UnixServerAdmin

Server Administration & Management

WordPress default .htaccess file

The default wordpress .htaccess file code is as follows

# BEGIN wordpress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_fileNAME} !-f
RewriteCond %{REQUEST_fileNAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END wordpress

April 26, 2012 Posted by | htaccess, WordPress | , | Leave a comment

How to Secure your WordPress by using WordPress File Monitor

Sometimes there was mass shared host website get attack by base64 code through their major blogging application – WordPress, although they are using latest version of application.

To know how you get attacked by these coding, you may see your indexing file such as index.php from anywhere of your script contain javascript code with script tag and it is redirected somewhere that you have never know that website.

To secure your WordPress, Mick Genie will suggest you to install WordPress File Monitor. With this plugin, your folder and file could be scan either with the date modified or hash from the original download file. At the same time, you could put the exclude folder as well if you are using any cache plugin.

1. Download the Plugin via “http://wordpress.org/extend/plugins/wordpress-file-monitor/&#8221;
2. Install it.
3. Go to the setting and make the changes or your need.

June 1, 2011 Posted by | WordPress | , | 1 Comment

How to Hindi Language Support in WordPress

If you want to publish your blog in Indian language (Hindi) then the below steps can help for you to publish your blog in Hindi.

1) Open wp-config.php;
2) Find:

————————————
define(‘DB_CHARSET’, ‘utf8’);
define(‘DB_COLLATE’, ”);
————————————

3) Change it to:

————————————–
//define(‘DB_CHARSET’, ‘utf8’);
//define(‘DB_COLLATE’, ”);*/
————————————–

May 11, 2011 Posted by | WordPress | , | 4 Comments

WordPress Permalink not working

WordPress Permalink not working even through you enabled it from wordpress admin section –> Settings –> Permalinks.

Sometimes,  WordPress requires a rewrite  rules to be enabled in .htaccess file for Permalinks to work correctly.

Create .htaccess file in the installation directory of wordpress and add following rewrite rules.

=====================================
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
=====================================

Save exit file and now Permalinks should work fine.

April 24, 2011 Posted by | WordPress | | 2 Comments

How to Improve your Writing Skill with After the Deadline

The are Millions blog on the Internet and almost half of them are written in English. I know perfectly my English is not that good, hence the plugin will help to improve your writing skill.

After the Deadline actually able to support for several tools such as bbPress, Mozilla Firefox, Google Chrome, WordPress, etc.

http://www.afterthedeadline.com/download.slp

To install After the Deadline from WordPress, you may refer to the guide as below.

1. Go to your WordPress plugin, press Add New.
2. Type “After the Deadline” from the term and search.
3. Install the plugin.
4. Activated it and edit it from your profile.
5. When you compose a new post, you may check your writing grammar with your visual editor as below.

April 1, 2011 Posted by | WordPress | , | 2 Comments

WordPress : 500 Internal Error

After installation of Word-Press, it may be given 500 Internal Error, Here is following steps to resolve this :-

1. # chmod -R 755 public_html

2. # chown -R user.user public_html

3. # cd /home/user/public/html/

4. create php.ini file

5. write “suhosin.Simulation On” in php.ini file

6. if problem persist, then copy php.ini file to public_html/test/wp-admin

7. Also you can rename .htaccess to _.htaccess, sometimes it also create 500 internal error

March 19, 2011 Posted by | WordPress | , | 3 Comments

How to transfer WordPress blog to new server in cPanel

Normally moving thousands of files from one server to another is a time consuming and tiring job but if you use good and effective technique to move your WordPress blog from one webhost to another then it will only take less than an hour to transfer Gigabytes of data from one server to another.

Fully Automated One click backup of all your cPanel data: cPanel Built-in Remote Backup Feature

This method is the best from all the methods I’ll mention below because Remote Backup requires least of your effort and transfer ALL of the data available to you in your old cPanel to your new host’s cPanel Dashboard. There are some things that needs to be available in order to successfully move your blogs, your New and Old Web Host must have to offer cPanel not any other Hosting Management System, ‘Backups’ feature from both new and old hosts is required to be enabled. If both of your Web Hosts implies to these situations then you are good to go just follow simple steps i am going to mention below.

1. Open the Backups manager in your cPanel and click “Generate/Download a Full Backup”
2. For Backup destination choose “Remote FTP Server (Passive Mode Transfer)”
3. Enter the FTP server, username and password
4. Enter the FTP server port (this is usually “21?)
5. Leave Remote Dir field empty
6. Hit “Generate Backup”

Your backup will now be passively generated and transfer from server to server using the net2ftp protocol. If you don’t see this option in your cPanel then you need to ask your host to enable it. If you are using this method to transfer your files you don’t need to manually backup & restore your databases.

Backing up and Restoring your Files & Databases Partially: Compress, Download & Upload site files via SSH (Secure Shell)

SSH is a network protocol that allows data to be exchanged over a secure channel between two computers. Mostly all Web hosts provide SSH facility to users you may have to get it enabled by contacting to your Web host support team. You will also need the PuTTy client to connect to your server via SSH.

