Magda Sicknick

WordPress

by Leave a Comment

Synology mail() function

If you’re like me, and you have your WordPress site set up on your Synology box, the moment you forget your password to your login you’re kind of SOL.

You think you can click the Lost your password? link, enter your email, and your password reset link will be sent to you, except you get an error message:

The email could not be sent.
Possible reason: your host may have disabled the mail() function.

Now what?

Well, It is actually fairly simple to fix.

  1. Navigate to your Control panel -> Notifications -> Email
  2. Check Enable email notificaions
  3. Enter the Recipient’s email address
  4. Choose your Service provider
  5. Log in to your service provider
  6. Save your settings, and send out a test e-mail to confirm that they work

by Leave a Comment

Configure PHP mail() on Ubuntu

If you have installed WordPress on your Ubuntu instance, and choose to use a plugin such as Contact Form 7 (highly recommended), you might notice that your emails are not sending – because you have to enable the PHP mail() function on your system.

To do so, initialize puTTy or any other SSH client you use.

Step 1 – Install sendmail

The first thing you need to do is install the sendmail package on your system with the following command:

$ sudo apt-get install sendmail

Step 2 – Configure sendmail

Once the package installs, you need to configure it. To do so, run the following command:

$ sudo sendmailconfig

Choose Y for every question to follow, unless you have your own configurations to apply.

Step 3 – Check host file

$ sudo nano /etc/hosts

Make sure your hosts file contains 127.0.0.1 localhost
If it does not, add it and Save.

Step 4 – Restart Apache

The server does not need to be restarted, but I like to do so for good measure. The PHP mail() function should be working now, and we can test it in the following step.

To restart Apache:

$ sudo service apache2 restart

To restart Nginx:

$ sudo service nginx restart

Step 5 – Test the mail() function

The final step is to test your mail configuration.

To test with command line:
$ php -a
php > mail('you@example.com', "Test Subject", "Test message");
php > exit();

Note: If after running php -a, you get Interactive mode enabled message but no php > prompt, then your PHP is not compiled with readline support.

If you run into that issue, you can create a testmail.php file with the following code inside:

<?php
    mail('you@example.com', "Test Subject", "Test message");
?>

and run it with

$ php -f testmail.php

If you can’t see any email form PHP, then that means its PHP’s fault.
Check value of sendmail_path in php.ini config by running

$ which sendmail

You should get back a path similar to /usr/sbin/sendmail.

To test with WordPress

If PHP can send mails, but WordPress cannot, it must be an issue on WordPress’s end.

  • If you have not already, install the WP Mail SMTP plugin.
  • In the plugin, enter wordpress@yourdomain.com for the ‘From’ address, and your preferred ‘From’ name below it.
  • Leave the Mailer setting at the default PHP, and save.
  • Proceed to the Email Test tab and enter your email address.

If you receive your email, you are good to go.
If you get an error, check out the support forum for WP Mail SMTP to troubleshoot your issue!

by Leave a Comment

Securing Apache with Let’s Encrypt on Ubuntu 16.04

This tutorial will show you how to set up a TLS/SSL certificate from Let’s Encrypt on an Ubuntu 16.04 server running Apache as a web server.

SSL certificates are used within web servers to encrypt the traffic between the server and client, providing extra security for users accessing your application. Let’s Encrypt provides an easy way to obtain and install trusted certificates for free.

Step 1 — Install the Let’s Encrypt Client

Let’s Encrypt certificates are fetched via client software running on your server. The official client is called Certbot, and its developers maintain their own Ubuntu software repository with up-to-date versions. Because Certbot is in such active development it’s worth using this repository to install a newer version than Ubuntu provides by default.

First, add the repository:

$ sudo add-apt-repository ppa:certbot/certbot

You’ll need to press ENTER to accept. Afterwards, update the package list to pick up the new repository’s package information:

$ sudo apt-get update

And finally, install Certbot from the new repository with apt-get:

$ sudo apt-get install python-certbot-apache

The certbot Let’s Encrypt client is now ready to use.

Step 2 — Set Up the SSL Certificate

Generating the SSL certificate for Apache using Certbot is quite straightforward. The client will automatically obtain and install a new SSL certificate that is valid for the domains provided as parameters.

