Lots of false positives –?not quite, as it turns out

  • Resolved yeoric

    (@yeoric)


    2 years, 8 months ago

    Result of further tests:

    Settings: time limit 60 sec, check in published pages, posts, reusables. Check HTML links & images via std HTTP only. Show ALL problems as errors. Check continuously while dashboard is open.
    Site is open only for logged-in users (via Secret Content plugin by Emil Vang Arffmann, applies to all posts except imprint and 404 pages). Checking from admin account w/ dashboard open.
    375 unique links in 704 URLs (looks about right).

    After checking (0 URLs in queue), plugin shows 171 broken links (all fail with 404 status). 2 of those links are actually faulty (or blocked).

    Repeated test with Secret Content plugin disabled. Result:
    After checking (0 URLs in queue), plugin shows 8 broken links. All of these are correct-positve or 403 links (i.e. blocked request I guess, this was a forum link).

    So the problem seems to be the Secret Content plugin. This means that the link checker does not run from my environment but as an anonymous user. Why? Where and from which account IS the plugin running? Is there a workaround for this?
    And if I have 375 unique URLs, why do only 171 (excluding the correct-positives) show errors? The difference is far greater than the number of external links I have.

    However, rating changed to 5 stars now.

    The page I need help with: [log in to see the link]

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Support Patrick – WPMU DEV Support

    (@wpmudevsupport12)

    Hi @yeoric

    Sorry to hear you are having this issue.

    This is weird, the plugin will run on your database and check the links located there, it looks at the posts and do a cURL request to the link and get the response and report if it returned 200 status or not.

    You can find more about cURL requests on https://curl.se/docs/httpscripting.html

    Do you have access to your database using for example PHPmyAdmin?

    If so, you can look for the links https://www.easycgi.com/help/article/searching-mysql-tables-in-phpmyadmin

    Could you also share some examples of the links that are returning false positives?

    Best Regards
    Patrick Freitas

    Thread Starter yeoric

    (@yeoric)

    As I said, all is well if I switch off the Secret Content plugin. Without that, I get a list that includes basically ALL links in the site shown as 404. A few examples:
    https://wp.flyhi.de/alle-personen/ (to a page)
    https://wp.flyhi.de/balin-ein-zwerg-von-durins-volk/ (to a post)
    https://wp.flyhi.de/alle-personen/#e (to an anchor inside a post)
    I created a link list with a different plugin, and I confirmed that every site-internal link is affected.

    It seems obvious that the Broken Link Checker does not act from within the context of my browser session, because 404 errors are exactly what you get with the Secret Content plugin if you are not logged in. You should be able to verify this if you install the Secret Content plugin on a test site (and mark the pages and posts that contain links as “Show this to logged-in visitors only”).

    So I have a workaround: For the link check, I just switch of the Secret Content plugin for a few minutes, then I switch it on again.
    IF the login requirement is the reason for the observed behaviour, maybe the Broken Link Checker could store a username and password to create a logged-in environment for its test runs.

    I think we can close this case. I am willing to do more tests if you require them for further checks, should the behaviour of your plugin be different from your expectations. As I said, I changed my rating to 5 stars.

    Plugin Support Williams – WPMU DEV Support

    (@wpmudev-support8)

    Hi @yeoric

    Broken Link Checker indeed “does not work from within the context of your browser session”. It runs on “server level”. Specifically, it makes cURL requests so it’s basically server making PHP request to the site. It doesn’t “simulate” you being logged-in.

    From site’s point of view it’s like I would try to visit the URL as a 3rd-party visitor or if search engine crawler would be visiting it.

    I’m afraid it’s not (at least not currently) possible to make plugin “login” to the site so disabling the Secret Content plugin is most likely the only workaround at the moment. There’s a huge update to Broken Link Checker in our task queue and it will be working in a very different way (which will also open up way more options and area for improvements) but I don’t have ETA yet and it might still take some time until it’s released.

    There would be a workaround possible (with a bit of custom code) if that Secret Content plugin would allow access to protected links via some additional URL parameter. What I mean is for example:

    – site.com/somepost <- cannot be accessed
    – site.com/somepost?access=some_secret_password -< can be accessed

    but I didn’t find any information if that’s possible. If yes, then we can most likely come up with some simple additional code that would make Broken Link Checker support that.

    Kind regards,
    Adam

    Plugin Support Amin – WPMU DEV Support

    (@wpmudev-support2)

    Hello @yeoric ,

    We haven’t heard from you for some time now, so it looks like you don’t need our assistance anymore.

    Feel free to re-open this ticket if needed.

    Kind regards
    Kasia

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Lots of false positives –?not quite, as it turns out’ is closed to new replies.