PHP, Apache, Varnish fix server REMOTE_ADDR varible

In the case of a combination of PHP, Apache and Varnish Cache there is a problem with the value stored at index “REMOTE_ADDR” in the $ _SERVER array – server and execution environment information.

The documentation shows that, this place should contain information about the IP address of the user which is viewing the current page. However, the application of reverse proxy which is Varnish, means that in this place will be localhost (127.0.0.1), because in structured like this, Varnish is the mediator of serving a direct requests to the Apache server. Real user IP will be located in the header of requests under the X_HTTP_FORWARDED_FOR index.

To solve this problem, simply install the  mod_rpaf – reverse proxy add forward module to the Apache. Installation steps below.

1
apt-get install libapache2-mod-rpaf

 

Then, check whether in the mod_rpaf module is correctly configured IP address of your reverse proxy.

1
/etc/apache2/mods-enabled/rpaf.conf

Restart the apache server and you’re done!

Tuesday, 7 February 2017 SSH Comments Off on PHP, Apache, Varnish fix server REMOTE_ADDR varible

WordPress Update Domain Queries

1
2
3
4
UPDATE wp_options SET option_value = replace(option_value, 'http(s)://www.oldurl', 'http(s)://www.newurl') WHERE option_name = 'home' OR option_name = 'siteurl';
UPDATE wp_posts SET guid = replace(guid, 'http(s)://www.oldurl','http(s)://www.newurl');
UPDATE wp_posts SET post_content = replace(post_content, 'http(s)://www.oldurl', 'http(s)://www.newurl');
UPDATE wp_postmeta SET meta_value = replace(meta_value,'http(s)://www.oldurl','http(s)://www.newurl');
Friday, 7 October 2016 PHP, Programming Comments Off on WordPress Update Domain Queries

MySQL best performance settinggs with MySQL Tuner

Download & Install

1
2
3
cd /usr/local/bin
wget https://raw.githubusercontent.com/major/MySQLTuner-perl/master/mysqltuner.pl
chmod +x mysqltuner.pl

Now you can run it by typing:

1
./mysqltuner.pl
Sunday, 27 March 2016 SSH Comments Off on MySQL best performance settinggs with MySQL Tuner

SSH rsync execlude files matching pattern

1
rsync -avz -e 'ssh' --exclude='backwpup_*.tar.gz' /var/www user@host:/home/user

This pattern: ‘backwpup_*.tar.gz’ execlude all files like e.g. backwpup_f611be_2016-01-04_05-11-00.tar.gz from the sync.

Tuesday, 26 January 2016 SSH Comments Off on SSH rsync execlude files matching pattern

Instalation of the OpenVPN

Find distribution of the OpenVPN for your system on: http://swupdate.openvpn.org/as/

To check your OS info in ssh type:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
root@vps:~# uname -a
Linux vps203659.ovh.net 3.2.0-4-amd64 #1 SMP Debian 3.2.68-1+deb7u4 x86_64 GNU/Linux

or

root@vps:~# cat /etc/*release*
PRETTY_NAME="Debian GNU/Linux 7 (wheezy)"
NAME="Debian GNU/Linux"
VERSION_ID="7"
VERSION="7 (wheezy)"
ID=debian
ANSI_COLOR="1;31"
HOME_URL="http://www.debian.org/"
SUPPORT_URL="http://www.debian.org/support/"
BUG_REPORT_URL="http://bugs.debian.org/"

Download your OpenVPN distribution with wget command:

1
root@vps:~# wget http://swupdate.openvpn.org/as/openvpn-as-2.0.21-Debian7.amd_64.deb

Then set pass for the openvpn user, so type:

1
2
3
4
root@vps:~# passwd openvpn
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

During installation, you receive the relevant data for further configuration and places where you can download the installation package for your OpenVPN client.

 

openvpn_installation

Sunday, 22 November 2015 SSH Comments Off on Instalation of the OpenVPN

MySQL backup all databases as root user

1
mysqldump --lock-all-tables -u root -p --all-databases > dump.sql
Friday, 13 November 2015 SSH Comments Off on MySQL backup all databases as root user

VirtualBox boot from USB connected to your PC.