To execute the interactive installation and obtain a certificate that covers only a single domain, run the certbot command like so, where example.com is your domain:

$ sudo certbot --apache -d example.com

If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate, and for that reason we recommend that you pass the bare top-level domain name as first in the list, followed by any additional subdomains or aliases:

$ sudo certbot --apache -d example.com -d www.example.com

For this example, the base domain will be example.com.

If you have multiple virtual hosts, you should run certbot once for each to generate a new certificate for each. You can distribute multiple domains and subdomains across your virtual hosts in any way.

After the dependencies are installed, you will be presented with a step-by-step guide to customize your certificate options. You will be asked to provide an email address for lost key recovery and notices, and you will be able to choose between enabling both http and https access or forcing all requests to redirect to https. It is usually safest to require https, unless you have a specific need for unencrypted http traffic.

When the installation is finished, you should be able to find the generated certificate files at /etc/letsencrypt/live. You can verify the status of your SSL certificate with the following link (don’t forget to replace example.com with your base domain):

https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest
You should now be able to access your website using a https prefix.

Step 3 — Verifying Certbot Auto-Renewal

Let’s Encrypt certificates only last for 90 days. However, the certbot package we installed takes care of this for us by running certbot renew twice a day via a systemd timer. On non-systemd distributions this functionality is provided by a cron script placed in /etc/cron.d. The task runs twice daily and will renew any certificate that’s within thirty days of expiration.

To test the renewal process, you can do a dry run with certbot:

$ sudo certbot renew --dry-run

If you see no errors, you’re all set. When necessary, Certbot will renew your certificates and reload Apache to pick up the changes. If the automated renewal process ever fails, Let’s Encrypt will send a message to the email you specified, warning you when your certificate is about to expire.

Conclusion

In this guide, we saw how to install a free SSL certificate from Let’s Encrypt in order to secure a website hosted with Apache. We recommend that you check the official Let’s Encrypt blog for important updates from time to time, and read the Certbot documentation for more details about the Certbot client.

by Leave a Comment

WordPress on Synology

PHP version

Most hosts use PHP 5.6, but I do suggest using 7.0

php.ini file

Change the following memory limits for optimal use with wordpress:

upload_max_filesize = 32M
post_max_size = 48M
memory_limit = 128M
max_execution_time = 600
max_input_vars = 10000
max_input_time = 400

required extensions:

  • cURL – 127 uses (requires libcurl)
    • HTTP API (class WP_Http_curl)
    • url_is_accessable_via_ssl()
    • SimplePie (overridden with class WP_SimplePie_File)
    • GoogleSpell (from TinyMCE package, is not used?)
  • Date/Time – 367 uses
  • DOM – 6 uses (requires libxml)
    • iis7_rewrite_rule_exists()
    • iis7_delete_rewrite_rule()
    • iis7_add_rewrite_rule()
    • saveDomDocument()
  • POSIX Regex – 23 uses
  • Filter – 2 uses
    • class PHPMailer->ValidateAddress() (optional)
  • FTP – 72 uses
    • class ftp_base
    • class ftp (pure and sockets versions)
    • class WP_Filesystem_FTPext
    • class WP_Filesystem_ftpsockets
  • GD – 56 uses
    • wp-admin\includes\image-edit.php
    • wp-admin\includes\image.php
    • wp-includes\media.php
  • Hash – 6 uses
    • wp-includes\pluggable.php multiple uses (optional – fallback in wp-includes\compat.php)
  • iconv – 5 uses
    • class SimplePie (optional)
    • wp_check_invalid_utf8() (optional)
    • wp-mail.php (optional)
  • JSON – 20 uses
    • optional, fallbacks in wp-includes/compat.php
  • libxml – 4 uses
    • class WP_oEmbed->_parse_xml() (optional)
    • SimplePie
  • Multibyte String – 29 uses
    • some fallback in wp-includes/compat.php
  • MySQL – 60 uses
    • class wpdb
    • class SimplePie_Cache (overridden with class WP_Feed_Cache)
  • OpenSSL – 4 uses
    • class PHPMailer
  • PCRE – 743 uses
  • SimpleXML – 1 uses
    • class WP_oEmbed (seems optional)
  • Sockets – 64 uses
    • class ftp (sockets implementation)
  • SPL – 3 uses
  • Tokenizer – 3 uses
    • wp_doc_link_parse() (optional)
  • XML Parser – 89 uses
  • XMLReader – 1 uses
    • SimplePie (seems optional)
  • Zlib – 30 uses

by Leave a Comment

Setting up WordPress on Ubuntu

Step 1: Get the latest Ubuntu updates

Run the following command to get the latest updates/patches:

  • sudo apt-get update

Step 2: Install Apache Web Server

To install Apache web server, type the following command:

  • sudo apt-get install apache2 apache2-utils

Next, enable the service to start at boot time, as well as start the service:

  • sudo systemctl enable apache2
  • sudo systemctl start apache2

To test whether the server is running, open your web browser and enter http://server_address. The Apache2 default index page will be displayed in case the web server is up and running.

Note: The Apache default root directory is /var/www/html, all your web files will be stored in this directory.

Step 3: Install MySQL Database Server

Next, we need to install MySQL database server with the following command:

  • sudo apt-get install mysql-client mysql-server

During the installation, you will be asked to set the root user password for mysql as shown below. Choose a secure password and hit the OK button twice to proceed.

The database server deployment is not yet secure, for this reason, issue the following command to harden it’s security:

  • sudo mysql_secure_installation

You will be asked to install the ‘validate_password’ plugin, so type in Y/Yes and press Enter and choose the default password strength level.

If you do not want to change the root password, then type N/No when prompted to do so. Answer Y/Yes for the rest of the subsequent questions.

Step 4: Install PHP

PHP 7.0

To install PHP 7.0 and all the necessary modules to work with the web and database servers, run the following command:

$ sudo apt-get install php7.0 php7.0-mysql libapache2-mod-php7.0 php7.0-cli php7.0-cgi php7.0-gd
PHP 7.3

We will use the Ondřej Surý’s PPA to install PHP 7.3 version, so install the software-properties-common and python-software-properties packages:

  • sudo apt install software-properties-common python-software-properties

After the installation is complete, add the Ondřej PPA:

  • LC_ALL=C.UTF-8 add-apt-repository ppa:ondrej/php

and then update your sources:

  • sudo apt update

We can install PHP 7.3 with the following command:

  • sudo apt install php7.3 php7.3-cli php7.3-common

To check if PHP 7.3 is installed on your server, use the command below:

  • php -v

If you want to install a specific module for PHP 7.3, you can search with this command:

  • apt-cache search php7.3

Or, if you want to check all the PHP modules available in Ubuntu, run:

  • apt-cache search –names-only ^php

You can find the command below useful if you want to install the most frequently used PHP modules.

  • sudo apt install php-pear php7.3-curl php7.3-dev php7.3-gd php7.3-mbstring php7.3-zip php7.3-mysql php7.3-xml php7.3-fpm libapache2-mod-php7.3 php7.3-imagick php7.3-recode php7.3-tidy php7.3-xmlrpc php7.3-intl

To set PHP 7.0 as the default, run:

  • sudo update-alternatives –set php /usr/bin/php7.0

To set PHP 7.2 as the default, run:

  • sudo update-alternatives –set php /usr/bin/php7.2

To set PHP 7.3 as the default, run:

  • sudo update-alternatives –set php /usr/bin/php7.3

Before we can configure Apache to use PHP 7.3, we need to disable the old version of PHP 7.0 by typing:

  • sudo a2dismod php7.0

Now enable the newly installed PHP 7.3 version with the following command:

  • sudo a2enmod php7.3

Restart the Apache web server for the changes to take effect:

  • sudo systemctl restart apache2

To test your PHP installation, create a info.php file inside the /var/www/html directory with the following commands:

$ sudo nano /var/www/html/info.php

And paste the code below into the file

<?php 
    phpinfo();
?>

Note: To save and exit, press CTRL+X, confirm with a Y/y, and hit Enter to save.

You should then be able to navigate to http://server_address/info.php and see a page like the one below for successful confirmation of your PHP installation.

Step 4: Install phpMyAdmin

phpMyAdmin is the most common

$ sudo apt-get install phpmyadmin php-mbstring php-gettext

This will ask you a few questions in order to configure your installation correctly.

