Category Archives: Technologies

How to Fix a Hacked WordPress Website

Problem:

When you visit your WordPress website you are randomly redirected to unwanted websites.

Verification:
  • Log in your website as an Administrator.
  • Go to Appearance >> Theme Editor.
  • Click on the Theme Functions link on the right side.
  • Verify if malicious code was injected into the functions.php file.

Example of malicious code:

<?php @ini_set('display_errors', '0'); 
error_reporting(0); 
global $zeeta;
  • Download the wp-config.php file to your machine via FTP or SSH.
  • Verify if malicious code was injected into the wp-config.php file.

Example of malicious code:

include_once(ABSPATH . WPINC . '/header.php');
      Solution:
      • Stop the website.
      • Download the whole website to your local machine.
      cd /var/www/huybien.com
      sudo zip -r huybien.zip /var/www/huybien.com/html
      
      • Download the latest version of WordPress.
      • Unzip and the latest version of WordPress to a new folder.
      • Copy the wp-content/uploads folder, the wp-config.php, .htaccess, web.config, and ads.txt file from your original website to the new folder.
      • Review and remove all the suspicious contents in the wp-content/uploads directory of the new folder.
      • Go to the wp-content\themes folder of the new folder.
      • Manually re-download and unzip all the necessary themes.
      • Go to the wp-content\plugins folder of the new folder.
      • Manually re-download and unzip all the necessary plugins. Pay attention to the plugins that were closed due to Guideline Violation.
      • Delete all your website content in your root directory in your hosting server.
      cd /var/www/huybien.com/html
      sudo rm -rf *
      ls -a
      • Zip and upload the new folder (without the folder name) to your hosting server. The typical path is /home/ubuntu.
      • Unzip the new content to your root website directory.
      cd /home/ubuntu
      unzip huybien.zip -d /var/www/huybien.com/html
      • Start the website.
      Configuration:
      • Log in your website as an Administrator.
      • Change your Administrator’s password.
      • Change permissions for the html folder.
        sudo chmod -R 777 /var/www/huybien.com/html
      • Remove all the unused plug-ins or themes.
      • Revert permissions for the html folder and set permissions for the wp-content folder.
        sudo chmod -R 775 /var/hosting/huybien.com/html
        sudo chmod -R 777 /var/hosting/huybien.com/html/wp-content
      • Install, activate and configure a CAPTCHA plug-in to protect Login Form, Registration Form, Lost Password Form, Reset Password Form and Comment Form if there is no one.
      • Disable insecure FTP access if there is one.
      • Install and activate the Simple History plugin to review access to your website. After 1 or 2 days, review the access information, and possibly block the malicious IP addresses using the Windows Firewall.
      • Install, activate and configure Cerber Security plug-in to automatically detect and block the malicious IP addresses.

       

       

      How to Manually Install PHP 7.4 for Windows Server 2019

      Motivation:

      To understand how PHP works with IIS in order to be able to update PHP to any version to address compatibility or security issues.

      Using a tool to install PHP for IIS, for example Microsoft Web Platform Installer 5.0 https://www.microsoft.com/web/downloads/platform.aspx, restricts us from using only versions supported by the tool.

      Solution:

      • Install CGI for IIS.
      • Download VC15 x86 Non Thread Safe package here or under PHP 7.4 section from http://windows.php.net/download/
      • Extract the ZIP file to the C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 folder.
      • Rename the php-.ini-development file to php.ini.
      • Open the php.ini file and add the following line at the end of the file.
      extension=php_wincache.dll
      • Uncomment the following lines
      fastcgi.impersonate = 1;
      
      cgi.fix_pathinfo=1;
      cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
      
      extension_dir = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext"
      
      extension=php_curl.dll
      extension=php_fileinfo.dll
      extension=php_mbstring.dll
      extension=php_exif.dll
      extension=php_mysqli.dll
      extension=php_pdo_mysql.dll
      extension=php_openssl.dll
      
      error_log = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php_errors.log"
      
      error_log = syslog
      • A sample php.ini file can be download here.
      • Add C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 to System Path.
      • Download x86 package of WinCache 2.0 for PHP 7.4 here or from https://sourceforge.net/projects/wincache/.
      • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext
        folder.
      • Open IIS, click on Server name, double click on Handler Mappings, click on Add Module Mapping, and enter below information
      Request path = *.php
      Module = FastCgiModule
      Executable = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php-cgi.exe"
      Name = PHP 7.4
      Request Restrictions = File or folder

