Jump to content
adrian

Protected/Development/Maintenance Mode

Recommended Posts

This is a simple module to prevent guest users and search engines from accessing to your site. Primarily it is designed for use during site development.

Modules directory: http://modules.processwire.com/modules/protected-mode/

Github: https://github.com/adrianbj/ProtectedMode

  1. Install and check the "Protected Mode" checkbox
  2. Create a user with only the guest role and give the login details to your clients/testers. Of course existing admin users can use their personal logins still.
There are some similarities with Pete's excellent Maintenance Mode module, but the reason I built this, rather than using Maintenance Mode is:
  • I didn't want the "Maintenance Mode" badge showing up on the site since this is for development before a site has ever been live and I didn't want the client seeing that badge.
     
  • I didn't want users redirected to the PW login page because I didn't want visitors to see the PW login page. I know the module has the option to redirect to a custom page, which you could use to make a front-end login form, but that seemed more complex than I needed (and I think other PW devs might also need).
     
  • Because of the way this module replaces Page::render with the login form, visitors can be sent to any page on the site, and once they login that page will reload with its full content - no messing around finding the page again, and no need for sending page ids through the login process to redirect back.
     
  • This module also lets you configure the message that is displayed along with the login form, and also apply some css to style the login form.
 
Hope you guys find it useful.
  • Like 20

Share this post


Link to post
Share on other sites

Just a small update that adds some nice default styling to the login form. It populates the CSS field on install so you can still edit however you want, but gives a much nicer starting point :)

If you have the module already installed, you'll want to update, then uninstall and reinstall to populate the CSS field.

It now looks like this by default:

post-985-0-01585300-1412483106_thumb.png

  • Like 3

Share this post


Link to post
Share on other sites

Hi everyone,

I'd like to announce a complete overhaul of this module - problem is that I am not sure whether to release it as an update to this module, or perhaps as something completely new, perhaps called PageProtector.

UPDATE: The functionality described in this post is available as a separate module: PageProtector

This new version (not on github just yet) makes it very easy for site editors to set up various password protected areas on their site, or to simply protect a new page or section while they are still working on it.

 

New functionality

  • Ability for your site editors to control the user access to pages directly from Settings tab of each page
  • Includes whether to protect all children of this page or not
  • Optionally allows access to only specified roles
  • Ability to change the message on the login page to make it specific to this page
  • Option to have login form and prohibited message injected into a custom template
  • Access to the above "Protect this Page" settings panel is controlled by the "page-edit-protected" permission
  • Table in the module config settings that lists the details all of the protected pages
  • Shortcut to protect entire site with one click
What do you all think - replace the existing module, or release this functionality as a separate version?
 
Module Config Settings
post-985-0-25827500-1414466945_thumb.png
 
Page Protection Settings
post-985-0-82241700-1414467063_thumb.png
  • Like 13

Share this post


Link to post
Share on other sites

Please fill out the poll at the top of the page to help me decide on how to release this new functionality.

Thanks!

Share this post


Link to post
Share on other sites

This looks great Adrian, not sure about which option to check as haven't used the first module. This could definitely be a module in it's own right though. Could be really useful.

Share this post


Link to post
Share on other sites

Hi Adrian,

great idea. I will try this out on my new project.

Just curious:

Isn't there a need to also sanitize the password somehow (or is PW handling that?)

Like a max-length, trim whitespaces (for user convenience)

Share this post


Link to post
Share on other sites

ceberlin,

Just so you know, the new enhanced version (with page specific, editor managed control) is not released just yet - I am on vacation for the next two weeks, but I plan on releasing when I am back.

The login process is still handled by PW, so need to do any additional sanitizing/cleaning.

  • Like 1

Share this post


Link to post
Share on other sites

Hi everyone,

Finally made some time to get the new module live. It is called Page Protector and you can find out more about it here:

https://processwire.com/talk/topic/8387-page-protector/

Thanks to everyone who voted in the poll - based on the results, there will be two separate modules maintained: ProtectedMode and PageProtector.

PageProtector can do everything that ProtectedMode can, so if you have a need for the features of PageProtector on a site, then there is no need to use ProtectedMode during development.

  • Like 2

Share this post


Link to post
Share on other sites

Just been having a look at this as it seems to be something I'm after along the lines of this thread. One question though – currently if the page is protected all you see is the message/login boxes, no header, navigation, etc. Is it possible for the message/login boxes, etc to appear within the body section of an existing template? As in, it goes to a normal page but all the content is hidden and all that's there is the login boxes?