Warning: When the first prompt appears, apache2 is highlighted, but not selected. If you do not hit Space to select Apache, the installer will not move the necessary files during installation. Hit Space, Tab, and then Enter to select Apache.

For the server selection, choose apache2.
Select yes when asked whether to use dbconfig-common to set up the database
You will be prompted for your database administrator’s password
You will then be asked to choose and confirm a password for the phpMyAdmin application itself
The installation process actually adds the phpMyAdmin Apache configuration file into the /etc/apache2/conf-enabled/ directory, where it is automatically read.

The only thing we need to do is explicitly enable the PHP mcrypt and mbstring extensions, which we can do by typing:

$ sudo phpenmod mcrypt
$ sudo phpenmod mbstring

Afterwards, you’ll need to restart Apache for your changes to be recognized:

$ sudo systemctl restart apache2

You can now access the web interface by visiting http://server_address/phpmyadmin

Step 5: Install WordPress CMS

Download the latest WordPress package and extract it by issuing the commands below on the terminal:

$ wget -c http://wordpress.org/latest.tar.gz
$ tar -xzvf latest.tar.gz

Then move the WordPress files from the extracted folder to the Apache default root directory, /var/www/html/:

$ sudo rsync -av wordpress/* /var/www/html/

Next, set the correct permissions on the website directory, that is give ownership of the WordPress files to the web server as follows:

$ sudo chown -R www-data:www-data /var/www/html/
$ sudo chmod -R 755 /var/www/html/

Step 6: Create WordPress Database

Execute the command below and provide the root user password, then hit Enter to move to the mysql shell:

$ mysql -u root -p

You will be prompted to enter the password you created for the MySQL installation in Step 3.

At the mysql shell, type the following commands, pressing Enter after each line of a mysql command. Remember to use your own, valid values for database_name, database_user, and also use a strong and secure password as databaseuser_password:

mysql> CREATE DATABASE database_name;
mysql> GRANT ALL PRIVILEGES ON database_name.* TO 'database_user'@'localhost' IDENTIFIED BY 'databaseuser_password';
mysql> FLUSH PRIVILEGES;
mysql> EXIT;

Next, go the /var/www/html/ directory and rename existing wp-config-sample.php to wp-config.php with the following command:

$ sudo mv /var/www/html/wp-config-sample.php /var/www/html/wp-config.php

Open the file for editing:

$ sudo nano /var/www/html/wp-config.php

and update the file with your database information under the MySQL settings section in the highlighted spots:

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here'); /** MySQL database username */ define('DB_USER', 'username_here'); /** MySQL database password */ define('DB_PASSWORD', 'password_here'); /** MySQL hostname */ define('DB_HOST', 'localhost'); /** Database Charset to use in creating database tables. */ define('DB_CHARSET', 'utf8'); /** The Database Collate type. Don't change this if in doubt. */ define('DB_COLLATE', '');

Note: To save and exit, press CTRL+X, confirm with a Y/y, and hit Enter to save.

Afterwards, restart the web server and mysql service using the commands below:

$ sudo systemctl restart apache2.service 
$ sudo systemctl restart mysql.service

Open your web browser, then enter your server address: http://server-address to get the WordPress welcome page. Fill all requested on screen information, starting with your choice of language.

Step 7: Enable HTTPS and add an SSL Certificate

Note: Make sure you have HTTPS port 443 enabled in your hosts firewall. [Instructions here]

On Ubuntu systems, the Certbot team maintains a PPA. Once you add it to your list of repositories all you’ll need to do is apt-get the following packages.

$ sudo apt-get update
$ sudo apt-get install software-properties-common
$ sudo add-apt-repository ppa:certbot/certbot
$ sudo apt-get update
$ sudo apt-get install python-certbot-apache

Certbot has a fairly solid beta-quality Apache plugin, which is supported on many platforms, and automates certificate installation.

$ sudo certbot --apache

The Certbot packages on your system come with a cron job that will renew your certificates automatically before they expire. Since Let’s Encrypt certificates last for 90 days, it’s highly advisable to take advantage of this feature. You can test automatic renewal for your certificates by running this command:

$ sudo certbot renew --dry-run
I hope this tutorial was helpful.

Let’s Talk

Looking to get your business a website or update your current online presence?

Please send me information about you project so that I can determine how to best fulfill your needs.