      Open a Command Prompt, execute below command and ensure that NO WARNINGS APPEAR.

      php -version
      • Create phpinfo.php file with below content in the website folder and test the result.
      <?php
      phpinfo();
      ?>

       

      How to Fully Uninstall Cocoapods from macOS

      Problem:

      You run pod update but you get command not found error.

      You want to fully uninstall the Cocoapods from macOS, and then to reinstall it to remove the error.

      Solution:

      Execute below commands:

      for i in $( gem list --local --no-version | grep cocoapods );
      do 
          sudo gem uninstall $i; 
      done
      rm -rf ~/.cocoapods

      If you have a Cocoapods icon on the Launchpad then

        • Click on the  Cocoapods icon on the Launchpad,
        • Right click the Cocoapods icon in the Dock,
        • Point your mouse to Options, then click Show in Finder,
        • Right click the Cocoapods icon and select Move to Trash.

      Execute below command to reinstall Cocoapods

      sudo gem install cocoapods

       

      How to fix “An internal error has occurred” issue of Remote Desktop Connection

      Problem:

      You get “An internal error has occurred” error message when trying to connect to a remote machine using Remote Desktop Connection.

      Solution:

      1. Type Local Security Policy to the Windows Search box.

      2. Click Open link.

      3. Expand Local Policies > Security Options on the left panel.

      4.  Double click on System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing row on the right panel.

      5. Select Enabled, click Apply and click OK.

      How to add multiple IPs to an Amazon EC2 virtual machine

      Motivation:

      You have a Server 2008 R2 machine on Amazon EC2.

      You want to secure multiple domains using different  SSL/TLS certificates.

      Server 2008 R2 does not support Server Name Indication (SNI). Therefore you need to add multiple IPs to Server 2008 R2 machine to use different SSL/TLS certificates.

      Solution:
      1. Create an EC2 virtual machine.
      2. Click on Network Interfaces tab.
      3. Click Create Network Interface button or select an existing network interface and select Actions > Attach.
      4. Click on a network interface ID, click Actions, click Manage IP Addresses, click on the network interface name (beginning with eth…), click the Assign new IP Address button, enter a private IP Address (e.g. 172.30.0.32), click the Save button, click the Confirm button.
      5. Click Elastic IPs tab, click the Allocate Elastic IP address button, click the Allocate button, optionally name the new allocated IP.
      6. Select the new allocated IP, click on Actions , click Associate Address, choose Network interface, then choose a private IP of the network interface with which the elastic IP will be associated, click the Associate button.
      7. Login Windows.
      8. View the network configuration using below command, note the Default Gateway and DNS Servers information.
      ipconfig /all

      9. Open Control Panel\All Control Panel Items\Network and Sharing Center.

      10. Click Change adapter settings link, click a Local Area Network Connection Network.

      11. Manually enter one IP address, Default Gateway and DNS Servers information.

      12. Click Advance… button to open Advanced TCP/IP Settings screen, and add the private IPs in the 4th step to the machine.

      13. Restart the machine.

      If you get any issue then try limit the number of private IPs of a network interface to 4 (including the default private IP).

      How to move a WordPress instance from one server to another Linux server

      Motivation:

      You want to move a WordPress instance from one server to another to consolidate your websites to reduce cost.

