Category Archives: Technologies

How to Fix a Hacked WordPress Website

Problem:

When you visit your WordPress website you are randomly redirected to unwanted websites.

Solution:
  • Log in your website as an Administrator.
  • Go to Appearance >> Theme Editor.
  • Click on the Theme Functions link on the right side.
  • Verify if malicious code was injected into the functions.php file.

Example of malicious code:

<?php
@ini_set('display_errors', '0');
error_reporting(0);
global $zeeta;
if (!$npDcheckClassBgp && !isset($zeeta)) {
  • If yes, then download the functions.php file to your machine via FTP, remove the malicious code, then upload it to your server.
  • If you have several themes in your website then activate them one by one and repeat the procedure for all of them.
  • Open the wp-config.php file.
  • Verify if malicious code was injected into the wp-config.php file.

Example of malicious code:

include_once(ABSPATH . WPINC . '/header.php');
  • If yes, then verify content of the wp-includes/header.php file, and possibly remove the wp-includes/header.php file, then remove the malicious code in the wp-config.php file.
  • Copy a small string of malicious code, for example npDcheckClassBgp, and search for it in the content of all the files using the commands (in Windows) below.
cd C:\inetpub\wwwroot
findstr /s "npDcheckClassBgp" *.*

where C:\inetpub\wwwroot is the path of the parent of your WordPress website.

  • If you find the string in any file then review the content of the file and remove the malicious code.
  • In Windows, stop the website using the command below.
net stop w3svc
  • Delete all the files and folders except the wp-content folder, the wp-config.php, .htaccess, and web.config file.
  • Review and remove all the suspicious contents in your wp-content directory.
  • Go to the wp-content\plugins folder.
  • Delete all the plugins, especially the plugins closed due to Guideline Violation.
  • Manually re-download and unzip all the necessary plugins.
  • Download the latest version of WordPress.
  • Unzip and copy the the latest version of WordPress to the root of your website.
  • In Windows, start the website using the command below.
net start w3svc
  • Log in your website as an Administrator.
  • Remove all the unused plug-ins or themes.
  • Install, activate and configure a CAPTCHA plug-in to protect Login Form, Registration Form, Lost Password Form, Reset Password Form and Comment Form if there is no one.
  • Disable insecure FTP access if there is one.
  • Install and activate the Simple History plugin to review access to your website. After 1 or 2 days, review the access information, and possibly block the malicious IP addresses using the Windows Firewall.
  • Install, activate and configure Cerber Security plug-in to automatically detect and block the malicious IP addresses.

 

How to Manually Install PHP 7.4 for Windows Server 2019

Motivation:

To understand how PHP works with IIS in order to be able to update PHP to any version to address compatibility or security issues.

Using a tool to install PHP for IIS, for example Microsoft Web Platform Installer 5.0 https://www.microsoft.com/web/downloads/platform.aspx, restricts us from using only versions supported by the tool.

Solution:

  • Install CGI for IIS.
  • Download VC15 x86 Non Thread Safe package here or under PHP 7.4 section from http://windows.php.net/download/
  • Extract the ZIP file to the C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 folder.
  • Rename the php-.ini-development file to php.ini.
  • Open the php.ini file and add the following line at the end of the file.
extension=php_wincache.dll
  • Uncomment the following lines
fastcgi.impersonate = 1;

cgi.fix_pathinfo=1;
cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)

extension_dir = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext"

extension=php_curl.dll
extension=php_fileinfo.dll
extension=php_mbstring.dll
extension=php_exif.dll
extension=php_mysqli.dll
extension=php_pdo_mysql.dll
extension=php_openssl.dll

error_log = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php_errors.log"

error_log = syslog
  • A sample php.ini file can be download here.
  • Add C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86 to System Path.
  • Download x86 package of WinCache 2.0 for PHP 7.4 here or from https://sourceforge.net/projects/wincache/.
  • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\ext
    folder.
  • Open IIS, click on Server name, double click on Handler Mappings, click on Add Module Mapping, and enter below information
Request path = *.php
Module = FastCgiModule
Executable = "C:\Program Files (x86)\php-7.4.9-nts-Win32-vc15-x86\php-cgi.exe"
Name = PHP 7.4
Request Restrictions = File or folder

Open a Command Prompt, execute below command and ensure that NO WARNINGS APPEAR.

php -version
  • Create phpinfo.php file with below content in the website folder and test the result.
<?php
phpinfo();
?>

 

How to Trim MP4 Files Without Re-Encoding

Motivation:

You have MP4 files with unwanted portions. You want to trim these portions.

Solution:

  1. Download XMedia Recode.
  2. Under the Format tab set
    Profile = Custom
    Format = MP4
    File Extension = mp4
  3. Click the Video tab and select Copy Mode.
  4. Click the Audio tab and select Copy Mode.
  5. Click the Filters/Preview tab and set Start Time and to (End Time).
  6. Click Add to queue button on the tool bar.
  7. Click Encode on the tool bar.