Share this post


Link to post
Share on other sites

Just been having a look at this as it seems to be something I'm after along the lines of this thread. One question though – currently if the page is protected all you see is the message/login boxes, no header, navigation, etc. Is it possible for the message/login boxes, etc to appear within the body section of an existing template? As in, it goes to a normal page but all the content is hidden and all that's there is the login boxes?

This module has intentionally been kept very simple, hence the login box appears on it's own. I actually prefer this for sites in development so that users can't see anything about the site until the protection has been disabled.

However, what you are looking for is available in the Page Protector module. Just use the Login Template option in the module config settings. If you have any questions about it, please continue this discussion over in that thread.

  • Like 2

Share this post


Link to post
Share on other sites

Hi,

I have a site online using the protected mode module which was working very well.

Only now that I have added a second page the proteced mode is having problems.

When I login in protected mode the home page shows up like usual.

I can navigate to the second page but when I then want to return to the home page,

I have to relogin. I login again and then the same situation happens again.

Is this normal behaviour ? I checked if I have overlooked any special settings in the

configuration of the module but haven't seen anything.

Edit:

On a local server everything works fine. Haven't figured out yet how this problem is related with the online host.

Edited by pwired
PWired, merged your thread here. This is the module's support forum :-)

Share this post


Link to post
Share on other sites

Hi,

I have a site online using the protected mode module which was working very well.

Only now that I have added a second page the proteced mode is having problems.

When I login in protected mode the home page shows up like usual.

I can navigate to the second page but when I then want to return to the home page,

I have to relogin. I login again and then the same situation happens again.

Is this normal behaviour ? I checked if I have overlooked any special settings in the

configuration of the module but haven't seen anything.

Edit:

On a local server everything works fine. Haven't figured out yet how this problem is related with the online host.

I haven't come across this - I wonder if it's the fingerprint config setting - try setting that to false and see how it goes.

Share this post


Link to post
Share on other sites

Ok found it :)

I forgot to retain the User Authentication Salt when I moved the site

from local server to online server.

All good now.

  • Like 1

Share this post


Link to post
Share on other sites

Hi

I am using the ProtectedMode module version 0.0.9 but when a client logs in he can only see the homepage. The site has a top navigation bar for many pages but to see other pages the client has to each time relogin through the ProtectedMode login window. I added him to the list of users with a guest role. The same happens when I login as a superuser. I didn't see any settings in the ProtectedMode module to let a client only see the home page or all pages, also I don't see the two parts:

a) Protected Pages and b) Protect Entire Site like here in these settings:

https://processwire.com/talk/topic/7723-protecteddevelopment-mode/#entry78233

Disabling session challenge and fingerprinting does not make a difference.

Any idea ?

Share this post


Link to post
Share on other sites

Ok I understand I have to use the ProtectedPage module in order to see those configurations. I still wonder though why with the ProtectedMode module only the homepage is viewable. Maybe something on the host.

Share this post


Link to post
Share on other sites

Ok I understand I have to use the ProtectedPage module in order to see those configurations. I still wonder though why with the ProtectedMode module only the homepage is viewable. Maybe something on the host.

Are you sure you only have Protected Mode installed? I wouldn't be surprised if there were some issues if you have both modules installed.

Share this post


Link to post
Share on other sites

Hello Adrian,

I hope you are doing well!

Does "Protected Mode", or "Page Protector", have the ability to put an entire website in "maintenance mode" for an undetermined time (eventually with a customizable message), but without affecting SEO?
With a 503 status code and perhaps in combination with a particular HTTP header (Retry-After).

A nonprofit association committee has just asked me to put its website in maintenance mode (like have done other committees) because their federation has a legal problem, surely with a committee that leaved it some time ago.

Have a nice day!

Share this post


Link to post
Share on other sites

@Christophe, once I have hacked a module (in an early version) of adrian to add exactly what you are looking for.

GET  http://fua.pw.nogajski.de/ [HTTP/1.1 503 Service Temporarily Unavailable 187ms]

Date: Thu, 13 Oct 2016 20:14:54 GMT
Retry-After: Sat, 22 Oct 2016 11:22:00 GMT

protected-mode-with-SEO-503-header.jpg

So, if you like, I can upload it here as is, in a zip. Maybe, @adrian gets inspired and can add this into the current dev of his module as a maintenance feature, additonally to the site protect feature!?

very old, hacked version of protect with maintenance.zip

 

Edited by horst
added zip
  • Like 5

Share this post


Link to post
Share on other sites

Hey @horst - I am happy to add that functionality to this module, but I guess I thought it belong more in Pete's module, but if you guys would rather see it here, that's fine with me.

