Cache warming a website with Optimus Prime
Not all cache plugins or apps preload pages or provide a warm cache of all content, normally the first time a page is visited it is not cached but subsequent pages are. More plugins are providing pre-loading or warm cache solutions but some still don’t or web hosts don’t allow it – there are a…
Read MoreBlock wp-login.php and xmlrpc.php via fail2ban on RunCloud
How to ban IP addresses that are brute forcing your wp-login.php and xmlrpc.php with fail2ban on a RunCloud server. Add a WordPress fail2ban filter Create a wordpress.conf file in /etc/fail2ban/filter.d/ [Definition] failregex = ^<HOST> .* “POST .*wp-login.php ^<HOST> .* “POST .*xmlrpc.php ignoreregex = If you just want to ban only one of them just…
Read MoreForce Password on SSH Connection
This is the command to force a SSH password between a client and server, you may have passwordless connection set up with SSH keys but want to check that a password is correct. ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no user@1.2.3.4 Swap out user@1.2.3.4 with your connection details. Once logged in, if you want to change the…
Read MoreTweaking RunCloud Servers After Deployment
Here are some references for various fix ups or tweaks that I apply to servers with a RunCloud control panel. These are not all done inclusively, depends on the need. SSH Change the SSH Port from the default 22 nano /etc/ssh/sshd_config Change to desired port #Port 22 Open new port RunCloud panel, close old 22…
Read MoreBlock xmlrpc.php and wp-login.php via NGINX
You can block xmlrpc.php and wp-login.php via NGINX with the configurations below, what’s good about this approach is that it prevents brute force attacks at the NGINX server level without any PHP/MySQL resources being used. xmlrpc.php for NGINX location = /xmlrpc.php { deny all; } To allow JetPacks IP addresses through adjust the config to…
Read MoreSet up malware scanner LMD Maldet and ClamAV on a RunCloud instance
How to set up a malware scanner with LMD Maldet and ClamAV on a RunCloud server instance. One of the popular and open source malware scanners is an app called Linux Malware Detect and works well scanning any Linux web server, it keeps a daily updated database of known malware exploits from an updated registry…
Read MoreSend command line server emails with Postfix on a Ubuntu Server 18.04
Here is a guide to allow a Ubuntu 18.04 server to send out local server based emails using Postfix. Test Command Line Email To test if emails can be sent via the command line, SSH into your server and try echo “Is email sending OK..?” | mail -s “Sending email!” you@domain.com Nothing should return, if…
Read MoreMove WooCommerce Product Long Description Into The Short Description Product Layout
How to add the woocommerce product long description text into the short description product layout with a couple of woocommerce actions and the long description tab removal. Remove The Description Tab This tab by default has the long product description. The above will remove all 3 tabs just comment out which ones you want to…
Read MoreSet hostname and fqdn in Ubuntu 18.04
Hostname in Ubuntu 18.04 You can find and change the hostname with the commands hostname or hostnamectl in Ubuntu 18.04, if you run the command on its own it will tell you what the current name is, example below it is racknerd-la hostnamectl root@racknerd-la:~# hostnamectl Static hostname: racknerd-la Icon name: computer-vm Chassis: vm Machine ID:…
Read MoreBlock Modsec WAF from WordPress Website
You can block modsec WAF from your website via .htaccess with the following code… <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST Off </IfModule> This may help when in development, remove when finished to get the protection back. If there is an actual rule you keep triggering you can make an exemption by IP address… # Whitelist 401…
Read More