Force Password on SSH Connection
This is the command to force a SSH password between a client and server, you may have passwordless connection set up with SSH keys but want to check that a password is correct. ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no [email protected] Swap out [email protected] with your connection details. Once logged in, if you want to change the…
Read MoreBlock xmlrpc.php and wp-login.php via NGINX
You can block xmlrpc.php and wp-login.php via NGINX with the configurations below, what’s good about this approach is that it prevents brute force attacks at the NGINX server level without any PHP/MySQL resources being used. xmlrpc.php for NGINX location = /xmlrpc.php { deny all; } To allow JetPacks IP addresses through adjust the config to…
Read MoreSet up malware scanner LMD Maldet and ClamAV on a RunCloud instance
How to set up a malware scanner with LMD Maldet and ClamAV on a RunCloud server instance. One of the popular and open source malware scanners is an app called Linux Malware Detect and works well scanning any Linux web server, it keeps a daily updated database of known malware exploits from an updated registry…
Read MoreSend command line server emails with Postfix on a Ubuntu Server 18.04
Here is a guide to allow a Ubuntu 18.04 server to send out local server based emails using Postfix. Test Command Line Email To test if emails can be sent via the command line, SSH into your server and try echo “Is email sending OK..?” | mail -s “Sending email!” [email protected] Nothing should return, if…
Read MoreSet hostname and fqdn in Ubuntu 18.04 & 20.04
Hostname in Ubuntu 18.04 & 20.04 You can find and change the hostname with the commands hostname or hostnamectl in Ubuntu 18.04 & 20.04, if you run the command on its own it will tell you what the current name is, the example below is named racknerd-la hostnamectl [email protected]:~# hostnamectl Static hostname: racknerd-la Icon name:…
Read MoreUsing WooCommerce with Varnish, exclude pages and cookies
To use WooCommerce with Varnish server-side caching you need to exclude some of the generic WooCommerce pages and cookies. Some web hosts will partially do this for you and others will give you an interface to add them yourself, make sure you ask the host what options are available Exclude from Varnish these WooCommerce pages…
Read MoreAdding Cloudflare to the mix of ServerPilot and fail2ban
This guide looks at adding Cloudflare to a set up of ServerPilot and fail2ban with a WordPress jail set up. Once you start using Cloudflare as a CDN solution for your hosting, you are adding another firewall into the equation, albeit a very good one, but you may want to pass your servers local firewall…
Read MoreTemporarily Turn off Modsec filtering
You can temporarily turn off Modsec filtering by adding a code snippet rule to your .htacces file, this can be helpful if you are triggering a number of rules which are false positives or you are unable to get the rules whitelisted whilst you do your development. Add into .htaccess <IfModule mod_security.c> SecFilterEngine Off SecFilterScanPOST…
Read MoreGit WordPress workflow for Local Development to Staging Site
This guide shows a Git WordPress workflow and demonstrates version control using Git from a local development environment on macOS to a staging site web server. For the Database control and pushing to staging, we will use WP Migrate Pro. A second remote repo for a production server would also need to be added in a real-world scenario. This…
Read MoreSetting Up GeoIP Location on Piwik on ServerPilot
Using a combination of ServerPilot and a Vultr server instance is a great solution for a Piwik server for tracking analytics. After setting up the initial Piwik install here is how you can set up the GeoIP location module set up to enable you to view visitor results from City and Country Location. Piwik can…
Read More