 

How to Fully Uninstall Cocoapods from macOS

Problem:

You run pod update but you get command not found error.

You want to fully uninstall the Cocoapods from macOS, and then to reinstall it to remove the error.

Solution:

Execute below commands:

for i in $( gem list --local --no-version | grep cocoapods );
do 
    sudo gem uninstall $i; 
done
rm -rf ~/.cocoapods

If you have a Cocoapods icon on the Launchpad then

    • Click on the  Cocoapods icon on the Launchpad,
    • Right click the Cocoapods icon in the Dock,
    • Point your mouse to Options, then click Show in Finder,
    • Right click the Cocoapods icon and select Move to Trash.

Execute below command to reinstall Cocoapods

sudo gem install cocoapods

 

How to fix “An internal error has occurred” issue of Remote Desktop Connection

Problem:

You get “An internal error has occurred” error message when trying to connect to a remote machine using Remote Desktop Connection.

Solution:

1. Type Local Security Policy to the Windows Search box.

2. Click Open link.

3. Expand Local Policies > Security Options on the left panel.

4.  Double click on System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing row on the right panel.

5. Select Enabled, click Apply and click OK.

How to add multiple IPs to an Amazon EC2 virtual machine

Motivation:

You have a Server 2008 R2 machine on Amazon EC2.

You want to secure multiple domains using different  SSL/TLS certificates.

Server 2008 R2 does not support Server Name Indication (SNI). Therefore you need to add multiple IPs to Server 2008 R2 machine to use different SSL/TLS certificates.

Solution:
  1. Create an EC2 virtual machine.
  2. Click on Network Interfaces tab.
  3. Click Create Network Interface button or select an existing network interface and select Actions > Attach.
  4. Select an existing network interface and select and click Manage IP Addresses to create private IPs for the network interface.
  5. Click Elastic IPs tab and allocate elastic IPs for your need.
  6. Select an elastic IP and click on Actions > Associate Address to associate a private IP of the network interface with an elastic IP.
  7. Login Windows.
  8. View the network configuration using below command, note the Default Gateway and DNS Servers information.
ipconfig /all

9. Open Control Panel\All Control Panel Items\Network and Sharing Center.

10. Click Change adapter settings link, click a Local Area Network Connection Network.

11. Manually enter one IP address, Default Gateway and DNS Servers information.

12. Click Advance… button to open Advanced TCP/IP Settings screen, and add the private IPs in the 4th step to the machine.

13. Restart the machine.

If you get any issue then try limit the number of private IPs of a network interface to 4 (including the default private IP).

How to move a WordPress instance from one server to another Linux server

Motivation:

You want to move a WordPress instance from one server to another to consolidate your websites to reduce cost.

Solution:

Install and use below Duplicator plugin to achieve your goal.

https://wordpress.org/plugins/duplicator/

User guide: https://snapcreek.com/duplicator/docs/quick-start/

If everything goes well for you then congratulation!

Otherwise, please review below possible problems and corresponding solutions.


Problem 1:

You don’t have a website on the new server.

Solution 1:

1. Create a new virtual host in the /etc/httpd/conf/httpd.conf

<VirtualHost *:80>
ServerName example.com
ServerAlias www.example.com
DocumentRoot "/var/www/www.example.com"
</VirtualHost>

2. Set 775 permission for /var/www/www.example.com

3. Restart httpd service

sudo systemctl restart httpd

Problem 2:

You are using Amazon Linux 2 server.

You are logged in as ec2-user.

You use WinSCP to upload files and edit configuration files.

You cannot modify /etc/httpd/conf/httpd.conf and /etc/php.ini.

Solution 2:

1 View permission settings for the file

ls -ld /etc/httpd/conf/httpd.conf

The result indicates that the file owner is root user and root group, not ec2-user.

2. View groups of a user

groups ec2-user

The result indicates that the ec2-user does not belong to root group.

3. Add a user to root group

sudo usermod -a -G root ec2-user

4. Grant Read-Write permission against a file to root group

sudo chmod g+rwx /etc/httpd/conf/httpd.conf
sudo chmod g+rwx /etc/php.ini

5. Logout and login to the server again.


Problem 3:

You are using Amazon Linux 2 server. The ZipArchive feature is missing.

Solution 3:

1. Execute below commands:

sudo amazon-linux-extras install php7.2
sudo yum install php-pear php-devel gcc libzip-devel zlib-devel
sudo pecl install zip-1.13.5 # we must specify a slightly older version due due to compatibility

2. Add “extension=zip.so” to /etc/php.ini

3. Restart the server

sudo reboot

Problem 4:

You don’t have a WordPress database on the new Linux server.

