adrian

Protected/Development/Maintenance Mode

Recommended Posts

This is a simple module to prevent guest users and search engines from accessing to your site. Primarily it is designed for use during site development.

Modules directory: http://modules.processwire.com/modules/protected-mode/

Github: https://github.com/adrianbj/ProtectedMode

  1. Install and check the "Protected Mode" checkbox
  2. Create a user with only the guest role and give the login details to your clients/testers. Of course existing admin users can use their personal logins still.
There are some similarities with Pete's excellent Maintenance Mode module, but the reason I built this, rather than using Maintenance Mode is:
  • I didn't want the "Maintenance Mode" badge showing up on the site since this is for development before a site has ever been live and I didn't want the client seeing that badge.
     
  • I didn't want users redirected to the PW login page because I didn't want visitors to see the PW login page. I know the module has the option to redirect to a custom page, which you could use to make a front-end login form, but that seemed more complex than I needed (and I think other PW devs might also need).
     
  • Because of the way this module replaces Page::render with the login form, visitors can be sent to any page on the site, and once they login that page will reload with its full content - no messing around finding the page again, and no need for sending page ids through the login process to redirect back.
     
  • This module also lets you configure the message that is displayed along with the login form, and also apply some css to style the login form.
 
Hope you guys find it useful.
  • Like 19

Share this post


Link to post
Share on other sites

Just a small update that adds some nice default styling to the login form. It populates the CSS field on install so you can still edit however you want, but gives a much nicer starting point :)

If you have the module already installed, you'll want to update, then uninstall and reinstall to populate the CSS field.

It now looks like this by default:

post-985-0-01585300-1412483106_thumb.png

  • Like 3

Share this post


Link to post
Share on other sites

Hi everyone,

I'd like to announce a complete overhaul of this module - problem is that I am not sure whether to release it as an update to this module, or perhaps as something completely new, perhaps called PageProtector.

UPDATE: The functionality described in this post is available as a separate module: PageProtector

This new version (not on github just yet) makes it very easy for site editors to set up various password protected areas on their site, or to simply protect a new page or section while they are still working on it.

 

New functionality

  • Ability for your site editors to control the user access to pages directly from Settings tab of each page
  • Includes whether to protect all children of this page or not
  • Optionally allows access to only specified roles
  • Ability to change the message on the login page to make it specific to this page
  • Option to have login form and prohibited message injected into a custom template
  • Access to the above "Protect this Page" settings panel is controlled by the "page-edit-protected" permission
  • Table in the module config settings that lists the details all of the protected pages
  • Shortcut to protect entire site with one click
What do you all think - replace the existing module, or release this functionality as a separate version?
 
Module Config Settings
post-985-0-25827500-1414466945_thumb.png
 
Page Protection Settings
post-985-0-82241700-1414467063_thumb.png
  • Like 13

Share this post


Link to post
Share on other sites

Please fill out the poll at the top of the page to help me decide on how to release this new functionality.

Thanks!

Share this post


Link to post
Share on other sites

This looks great Adrian, not sure about which option to check as haven't used the first module. This could definitely be a module in it's own right though. Could be really useful.

Share this post


Link to post
Share on other sites

Hi Adrian,

great idea. I will try this out on my new project.

Just curious:

Isn't there a need to also sanitize the password somehow (or is PW handling that?)

Like a max-length, trim whitespaces (for user convenience)

Share this post


Link to post
Share on other sites

ceberlin,

Just so you know, the new enhanced version (with page specific, editor managed control) is not released just yet - I am on vacation for the next two weeks, but I plan on releasing when I am back.

The login process is still handled by PW, so need to do any additional sanitizing/cleaning.

  • Like 1

Share this post


Link to post
Share on other sites

Hi everyone,

Finally made some time to get the new module live. It is called Page Protector and you can find out more about it here:

https://processwire.com/talk/topic/8387-page-protector/

Thanks to everyone who voted in the poll - based on the results, there will be two separate modules maintained: ProtectedMode and PageProtector.

PageProtector can do everything that ProtectedMode can, so if you have a need for the features of PageProtector on a site, then there is no need to use ProtectedMode during development.

  • Like 2

Share this post


Link to post
Share on other sites

Just been having a look at this as it seems to be something I'm after along the lines of this thread. One question though – currently if the page is protected all you see is the message/login boxes, no header, navigation, etc. Is it possible for the message/login boxes, etc to appear within the body section of an existing template? As in, it goes to a normal page but all the content is hidden and all that's there is the login boxes?

