1. test.openeuphoria.org is open to the world
- Posted by CoJaBo2 Jan 16, 2013
- 1546 views
Forked from Could not open wxEuphoria library. Press enter to abort.
Why is the test/development site accessible to anyone?
I have found the following post in the forum which is similar to my problem, but fails to resolve it. It does not seem to be a problem of sim link. http://test.openeuphoria.org/forum/110825.wc.
At the very least, it should have a robots.txt forbidding access, so it doesn't show up as the first hit on Google.
Ideally, it should have been passworded; the only way to do that now that there are a plethora of links to the development site would be to move the test site to, e.g., dev.openeuphoria.org, password that, and redirect test.openeuphoria.org/whatever to openeuphoria.org/whatever to preserve the validity of sites and search engines that now link to the wrong version.
2. Re: test.openeuphoria.org is open to the world
- Posted by jimcbrown (admin) Jan 16, 2013
- 1501 views
Forked from Could not open wxEuphoria library. Press enter to abort.
Why is the test/development site accessible to anyone?
To allow the entire world to take part in finding bugs in the existing website system - without risking the actual forum itself.
I have found the following post in the forum which is similar to my problem, but fails to resolve it. It does not seem to be a problem of sim link. http://test.openeuphoria.org/forum/110825.wc.
At the very least, it should have a robots.txt forbidding access, so it doesn't show up as the first hit on Google.
I guess this sounds reasonable. We have no other reason to hide the test forum from search engines like Google aside from this reason though.
Ideally, it should have been passworded;
That sounds easier. Obviously, the password would be public and well documented, so that anyone and everyone human could continue to access the test site.
the only way to do that now that there are a plethora of links to the development site would be to move the test site to, e.g., dev.openeuphoria.org, password that, and redirect test.openeuphoria.org/whatever to openeuphoria.org/whatever to preserve the validity of sites and search engines that now link to the wrong version.
Why would we want to bother with that? Who cares about the search engine validity regarding the test site?
3. Re: test.openeuphoria.org is open to the world
- Posted by mattlewis (admin) Jan 16, 2013
- 1436 views
Why is the test/development site accessible to anyone?
To allow the entire world to take part in finding bugs in the existing website system - without risking the actual forum itself.
Yeah...I'm not sure why this is important. The test site is mainly an old copy of the production version of the site, plus whatever other testing we've done. It's sometimes convenient to try to make a post that causes an error and then link that in a ticket.
Seriously, though, what's the down side of having it accessible? Note that the source code is accessible, too.
Matt
4. Re: test.openeuphoria.org is open to the world
- Posted by CoJaBo2 Jan 16, 2013
- 1476 views
Yeah...I'm not sure why this is important. The test site is mainly an old copy of the production version of the site, plus whatever other testing we've done. It's sometimes convenient to try to make a post that causes an error and then link that in a ticket.
Seriously, though, what's the down side of having it accessible? Note that the source code is accessible, too.
The risk of having it accessable is that, as a copy of the production site, it looks like the production site. Someone coming in from elsewhere or linking to it may not notice the difference.
Obviously, the password would be public and well documented, so that anyone and everyone human could continue to access the test site.
HTTP auth (probably the simplest way of doing it) allows displaying a short message; which could simply say "Development site, for testing only, password is 'developer', please report any bugs found to , etc". This would have the desired effect of making it pretty obvious the site is not intended for general use, while keeping it open for testing.
Why would we want to bother with that? Who cares about the search engine validity regarding the test site?
Because otherwise, people coming in to the site would suddenly start getting password prompts, because other sites will still be linking to the test site as if it were the real one. Blocking it in robots.txt would stop search engines from listing it in the future, but it wouldn't automatically fix up any other sites or directories that will continue to link to the wrong version. Changing to "dev." instead of "test." for the development site, and redirecting "test." to the main site would resolve that with the least disruption. "dev." could be used as the new testing site, and accidental links to "test." would not break.