      Solution:

      Install and use below Duplicator plugin to achieve your goal.

      https://wordpress.org/plugins/duplicator/

      User guide: https://snapcreek.com/duplicator/docs/quick-start/

      If everything goes well for you then congratulation!

      Otherwise, please review below possible problems and corresponding solutions.


      Problem 1:

      You don’t have a website on the new server.

      Solution 1:

      1. Create a new virtual host in the /etc/httpd/conf/httpd.conf

      <VirtualHost *:80>
      ServerName example.com
      ServerAlias www.example.com
      DocumentRoot "/var/www/www.example.com"
      </VirtualHost>

      2. Set 775 permission for /var/www/www.example.com

      3. Restart httpd service

      sudo systemctl restart httpd

      Problem 2:

      You are using Amazon Linux 2 server.

      You are logged in as ec2-user.

      You use WinSCP to upload files and edit configuration files.

      You cannot modify /etc/httpd/conf/httpd.conf and /etc/php.ini.

      Solution 2:

      1 View permission settings for the file

      ls -ld /etc/httpd/conf/httpd.conf

      The result indicates that the file owner is root user and root group, not ec2-user.

      2. View groups of a user

      groups ec2-user

      The result indicates that the ec2-user does not belong to root group.

      3. Add a user to root group

      sudo usermod -a -G root ec2-user

      4. Grant Read-Write permission against a file to root group

      sudo chmod g+rwx /etc/httpd/conf/httpd.conf
      sudo chmod g+rwx /etc/php.ini

      5. Logout and login to the server again.


      Problem 3:

      You are using Amazon Linux 2 server. The ZipArchive feature is missing.

      Solution 3:

      1. Execute below commands:

      sudo amazon-linux-extras install php7.2
      sudo yum install php-pear php-devel gcc libzip-devel zlib-devel
      sudo pecl install zip-1.13.5 # we must specify a slightly older version due due to compatibility

      2. Add “extension=zip.so” to /etc/php.ini

      3. Restart the server

      sudo reboot

      Problem 4:

      You don’t have a WordPress database on the new Linux server.

      Solution 4:

      Execute below MySQL commands:

      CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
      CREATE DATABASE `wp_database`;
      GRANT ALL PRIVILEGES ON `wp_database`.* TO "username"@"localhost";
      FLUSH PRIVILEGES;

      Problem 5:

      An database error occurs while restoring a website.

      Solution 5:

      1. Execute below commands to remove the website:

      sudo chown -R ec2-user:apache /var/www/example.com
      sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
      find /var/www/example.com -type f -exec sudo chmod 0664 {} \;
      rm -r /var/www/example.com

      2. Upload the Duplicator files again, and restore the website again.


      Problem 6:

      No write access against /var/www/example.com is available for Duplicator.

      Solution 6:

      1. Execute below commands:

      sudo chown -R ec2-user:apache /var/www/example.com
      sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
      find /var/www/example.com -type f -exec sudo chmod 0664 {} \;

      2. Run http://example.com/installer.php again.

      Setting File Permissions for WordPress on IIS

      Motivation:

      • You have a WordPress instance in Windows with IIS.
      • You upload a file. Its thumbnail is not shown in Media Library.
      • You change the file permission. Its thumbnail now is shown correctly in Media Library.
      • You upload another file and have to change the file permission manually again.
      • How can we make WordPress automatically set the correct permission for new uploaded files?

      Procedure:

      1. Ensure that the the Identity of Application pool that the website is running under is ApplicationPoolIdentity.
      2. Execute below commands as Administrator
      icacls "C:\inetpub\wwwroot\domain.com" /grant "IUSR":(OI)(CI)F /T
      icacls "C:\inetpub\wwwroot\domain.com" /grant "IIS_IUSRS":(OI)(CI)F /T

      3. Open IIS Manager, click on your website, click Authentication, click Anonymous Authentication (which should be the only one enabled), click Edit, select Application pool identity if it is not selected, click OK.