Share this post


Link to post
Share on other sites

Just been having a look at this as it seems to be something I'm after along the lines of this thread. One question though – currently if the page is protected all you see is the message/login boxes, no header, navigation, etc. Is it possible for the message/login boxes, etc to appear within the body section of an existing template? As in, it goes to a normal page but all the content is hidden and all that's there is the login boxes?

This module has intentionally been kept very simple, hence the login box appears on it's own. I actually prefer this for sites in development so that users can't see anything about the site until the protection has been disabled.

However, what you are looking for is available in the Page Protector module. Just use the Login Template option in the module config settings. If you have any questions about it, please continue this discussion over in that thread.

  • Like 2

Share this post


Link to post
Share on other sites

Hi,

I have a site online using the protected mode module which was working very well.

Only now that I have added a second page the proteced mode is having problems.

When I login in protected mode the home page shows up like usual.

I can navigate to the second page but when I then want to return to the home page,

I have to relogin. I login again and then the same situation happens again.

Is this normal behaviour ? I checked if I have overlooked any special settings in the

configuration of the module but haven't seen anything.

Edit:

On a local server everything works fine. Haven't figured out yet how this problem is related with the online host.

Edited by pwired
PWired, merged your thread here. This is the module's support forum :-)

Share this post


Link to post
Share on other sites

Hi,

I have a site online using the protected mode module which was working very well.

Only now that I have added a second page the proteced mode is having problems.

When I login in protected mode the home page shows up like usual.

I can navigate to the second page but when I then want to return to the home page,

I have to relogin. I login again and then the same situation happens again.

Is this normal behaviour ? I checked if I have overlooked any special settings in the

configuration of the module but haven't seen anything.

Edit:

On a local server everything works fine. Haven't figured out yet how this problem is related with the online host.

I haven't come across this - I wonder if it's the fingerprint config setting - try setting that to false and see how it goes.

Share this post


Link to post
Share on other sites

Ok found it :)

I forgot to retain the User Authentication Salt when I moved the site

from local server to online server.

All good now.

  • Like 1

Share this post


Link to post
Share on other sites

Hi

I am using the ProtectedMode module version 0.0.9 but when a client logs in he can only see the homepage. The site has a top navigation bar for many pages but to see other pages the client has to each time relogin through the ProtectedMode login window. I added him to the list of users with a guest role. The same happens when I login as a superuser. I didn't see any settings in the ProtectedMode module to let a client only see the home page or all pages, also I don't see the two parts:

a) Protected Pages and b) Protect Entire Site like here in these settings:

https://processwire.com/talk/topic/7723-protecteddevelopment-mode/#entry78233

Disabling session challenge and fingerprinting does not make a difference.

Any idea ?

Share this post


Link to post
Share on other sites

Ok I understand I have to use the ProtectedPage module in order to see those configurations. I still wonder though why with the ProtectedMode module only the homepage is viewable. Maybe something on the host.

Share this post


Link to post
Share on other sites

Ok I understand I have to use the ProtectedPage module in order to see those configurations. I still wonder though why with the ProtectedMode module only the homepage is viewable. Maybe something on the host.

Are you sure you only have Protected Mode installed? I wouldn't be surprised if there were some issues if you have both modules installed.

Share this post


Link to post
Share on other sites

Hello Adrian,

I hope you are doing well!

Does "Protected Mode", or "Page Protector", have the ability to put an entire website in "maintenance mode" for an undetermined time (eventually with a customizable message), but without affecting SEO?
With a 503 status code and perhaps in combination with a particular HTTP header (Retry-After).

A nonprofit association committee has just asked me to put its website in maintenance mode (like have done other committees) because their federation has a legal problem, surely with a committee that leaved it some time ago.

Have a nice day!

Share this post


Link to post
Share on other sites

@Christophe, once I have hacked a module (in an early version) of adrian to add exactly what you are looking for.

GET  http://fua.pw.nogajski.de/ [HTTP/1.1 503 Service Temporarily Unavailable 187ms]

Date: Thu, 13 Oct 2016 20:14:54 GMT
Retry-After: Sat, 22 Oct 2016 11:22:00 GMT

protected-mode-with-SEO-503-header.jpg

So, if you like, I can upload it here as is, in a zip. Maybe, @adrian gets inspired and can add this into the current dev of his module as a maintenance feature, additonally to the site protect feature!?

very old, hacked version of protect with maintenance.zip

 

Edited by horst
added zip
  • Like 5

Share this post


Link to post
Share on other sites

Hey @horst - I am happy to add that functionality to this module, but I guess I thought it belong more in Pete's module, but if you guys would rather see it here, that's fine with me.

