
                        <meta charset='utf-8' />
                        <style>
                            .container {
    margin: 360px;
}

legend {
    font-family: Arial, Helvetica, sans-serif;
    display: block;
    width: 100%;
    margin-bottom: 1rem;
    color: #6F6F6F;
}

button {
    font-family: Arial, Helvetica, sans-serif;
    font-size: 100%;
    padding: 0.5em 1em;
    background-color: #006DD3;
    color:#fff;
    text-decoration: none;
    border: 0 rgba(0,0,0,0);
    border-radius: 2px;
}
button:hover,
button:focus {
    background-color: #007DD2;
}
button:focus {
    outline: 0;
}

input[type='text'],
input[type='password'] {
    font-size: 100%;
    padding: 0.5rem;
    display: inline-block;
    border: 1px solid #ccc;
    box-shadow: inset 0 1px 3px #ddd;
    border-radius: 4px;
    -webkit-box-sizing: border-box;
    -moz-box-sizing: border-box;
    box-sizing: border-box;
}
                        </style>
                    </head>
                    <body>
                        <div class='protected-mode-container'>
                            <form class='protectedModeForm' action='./' method='post'>
                                    <legend><h1>PLEASE LOG IN</H1></legend>
                                    <input type='text' name='username' placeholder='Username'>
                                    <input type='password' name='pass' placeholder='Password'>
                                    <button type='submit' name='login'>Login</button>
                            </form>
                        </div>
                    </body>
                </html>
                

[teppo]

Not much to go by there. Checking your site out did bring one new method to mind, though, so perhaps I'll be able to catch even these cases soon..

Probably need to make the rules visible on the isit.pw site too, so that people can actually prevent detection if they so choose.

[clsource]

Why using www makes a difference?

http://isit.pw/?url=www.barbaracol.com

Nope

http://isit.pw/?url=barbaracol.com

Yup

xd

[justb3a]

Why using www makes a difference?

http://isit.pw/?url=www.barbaracol.com

Nope

http://isit.pw/?url=barbaracol.com

Yup

For a site with `https` it doesn't make a difference:

• http://isit.pw/?url=kf-interactive.com - Yup
• http://isit.pw/?url=www.kf-interactive.com - Yup
• http://isit.pw/?url=http://www.kf-interactive.com - Yup
• http://isit.pw/?url=https://www.kf-interactive.com - Yup

But for a site without `https` it does make a difference:

• http://isit.pw/?url=www.schau-platz-wittenberg.de - Yup
• http://isit.pw/?url=schau-platz-wittenberg.de - Nope

[adrian]

I finally figured out why the websites with the Protected Mode module (yes I didn't use the correct module name earlier) are not showing up ---- a look at the view source shows the following for my internal website odmc.sdtool.info:

                <!DOCTYPE html>
                    <head>
                        <meta charset='utf-8' />
                        <style>
                            .container {
    margin: 360px;
}

legend {
    font-family: Arial, Helvetica, sans-serif;
    display: block;
    width: 100%;
    margin-bottom: 1rem;
    color: #6F6F6F;
}

button {
    font-family: Arial, Helvetica, sans-serif;
    font-size: 100%;
    padding: 0.5em 1em;
    background-color: #006DD3;
    color:#fff;
    text-decoration: none;
    border: 0 rgba(0,0,0,0);
    border-radius: 2px;
}
button:hover,
button:focus {
    background-color: #007DD2;
}
button:focus {
    outline: 0;
}

input[type='text'],
input[type='password'] {
    font-size: 100%;
    padding: 0.5rem;
    display: inline-block;
    border: 1px solid #ccc;
    box-shadow: inset 0 1px 3px #ddd;
    border-radius: 4px;
    -webkit-box-sizing: border-box;
    -moz-box-sizing: border-box;
    box-sizing: border-box;
}
                        </style>
                    </head>
                    <body>
                        <div class='protected-mode-container'>
                            <form class='protectedModeForm' action='./' method='post'>
                                    <legend><h1>PLEASE LOG IN</H1></legend>
                                    <input type='text' name='username' placeholder='Username'>
                                    <input type='password' name='pass' placeholder='Password'>
                                    <button type='submit' name='login'>Login</button>
                            </form>
                        </div>
                    </body>
                </html>
                

Hi Charles,

That is the expected output from the ProtectedMode module.

I don't know all the inner workings of isit.pw, but I doubt it will be able to detect a ProtectedMode site. I have actually considered this as a desirable thing given that I  usually only use protected mode during development. 

This is OT, but if you are wanting to protect your site long term, but PageProtector might be better as it provides the option of using your own custom template and embedding the login form within your site's html template. This may or may not help isit.pw to detect the site correctly depending on what is in your template. 

I also wonder how much testing of PW's "it" GET variable is used by isit.pw in which case PageProtector may be no better, although I am not totally sure.