Do you feel like sending me a PR? Otherwise if you post the zip, I can grab the relevant bits and incorporate.

  • Like 3

Share this post


Link to post
Share on other sites

updated my post above with the zip. It is an early version that I set to 777, to avoid overwriting with updates of the original module. I also must have one version somewhere in use, where the estimated end date is reflected in the user readable message at the login screen too.

 

  • Like 1

Share this post


Link to post
Share on other sites
44 minutes ago, adrian said:

I guess I thought it belong more in Pete's module, but if you guys would rather see it here, that's fine with me.

I think, sending a 503 and "retry after" should be done everytime if the whole site is closed / protected, regardless if you call it protect mode or maintenance mode. This is important for SEO.

I think both of the modules, yours and Petes, should do that by default, when the whole site is not accessible for SearchEngines. (just my 2cents) :)

  • Like 2

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By Robin S
      This module is sort of an upgrade to my earlier ImageToMarkdown module, and might be useful to anyone working with Markdown in ProcessWire.
      Copy Markdown
      Adds icons to images and files that allow you to copy a Markdown string to the clipboard. When you click the icon a message at the top left of the screen notifies you that the copying has occurred.
      Screencast

      Note: in the screencast an EasyMDE inputfield is used to preview the Markdown. It's not required to use EasyMDE - an ordinary textarea field could be used.
      Usage: Images
      When you hover on an item in an Images field an asterisk icon appears on the thumbnail. Click the icon to copy an image Markdown string to clipboard. If the "Description" field is populated it is used as the alt text.
      You can also open the "Variations" modal for an image and click the asterisk icon to copy an image Markdown string for an individual variation.
      Usage: Files
      When you hover on an item in a Files field an asterisk icon appears next to the filename. Click the icon to copy a link Markdown string to the clipboard. If the "Description" field is populated it is used as the link text, otherwise the filename is used.
       
      https://github.com/Toutouwai/CopyMarkdown
      https://processwire.com/modules/copy-markdown/
    • By Cybermano
      Food Allergens Module
      A simple List of Food Allergens
      My needs were to provide a simple list of food allergens for our clients with restaurant related activity.
      The idea was to simply output the list (to speed up the data entry) without leaving the food menu editing, eg. opening another page in new tab or window.
      This isn't a perfect solution, but it works fine for my needs and I decided to share the base idea.
      This could also be easily used to show little notes or short "vademecum", not only for the list of food allergens.
      ---
      Main features
      The basis
      All moves from a short editing of the module in this tutorial: How to create custom admin pages by @bernhard
      First of all it creates an empty admin page, with a dedicated permission to let safe-user to see it (this permission has to be created as a new ones, manually or by the module).
      Once the page is created, I have hooked its behaviour into the ready.php, to show the content (basically a list).
      A step further
      With the tips of  @bernhard, @Soma (and many others), see here , the magic happens. 
      The new page will be shown as a panel, so editors will not abandon their data entry to have a quick view to the list.
      A little further
      Why scroll to the top of the page to click a link?
      The next step was to create a sticky button only in the food menu pages.
      Again with a @bernhard tip I moved into the customization of this simple module and the related hook.
      ---
      How to use this module
      After installed, it creates the page /admin/page/allergens/ and the module is to be setted up. The first field is a CKEditor with multi-language. This is the place where to write the informations that will be shown into the page. The next field is a simply text-area where to place a bit of JS that will be appended to the markup of the text (omit the 'script' tags). I also putted a checkbox with a silly statement: this to think at least twice on the safety of the written JS. Now comes the first way to display the link to the page
      Field Note with Link. Enable and save it. The module will display a new row with 4 selects (1 standard and 3 ASM):
      View mode (to show the page as Panel or as Modal PopUp); Templates to select: select one or more and save before proceed, so the  asm-select of the pages will be populated showing all the pages of the selected templates. Pages to select: also here select at least one and save before proceed to populate the asm-select for fields only with the ones that belong to the selected pages. Select the fields where to place the note and save again. That's all: now you will find into the notes of the selected fields the link "See the List of Allergens".
      At the same way, the option for the sticky button, but with a plus
      The field select is obviously unnecessary, but you could play with the last row: the inline styles to fix your sticky button where you like. Here you could set the sticky position of the <div> and the absolute ones of the <a>.