Do you feel like sending me a PR? Otherwise if you post the zip, I can grab the relevant bits and incorporate.

  • Like 3

Share this post


Link to post
Share on other sites

updated my post above with the zip. It is an early version that I set to 777, to avoid overwriting with updates of the original module. I also must have one version somewhere in use, where the estimated end date is reflected in the user readable message at the login screen too.

 

  • Like 1

Share this post


Link to post
Share on other sites
44 minutes ago, adrian said:

I guess I thought it belong more in Pete's module, but if you guys would rather see it here, that's fine with me.

I think, sending a 503 and "retry after" should be done everytime if the whole site is closed / protected, regardless if you call it protect mode or maintenance mode. This is important for SEO.

I think both of the modules, yours and Petes, should do that by default, when the whole site is not accessible for SearchEngines. (just my 2cents) :)

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By BitPoet
      MediaLibrary
      Update: MediaLibrary can now be found in the official module list.
      Out of necessity, I've started to implement a simple media library module.
      The basic mechanism is that it adds a MediaLibrary template with file and image fields. Pages of this type can be added anywhere in the page tree.
      The link and image pickers in CKEditor are extended to allow quick selection of library pages from dropdowns. In the link picker this happens in the MediaLibrary tab, where you can also see a preview of the selected image. In the image picker, simply select a library from the dropdown at the top, everything else is handled by standard functionality.
      I've put the code onto github. This module is compatible with ProcessWire 3.
      Steps to usage:
      Download the module's zip from github (switch to the pw3 branche beforehand if you want to test on PW 3.x) and unpack it into site/modules Click "Modules" -> "Refresh" in the admin Click "Install" for MediaLibrary For testing, create a page with the MediaLibrary template under home (give it an expressive title like 'Global Media') and add some images and files Edit a differnt page with a CKEditor field and add a link and an image to see the MediaLibrary features in action (see the screencap for details) Optionally, go into the module settings for MediaLibrary Note: this module is far from being as elaborate as Kongondo's Media Manager (and doesn't plan to be). If you need a feature-rich solution for integrated media management, give it a look.
      Feel free to change the settings for MediaFiles and MediaImages fields, just keep the type as multiple.
      There are some not-so-pretty hacks for creating and inserting the correct markup, which could probably be changed to use standard input fields, though I'm a bit at a loss right now how to get it to work. I've also still got to take a look at error handling before I can call it fit for production. All feedback and pointers are appreciated (that's also why I post this in the development section).

      Edit 09.03.2016 / version 0.0.4: there's now also a "Media" admin page with a shortcut to quickly add a new library.

      Edit 01.05.2016:
      Version 0.0.8:
      - The module now supports nested media libraries (all descendants of eligible media libraries are also selectable in link/image picker).
      - There's a MediaLibrary::getPageMediaLibraries method you can hook after to modify the array of available libraries.
      - You can switch between (default) select dropdowns or radio boxes in the module configuration of MediaLIbrary to choose libraries.
      Edit 10.10.2018:
      Version 0.1.3:
      - Dropped compatibility for ProcessWire legacy versions by adding namespaces
      - Allow deletion of libraries from the Media overview admin page
      - Added an option to hide media libraries from the page tree (optionally also for superusers)
    • By Robin S
      This module corrects a few things that I find awkward about the "Add New Template" workflow in the PW admin. I opened a wishlist topic a while back because it would good to resolve some of these things in the core, but this module is a stopgap for now.
      Originally I was going to share these as a few standalone hooks, but decided to bundle them together in a configurable module instead.
      Add Template Enhancements
      A module for ProcessWire CMS/CMF. Adds some efficiency enhancements when adding or cloning templates via admin.

