Hiển thị các bài đăng có nhãn php. Hiển thị tất cả bài đăng
Hiển thị các bài đăng có nhãn php. Hiển thị tất cả bài đăng

Enable HTTPS on Wordpress in Amazon

   , ,  No comments
This tutorial will help us install Wordpress on Amazon using a Wordpress image provided by Bitnami. We will also enable HTTPS by using an Amazon's elastic load balancer and a WordPress plugin.

Steps

  1. Create an EC2 instance and install this Wordpress image from Bitnami: https://aws.amazon.com/marketplace/pp/B00NN8Y43U.
  2. Install Easy Https Redirection plugin on Wordpress - https://wordpress.org/plugins/https-redirection/
  3. Configure Elastic Load Balancing With SSL And AWS Certificate Manager For Bitnami Applications On AWS - https://docs.bitnami.com/aws/how-to/configure-elb-ssl-aws/
    These lines should be added before WP_HOME and WP_SITEURL:
    if (strpos($_SERVER['HTTP_X_FORWARDED_PROTO'], 'https') !== false)
        $_SERVER['HTTPS']='on';
  4. At this stage, your URL should both be accessible via HTTP and HTTPS, but we want to force a redirect to HTTPS so we need to do this final step.
    1. Reopen ~/apps/wordpress/conf/httpd-prefix.conf and add the following lines:
      RewriteCond %{HTTPS} !=on
      RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
      RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
  5. And finally, don't forget to restart the apache server: /opt/bitnami/ctlscript.sh restart apache

The final version of the file should look like below. Take note of the commented lines, those are the originals.
SetEnvIf x-forwarded-proto https HTTPS=on

# App url moved to root
DocumentRoot "/opt/bitnami/apps/wordpress/htdocs"
    #Alias /wordpress/ "/opt/bitnami/apps/wordpress/htdocs/"
#Alias /wordpress "/opt/bitnami/apps/wordpress/htdocs"

RewriteEngine On
#RewriteCond "%{HTTP_HOST}" ^ec2-([0-9]{1,3})-([0-9]{1,3})-([0-9]{1,3})-([0-9]{1,3})\..*\.amazonaws.com(:[0-9]*)?$
#RewriteRule "^/?(.*)" "%{REQUEST_SCHEME}://%1.%2.%3.%4%5/$1" [L,R=302,NE]

#RewriteCond %{HTTPS} !=on
#RewriteRule ^/(.*) https://%{SERVER_NAME}/$1 [R,L]

RewriteCond %{HTTPS} !=on
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Include "/opt/bitnami/apps/wordpress/conf/httpd-app.conf"

Video Tutorial: https://www.youtube.com/watch?v=WQwvwiPZlZE

Wordpress cannot add menu item SOLVED

     No comments
Recently we encountered a problem wherein we cannot add anymore menu-items to our wordpress main navigation menu. On top of that the theme's menu assignment is unchecked whenever we tried to add a menu-item and hit save.

Solution:
Add the following php property to your php.ini 
max_input_nesting_levels = 500
max_input_vars = 6000

Common issues:

  1. max_input_vars does not take effect when you look into php properties using script.
    1. Solution: if you have several domains on one hosting package, make sure that you duplicate php.ini to the root of your other domain
  2. Values are already updated, phpinfo is already showing the correct values but still I can't add a menu-item.
    1. Solution: copy the php.ini inside your wp-admin folder.

How to handle an xmlrcp wordpress attack on nginx server

   ,  No comments
I'm not really a system administrator and these steps are just based on my personal experience in securing our own wordpress websites.

Lately there has been a lot of attacks on wordpress sites (since it's a popular framework) specially on windows machine. So we decided to migrate on a linux machine. Obviously got a lot of attacks still, one of the nasty one is a DoS (denial of service), and here's how we handled it:


  1. Install akismet plugin.
  2. Install wordfence plugin - this one is really good.
  3. If you know how to type commands on linux, run tail -f /var/log/nginx/access.log. This will should the most frequent request together with its IP take note of it and under WordFence->Blocked IPs, add it.
  4. Install and configure ip tables. 
  5. Block the ip in ip tables (INPUT section): 
    //add
    sudo iptables -A INPUT -s [IP ADDRESS] -j DROP

    //or insert as a first rule
    sudo iptables -I INPUT 1 -s [IP ADDRESS] -j DROP

    //check if configured correctly
    sudo iptables -L --line-numbers

    //to remove a rule
    iptables -D INPUT [line-number]
  6. Configure nginx.conf to block xmlrpc request (make sure that you are not using it). Normally you don't. Create nginx.conf in your webroot with the following contents:
    # nginx configuration
    location /xmlrpc.php {
    deny all;
    }
    Here's an htaccess to nginx converter, just in case you need: http://winginx.com/en/htaccess.
  7. Setup fail2ban. Google on how-to. Here's my favorite: https://www.digitalocean.com/community/tutorials/how-to-protect-an-nginx-server-with-fail2ban-on-ubuntu-14-04.

How to setup a subdomain in your nginx server

   ,  No comments
Lately I've created a sub-domain for one of my website. I hope you follow this blog on how to setup your nginx wordpress site. In the same server where I host my maindomain.com, I've added a subdomain.maindomain.com. And here is how:

  1. I created a new folder in /var/www/subdomain where I install a new copy of wordpress. Note that /var/www/html contains my maindomain.
  2. The duplicate the config site in the blog I mentioned above (my-site), so now I have subdomain ni /etc/nginx/sites-available.
  3. Make the following modifications (first 2 lines): 
    listen 80;
    listen [::]:80;
  4. Basically, you can't have 2 virtual configurations with default_server marker.
  5. Your sub domain should now be accessible.

How to setup your wordpress website in nginx server

   ,  No comments
Long ago I learned of the advantages of nginx over apache, just google it. Planned to migrate our sites but didn't manage to do it until last weekend. So here's what I did to do that:

I'm assuming you already have a functional wordpress with mysql setup and html / php files in /var/www/html (the usual).

First we need to install nginx and php:

sudo apt-get install nginx php5-fpm

Next, configure nginx virtual config, like in apache. Default config file is at /etc/nginx/sites-available/default, copy it and edit like below:

//copy
cp /etc/nginx/sites-available/default /etc/nginx/sites-available/my-site

//modify my-site
server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        root /var/www/html;
        index index.php index.html index.htm;

        server_name your_domain.com;

        location / {
                # try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args;
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }
}

//remove default enabled site
rm /etc/nginx/sites-enabled/default

//enable my-site
ln -s /etc/nginx/sites-available/my-site /etc/nginx/sites-enabled/

//restart or reload
sudo service nginx restart
sudo service php5-fpm restart

Your website should now be up and running in nginx.

*Keep your eye on missing comma ;.