1. Login to your Old server via SSH and open the folder which you want to backup e.g.
# cd /home/somepath/to/yourwebsite/public_html
2. Make a compressed archive out of this folder using the command
# tar -cvf sitepack.tar ./
3. Now login to your New server via SSH and use the command below to fetch the backup from server
# wget yourdomain.com/sitepack.tar
4. Next step is to uncompress the archive using the command
# tar -xvf sitepack.tar

Backup & Restore your MySQL databases

If you are using SSH to transfer your files from one server to another you also need to port your databases from old web host to new one. Here I am going to share the most easiest way of backing up and restoring databases is to do from your cPanel’s ‘Backups’ feature. Follow few simple steps to perform successful DB backups.

a) In your cPanel dashboard locate ‘Backups’ menu.
b) There you’ll see list of all your MySQL databases, Simply click on any of the database name and save compressed DB file to your computer.
c) Now when you backed up all the databases to your computer, log in to your new Web host Panel Dashboard and locate ‘Backups’ menu.
d) Here you’ll see ‘Restore a MySQL Database’ simply choose file and restore your databases one by one.

Add MySQL users to your Databases

Now when you have all your files and databases moved in to your new Web host you need to add MySQL users to your databases for that local ‘MySQL Databases’ icon in your cPanel.

4. Add domains to your New Host

Locate ‘Addon Domains’ in your cPanel and add Domains to your new Web host and make sure while adding domains you choose correct site files path in your /public_html/ directory associated to appropriate domain.

5. Edit wp-config.php if your new cPanel Username is different than old

If your new cPanel username is different then it’s important to edit wp-config.php to make MySQL database login information correct and accurate or your blog will encounter ‘can’t establish a database connection’ error.

This is it.

February 27, 2011 Posted by | cPanel, WordPress | , , | 3 Comments

WordPress Permalink not Working

WordPress Permalink not working enenn through you enabled it from wordpress admin section >> Settings >> Permalinks.

On investigating for a long time I found that wordpress requires a rewrite  rules to be enabled in .htaccess file for Permalinks to work correctly.

Create .htaccess file in the installation directory of wordpress and add following rewrite rules.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Save exit file and now Permalinks should work fine.

?

February 11, 2011 Posted by | WordPress | | 31 Comments

WordPress Fatal error: Allowed memory size of xxx bytes exhausted while upgrading WordPress

You might have received the error stating that “Fatal error: Allowed memory size of xxx bytes exhausted (tried to allocate xxxx bytes) in some-file.php on line xxx” while upgrading you WordPress version. The reason is that while executing PHP file, it exceeds allowed PHP memory on the server. Generally this happens if the value for memory_limit is set to low (probably 8M etc.) in PHP configuration file php.ini. There are some workaround to increase the value for PHP memory.

[1] You can contact your host to raise limit for php_memory.

[2] You can add following line in your .htaccess:

php_value memory_limit 64M

This will not work if suPHP is enabled on your server. If suPHP is enabled on your server then you will need to put php.ini in the root of your domain and modify the following line:

memory_limit = 64M ; Maximum amount of memory a script may consume (64MB)

[3] You can also raise PHP memory from wp-config.php file. Just add the following line after opening PHP tag:

define(‘WP_MEMORY_LIMIT’, ’64M’);

January 20, 2011 Posted by | PHP, WordPress | , | 9 Comments

How to reset WordPress administrator password

Sometime you may need to reset your admin password for your WordPress blog. You have to reset your password through the WordPress database directly in case if the forgot password doesn’t work. The most convenient way to manage the database is via the PhpMyAdmin tool at your web hosting account.

In PhpMyAdmin, select your WordPress database from the drop-down menu on the left. The page will refresh and the database’s tables will be displayed on it. Open the SQL tab (look at the top navigation bar).

In the text field write the following SQL query:

UPDATE `wp_users` SET `user_pass` = MD5( ‘your_new_password’ ) WHERE `wp_users`.`user_login` = “your_admin_username”;

“your_new_password” – replace this with the new password you wish to use.
“your_admin_username” – replace this with the username the password should be updated for.

Once you are ready, click on the “GO” button to submit the query. If everything goes fine without errors, you should be able to login to WordPress with the new password

January 19, 2011 Posted by | WordPress | , | 2 Comments

WordPress and Mod_Security issues

ModSecurity is an open source web application firewall. This helps to prevent attacks on websites, SQL injection, command execution via browser etc. However, this may break some application installed in your website. With ModSecurity2, you can not bypass any rule by ID from your .htaccess file.

If your web hosting provider has enabled mod_security with Apache, you may face some problem to post topic, upload images, insert images in the post etc. Since ModSecurity2 does not allow to bypass rules by ID via .htaccess, you will have to contact your web hosting provider to bypass some rules for your website. ModSecurity provides facility to bypass rules based on the location. You will require to create global whitelist configuration file to bypass certain rules based on the location.

Recently, I faced problem to upload and insert images in the post. After reading some websites, I found some global rules which I bypassed some ModSecurity rules using global whitelist configuration file which fixed my problem. The rules that I bypassed are as follow (I have put space before LocationMatch and /LocationMatch. Remove that space in your configuration file):

< LocationMatch “/wp-admin/post.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/admin-ajax.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/page.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/options.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-admin/theme-editor.php”>
SecRuleRemoveById 300015 300016 300017 950907 950005 950006 960008 960011 960904
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

< LocationMatch “/wp-includes/”>
SecRuleRemoveById 960010 960012 950006
SecRuleRemoveById phpids-17
SecRuleRemoveById phpids-20
SecRuleRemoveById phpids-21
SecRuleRemoveById phpids-30
SecRuleRemoveById phpids-61
< /LocationMatch>

Hope this will help others who are facing the similar problem in their WordPress blog with mod_security.

January 18, 2011 Posted by | Mod_Security, WordPress | , | 1 Comment