      Video Explanation
      In these screencasts you could see a custom JS that show a "copy" button near a "hanna-code" call.
      This because I've set a specific one for each allergen to show up a tooltip in the front end.

      Registrazione #33.mp4  

      Registrazione #34.mp4 ---
      Last but not the least
      Actually it works fine for my needs, even if it's much improvable: I'm working on the permissions creation, the uninstall section, a separate configs and defaults and how to include the hook into the module leaving free the ready.php. According to a simpler uninstall. Also I would make the link text as a dynamic text field, so it will be more flexible.
      I always learn a lot here, so I would share my code for whom it could be interested.
      I removed the hanna code references, but I provide you the html list of the allergens, English and Italian too, so you can paste them into the "source" of the CKEditor field to have a ready to use module.
      Obviously you are free to modify the code as per your needs.
      Please, keep in mind that I'm not a pro coder and I beg your pardon for my verbosity (speaking and coding). 😉
      I hope be helpful or for inspiration.
      Bye
      ready.phpList-ITA.htmlList-ENG.htmlAllergens.moduleREADME.md
       
    • By BitPoet
      I've realized that I've been jumping back and forth between the PW API docs and the source code for site modules far too much. The idea to hold all necessary documentation locally in one place has occurred to me before, but getting PHPDocumentor et al set up and running reliably (and producing readable output) as always been too much of a hassle. Today I was asked how I find the right hooks and their arguments, and that inspired me to finally get my backside down on the chair and whip something up, namely the
      Module Api Doc Viewer
      ProcessModuleApiDoc
      It lets you browse the inline documentation and public (optionally also protected) class/method/property information for all modules, core classes and template files in the ProcessWire instance. The documentation is generated on the fly, so you don't have to remember to update your docs whenever you update a module.
      The module is quite fresh, so expect some bugs there. Behind the scenes it uses PHP-Parser together with a custom class that extracts the information I needed, and the core TextformatterMarkdownExtra module for rendering the description part in the phpdoc style comments.
      This is not a replacement / competitor to the API Viewer included in the commercial ProDevTools package. There is quite some information included in the inline documentation that my module can't (and won't) parse, but which makes up parts of the official ProcessWire API docs.
      This, instead, is a kind of Swiss army knife to view PHPDoc style information and get a quick class or function reference.
      If you feel daring and want to give it a spin, or if you just want to read a bit more, visit the module's GitHub repository.
      This is the overview page under "Setup" -> "Module API Docs":

      And this is what the documentation for an individual class looks like:

      The core module documentation can of course be found online, but it didn't make sense not to include them.
      Let me know what you think!

    • By tcnet
      File Manager for ProcessWire is a module to manager files and folders from the CMS backend. It supports creating, deleting, renaming, packing, unpacking, uploading, downloading and editing of files and folders. The integrated code editor ACE supports highlighting of all common programming languages.
      https://github.com/techcnet/ProcessFileManager

      Warning
      This module is probably the most powerful module. You might destroy your processwire installation if you don't exactly know what you doing. Be careful and use it at your own risk!
      ACE code editor
      This module uses ACE code editor available from: https://github.com/ajaxorg/ace

      Dragscroll
      This module uses the JavaScript dragscroll available from: http://github.com/asvd/dragscroll. Dragscroll adds the ability to drag the table horizontally with the mouse pointer.
      PHP File Manager
      This module uses a modified version of PHP File Manager available from: https://github.com/alexantr/filemanager
       
    • By teppo
      Admin Restrict Branch Select is an add-on / companion module for Admin Restrict Branch. With this module enabled, you can manually select more than one branch parent per user via the branch_parent field, and users with more than one option selected will be able to switch between those while editing site content. Switching between branches is done via a select field injected at the top of the page tree.
      Note that users are still limited to one branch at a time: this module will not make it possible to view multiple branches at the same time.
      When the module is installed, it will automatically update the branch_parent field if deemed necessary, i.e. if it isn't yet configured to allow selecting multiple pages. You can make changes to the field later, if you want to restrict selectable options by template, use asmSelect instead of PageListSelectMultiple, etc. 
      This is an early beta release, so be sure to test carefully before enabling this module in production!
      https://processwire.com/modules/admin-restrict-branch-select/
      https://github.com/teppokoivula/AdminRestrictBranchSelect
×
×
  • Create New...