      Features
      Derive label from name when new template added: if you like to give each of your templates a label then this feature can save some time. The label can be added automatically when templates are added in admin, in admin/API, or not at all. There are options for underscore/hyphen replacement and capitalisation of the label. Edit template after add: when adding only a single template, the template is automatically opened for editing after it is added. Copy field contexts when cloning: this copies the field contexts (a.k.a. overrides such as column width, label and description) from the source template to the new template when using the "Duplicate/clone this template?" feature on the Advanced tab. Copy field contexts when duplicating fields: this copies the field contexts if you select the "Duplicate fields used by another template" option when adding a new template. Usage
      Install the Add Template Enhancements module.
      Configure the module settings according to what suits you.
       
      https://github.com/Toutouwai/AddTemplateEnhancements
      https://modules.processwire.com/modules/add-template-enhancements/
    • By Mike Rockett
      As I mentioned in this issue, I've create a new textformatter for ParsedownExtraPlugin, which adds some oomph to your markdown.
      Repo: Parsedown Extra Plugin
      Unlike the built-in textformatter for Parsedown and Parsedown Extra, this should be used when you want to use Extra with additional configuration/customisation.
      Some examples:
      ### Test {.heading} - A [external link](https://google.com/){.google} with `google` as a class that opens in a new tab if the config property is set. - [Another link](/page){target=_blank} that opens in a new tab even though it isn't external. ```html .html <p>Test</p> ``` There's some config options available to you, such as setting attributes on all/external images and links, setting table and table-cell alignment classes, adjusting footnote classes and IDs, adding <code> attributes to their parent <pre> elements, and changing the <code> class if your syntax highlighter does not use language-*.
      I was thinking about adding the ability to make links open in a new tab by appending a plus to the link syntax, but only external links should be opening in a new tab anyway. Further, this would add extra, unnecessary processing time.
      Please let me know if you bump into any problems. ☺️
    • By Mike Rockett
      TextformatterTypographer (0.4.0 Beta)
      A ProcessWire wrapper for the awesome PHP Typography class, originally authored by KINGdesk LLC and enhanced by Peter Putzer in wp-Typography. Like Smartypants, it supercharges text fields with enhanced typography and typesetting, such as smart quotations, hyphenation in 59 languages, ellipses, copyright-, trade-, and service-marks, math symbols, and more.
      Learn more on my blog
      It's based on the PHP-Typography library found over at wp-Typography, which is more frequently updated and feature rich that its original by KINGdesk LLC.
      The module itself is fully configurable. I haven't done extensive testing, but there is nothing complex about this, and so I only envisage a typographical bug here and there, if any.
      Please do test it out and let me know what you think.
      Also note that I have indicated support for PW 2.8, but I haven't tested there as yet. This was built on PW 3.0.42/62.
    • By Mike Rockett
      Jumplinks for ProcessWire
      Release: 1.5.50
      Jumplinks is an enhanced version of the original ProcessRedirects by Antti Peisa.
      The Process module manages your permanent and temporary redirects (we'll call these "jumplinks" from now on, unless in reference to redirects from another module), useful for when you're migrating over to ProcessWire from another system/platform. Each jumplink supports wildcards, shortening the time needed to create them.
      Unlike similar modules for other platforms, wildcards in Jumplinks are much easier to work with, as Regular Expressions are not fully exposed. Instead, parameters wrapped in curly braces are used - these are described in the documentation.
      Under Development: 2.0, to be powered by FastRoute
      As of version 1.5.0, Jumplinks requires at least ProcessWire 2.6.1 to run.
      View on GitLab
      Download via the Modules Directory
      Read the docs
      Features
      The most prominent features include:
      Basic jumplinks (from one fixed route to another) Parameter-based wildcards with "Smart" equivalents Mapping Collections (for converting ID-based routes to their named-equivalents without the need to create multiple jumplinks) Destination Selectors (for finding and redirecting to pages containing legacy location information) Timed Activation (activate and/or deactivate jumplinks at specific times) 404-Monitor (for creating jumplinks based on 404 hits) Additionally, the following features may come in handy:
      Stale jumplink management Legacy domain support for slow migrations An importer (from CSV or ProcessRedirects) Feedback & Feature Requests
      I’d love to know what you think of this module. Please provide some feedback on the module as a whole, or even regarding smaller things that make it whole. Also, please feel free to submit feature requests and their use-cases.
      Note: Features requested so far have been added to the to-do list, and will be added to 2.0, and not the current dev/master branches.
      Open Source

      Jumplinks is an open-source project, and is free to use. In fact, Jumplinks will always be open-source, and will always remain free to use. Forever. If you would like to support the development of Jumplinks, please consider making a small donation via PayPal.
      Enjoy!