One important piece of information at the beginning of the entry: open the command prompt and VirtualBox as an administrator.

 

1. Run following command to get USB HDD disk system index:

1
wmic diskdrive get Index, Caption, InterfaceType

CMD wmic diskdrive command output

2. Then generate new VirtualBox HDD, for new VirtualBox machine by following commands:

Be sure to, in the command:

VBoxManage internalcommands createrawvmdk -filename c:\usb2.vmdk -rawdisk \\.\PhysicalDrive2

replace disk index marked in red, on yours readed in the previous step!

 

1
2
cd %programfiles%\Oracle\VirtualBox
VBoxManage internalcommands createrawvmdk -filename c:\usb2.vmdk -rawdisk \\.\PhysicalDrive2

vboxmanage

After completing these steps, you can now create a new virtual machine that will use your USB as a boot disk.

virtualbox create new machine selecting usb hard disk

Monday, 2 November 2015 SSH Comments Off on VirtualBox boot from USB connected to your PC.

WordPress Login Secure by Fail2Ban

To block the brutal force attacks on WordPress login page, in the logs looking like:

1
2
3
4
5
6
7
8
82.165.15.125 - - [03/Aug/2015:02:23:30 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:31 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:32 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:33 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:33 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:34 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:35 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"
82.165.15.125 - - [03/Aug/2015:02:23:35 +0200] "POST /wp-login.php HTTP/1.1" 200 5704 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.14.0.0 zlib/1.2.3 libidn/1.18 libssh2/1.4.2"

Just install fail2ban app, for scanning your system logs. After installation, simply add the appropriate rules:

1
nano /etc/fail2ban/filter.d/wordpress.conf

And copy into these file:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# Fail2ban Wordpress configuration

[INCLUDES]

before = common.conf

[Definition]

_daemon = wordpress

# Option:  failregex
# Notes.:  regex to match the password failures messages in the logfile. The
#          host must be matched by a group named "host". The tag "<HOST>" can
#          be used for standard IP/hostname matching and is only an alias for
#          (?:::f{4,6}:)?(?P<host>[\w\-.^_]+)
# Values:  TEXT
#
failregex = <HOST>.*] "POST /wp-login.php

# Option:  ignoreregex
# Notes.:  regex to ignore. If this regex matches, the line is ignored.
# Values:  TEXT
#
ignoreregex =

Then edit /etc/fail2ban/jail.conf by typing:

1
nano /etc/fail2ban/jail.conf

And put at the end of apache section few more lines:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#
# HTTP servers
#

[apache]

enabled  = false
port     = http,https
filter   = apache-auth
logpath  = /var/log/apache*/*error.log
maxretry = 6

...
...
...

#Add these lines:

[apache-wordpress]
enabled = true
filter = wordpress
action = iptables-multiport[name=NoAuthFailures, port="http,https"]
logpath = /var/log/apache*/*access*log
port = http,https
bantime = 1200
maxretry = 4

Restart fail2ban service by command:

1
service file2ban restart

Now you can test new settings by accessing your wordpress login page, by trying login four times with wrong auth details.

http://yourdomain.com/wp-login.php

The method is not 100% sure and you can go around it … That’s why I suggest for safety, installation for each WP, module for blocking an IP address after a few incorrect login attempts.

Wednesday, 5 August 2015 SSH Comments Off on WordPress Login Secure by Fail2Ban

Netbeans PSR-2 code formatting and line ending

PHP PSR-2 Standard

https://github.com/maniaplanet/netbeans-psr

http://www.php-fig.org/psr/psr-2/

Change Line Endings on Save – plugin detail

Download: netbeans-psr.zip

Tuesday, 3 March 2015 Any other Comments Off on Netbeans PSR-2 code formatting and line ending

OpenProject package plugins installation

1
2
3
4
sudo openproject run bundle install --no-deployment
sudo openproject run rake db:migrate
sudo openproject run rake assets:precompile
sudo service openproject restart
Wednesday, 25 February 2015 SSH Comments Off on OpenProject package plugins installation
Scroll