      How to change a WordPress website’s domain name?
      • Open the wp-config.php file.
      • Add two lines to the file, right before /* That’s all, stop editing! Happy blogging. */:
      define('WP_HOME','http://example.com');
      define('WP_SITEURL','http://example.com');
      • Bulk edit the posts content if needed.

      How to change language of an EPUB file

      Problem: Sometimes you have an EPUB file encoded with a wrong language tag.
      Therefore when you use the Read aloud feature of the Google Play Books application the book is read aloud in a wrong language.

      Solution:

      1. Download the EPUB file to a PC.
      2. Change the extension from EPUB to ZIP.
      3. Open the .ZIP file.
      4. Open the content.opf file using the Notepad app.
      5. If you cannot file this content.opf file then please navigate to the OEBPS folder.
      6. Find the tag <dc:language> and change its value (e.g. from <dc:language>en</dc:language>to <dc:language>vi</dc:language>).
      7. If you cannot find the tag <dc:language> then just add a new tag right above the </metadata> tag (e.g.
        <dc:language>vi</dc:language>
        </metadata>
      8. Save the content.opf file and rezip the EPUB file.
      9. Change the file extension from ZIP to EPUB.

      How to Manually Install PHP 7.1 for Windows Server 2016

      Motivation:

      To understand how PHP works with IIS in order to be able to update PHP to any version to address compatibility or security issues.

      Using a tool to install PHP for IIS, for example Microsoft Web Platform Installer 5.0 https://www.microsoft.com/web/downloads/platform.aspx, restricts us from using only versions supported by the tool.

      Solution:

      • Install CGI for IIS.
      • Download VC14 x86 Non Thread Safe package here or under PHP 7.1 section from http://windows.php.net/download/
      • Extract the ZIP file to C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86 folder.
      • Rename the php-.ini-development file to php.ini.
      • Open the php.ini file and add the following line at the end of the file.
      extension=php_wincache.dll
      • Uncomment the following lines
      fastcgi.impersonate = 1;
      
      cgi.fix_pathinfo=1;
      cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)
      
      extension_dir = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\ext"
      
      extension=php_curl.dll
      extension=php_mbstring.dll
      extension=php_mysqli.dll
      extension=php_pdo_mysql.dll
      extension=php_openssl.dll
      
      error_log = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\php_errors.log"
      
      error_log = syslog
      • Add C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86 to System Path.
      • Download x86 package of WinCache 2.0 for PHP 7.1  here or from https://www.iis.net/downloads/microsoft/wincache-extension
      • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\ext
        folder.
      • Open IIS, click on Server name, double click on Handler Mappings > Add Module Mapping with below information
      Request path = *.php
      Module = FastCgiModule
      Executable = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\php-cgi.exe"
      Name = PHP 7.1
      Request Restrictions = File or folder
      php -version
      • Create phpinfo.php file with below content in the website folder and test the result.
      <?php
      phpinfo();
      ?>

       

      How to Install Intel HAXM in a Machine with Hyper-V

      Problem:

      Intel HAXM helps speeding up Android emulators. However it cannot work in parallel with Hyper-V.

      You want to install Intel HAXM without removing Hyper-V.

      Solution:

      Use the steps below to temporarily turn Hyper-V off to install Intel HAXM and launch Android Studio emulators.

      1. Open a Command Prompt or PowerShell as Admin
      2. Execute the command below to turn Hyper-V off
      bcdedit /set hypervisorlaunchtype off

      3. Restart your computer.

      4. Install Intel HAXM

      sdk\extras\intel\Hardware_Accelerated_Execution_Manager\intelhaxm-android.exe
      where sdk is the location of Android SDK.

      5. Verify Intel HAXM installation

      sc query intelhaxm

      To turn Hyper-V on again, use the steps below:

      1. Open a Command Prompt or PowerShell as Admin
      2. Execute the command below to turn Hyper-V off
      bcdedit /set hypervisorlaunchtype auto start

      3. Restart your computer.