Solution 4:

Execute below MySQL commands:

CREATE USER 'username'@'localhost' IDENTIFIED BY 'password';
CREATE DATABASE `wp_database`;
GRANT ALL PRIVILEGES ON `wp_database`.* TO "username"@"localhost";
FLUSH PRIVILEGES;

Problem 5:

An database error occurs while restoring a website.

Solution 5:

1. Execute below commands to remove the website:

sudo chown -R ec2-user:apache /var/www/example.com
sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
find /var/www/example.com -type f -exec sudo chmod 0664 {} \;
rm -r /var/www/example.com

2. Upload the Duplicator files again, and restore the website again.


Problem 6:

No write access against /var/www/example.com is available for Duplicator.

Solution 6:

1. Execute below commands:

sudo chown -R ec2-user:apache /var/www/example.com
sudo chmod 2775 /var/www/example.com && find /var/www/example.com -type d -exec sudo chmod 2775 {} \;
find /var/www/example.com -type f -exec sudo chmod 0664 {} \;

2. Run http://example.com/installer.php again.

Setting File Permissions for WordPress on IIS

Motivation:

  • You have a WordPress instance in Windows with IIS.
  • You upload a file. Its thumbnail is not shown in Media Library.
  • You change the file permission. Its thumbnail now is shown correctly in Media Library.
  • You upload another file and have to change the file permission manually again.
  • How can we make WordPress automatically set the correct permission for new uploaded files?

Procedure:

  1. Ensure that the the Identity of Application pool that the website is running under is ApplicationPoolIdentity.
  2. Execute below commands as Administrator
icacls "C:\inetpub\wwwroot\domain.com" /grant "IUSR":(OI)(CI)F /T
icacls "C:\inetpub\wwwroot\domain.com" /grant "IIS_IUSRS":(OI)(CI)F /T

3. Open IIS Manager, click on your website, click Authentication, click Anonymous Authentication (which should be the only one enabled), click Edit, select Application pool identity if it is not selected, click OK.

How to change a WordPress website’s domain name?
  • Open the wp-config.php file.
  • Add two lines to the file, right before /* That’s all, stop editing! Happy blogging. */:
define('WP_HOME','http://example.com');
define('WP_SITEURL','http://example.com');
  • Bulk edit the posts content if needed.

How to change language of an EPUB file

Problem: Sometimes you have an EPUB file encoded with a wrong language tag.
Therefore when you use the Read aloud feature of the Google Play Books application the book is read aloud in a wrong language.

Solution:

  1. Download the EPUB file to a PC.
  2. Change the extension from EPUB to ZIP.
  3. Open the .ZIP file.
  4. Open the content.opf file using the Notepad app.
  5. If you cannot file this content.opf file then please navigate to the OEBPS folder.
  6. Find the tag <dc:language> and change its value (e.g. from <dc:language>en</dc:language>to <dc:language>vi</dc:language>).
  7. If you cannot find the tag <dc:language> then just add a new tag right above the </metadata> tag (e.g.
    <dc:language>vi</dc:language>
    </metadata>
  8. Save the content.opf file and rezip the EPUB file.
  9. Change the file extension from ZIP to EPUB.

How to Manually Install PHP 7.1 for Windows Server 2016

Motivation:

To understand how PHP works with IIS in order to be able to update PHP to any version to address compatibility or security issues.

Using a tool to install PHP for IIS, for example Microsoft Web Platform Installer 5.0 https://www.microsoft.com/web/downloads/platform.aspx, restricts us from using only versions supported by the tool.

Solution:

  • Install CGI for IIS.
  • Download VC14 x86 Non Thread Safe package here or under PHP 7.1 section from http://windows.php.net/download/
  • Extract the ZIP file to C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86 folder.
  • Rename the php-.ini-development file to php.ini.
  • Open the php.ini file and add the following line at the end of the file.
extension=php_wincache.dll
  • Uncomment the following lines
fastcgi.impersonate = 1;

cgi.fix_pathinfo=1;
cgi.force_redirect = 1 (and change the value to 0, i.e. cgi.force_redirect = 0)

extension_dir = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\ext"

extension=php_curl.dll
extension=php_mbstring.dll
extension=php_mysqli.dll
extension=php_pdo_mysql.dll
extension=php_openssl.dll

error_log = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\php_errors.log"

error_log = syslog
  • Add C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86 to System Path.
  • Download x86 package of WinCache 2.0 for PHP 7.1  here or from https://www.iis.net/downloads/microsoft/wincache-extension
  • Extract and copy the php_wincache.dll file to C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\ext
    folder.
  • Open IIS, click on Server name, double click on Handler Mappings > Add Module Mapping with below information
Request path = *.php
Module = FastCgiModule
Executable = "C:\Program Files (x86)\php-7.1.33-nts-Win32-VC14-x86\php-cgi.exe"
Name = PHP 7.1
Request Restrictions = File or folder
php -version
  • Create phpinfo.php file with below content in the website folder and test the result.
<?php
phpinfo();
?>