5. Re: test.openeuphoria.org is open to the world
- Posted by jimcbrown (admin) Jan 16, 2013
- 1443 views
Yeah...I'm not sure why this is important. The test site is mainly an old copy of the production version of the site, plus whatever other testing we've done. It's sometimes convenient to try to make a post that causes an error and then link that in a ticket.
Seriously, though, what's the down side of having it accessible? Note that the source code is accessible, too.
The risk of having it accessable is that, as a copy of the production site, it looks like the production site. Someone coming in from elsewhere or linking to it may not notice the difference.
Well, your own solution below allows the site to remain accessable to humans while significantly lowering the odds of confusion.
Obviously, the password would be public and well documented, so that anyone and everyone human could continue to access the test site.
HTTP auth (probably the simplest way of doing it) allows displaying a short message; which could simply say "Development site, for testing only, password is 'developer', please report any bugs found to , etc". This would have the desired effect of making it pretty obvious the site is not intended for general use, while keeping it open for testing.
I like this idea, and if there are no detailed objections from anyone else then I'll do this.
Why would we want to bother with that? Who cares about the search engine validity regarding the test site?
Because otherwise, people coming in to the site would suddenly start getting password prompts, because other sites will still be linking to the test site as if it were the real one. Blocking it in robots.txt would stop search engines from listing it in the future, but it wouldn't automatically fix up any other sites or directories that will continue to link to the wrong version. Changing to "dev." instead of "test." for the development site, and redirecting "test." to the main site would resolve that with the least disruption. "dev." could be used as the new testing site, and accidental links to "test." would not break.
No humans have confused the test site with the real one, other than the OP. If nothing else changes, then this probably won't hold true in the future - but for now, we can add a lockdown without breaking anything other than the links in search engines.
My understanding was that Google expired links after a time, so once we add the password and wait patiently long enough, those links will go away. In the mean time, anyone who tried to use the incorrect versions of the links will get the Auth dialog - which can be fine tuned to explain how to get to the real version.
6. Re: test.openeuphoria.org is open to the world
- Posted by CoJaBo2 Jan 16, 2013
- 1440 views
My understanding was that Google expired links after a time, so once we add the password and wait patiently long enough, those links will go away. In the mean time, anyone who tried to use the incorrect versions of the links will get the Auth dialog - which can be fine tuned to explain how to get to the real version.
In theory, yes- they should die off eventually. In practice, once a link is published, it near-instantly becomes permanent- I'm still seeing traffic to some of my own links that were removed 14 years ago!
I did a major restructuring of another site about a month ago, and hits to the old links still make up a bit more than half of incoming traffic.
No, it isn't critical to do this, but it doesn't take a whole lot of effort to do the redirect either; and it saves anywhere from "a few" to "a ton" of people headaches.
7. Re: test.openeuphoria.org is open to the world
- Posted by jimcbrown (admin) Jan 16, 2013
- 1413 views
My understanding was that Google expired links after a time, so once we add the password and wait patiently long enough, those links will go away. In the mean time, anyone who tried to use the incorrect versions of the links will get the Auth dialog - which can be fine tuned to explain how to get to the real version.
In theory, yes- they should die off eventually. In practice, once a link is published, it near-instantly becomes permanent- I'm still seeing traffic to some of my own links that were removed 14 years ago!
I did a major restructuring of another site about a month ago, and hits to the old links still make up a bit more than half of incoming traffic.
Which dead links are you still getting hits for?
No, it isn't critical to do this, but it doesn't take a whole lot of effort to do the redirect either; and it saves anywhere from "a few" to "a ton" of people headaches.
I think the plan will be this: We add the password prompt, with the password in the prompt. This should get the search engines to drop the links, but if one of the links happens to stay around and alive beyond this, then the human being will just answer the prompt and get access to the post. If the post is gone, then the prompt will at least tell the intelligent user how to get to the real post on the real web site.
The contents of the test and the real website are already different enough that a simple redirect will not work - some posts that are shown in search engines from the test website will stop working if we blindly redirect them to the analoguous url on the real web site.
