Magda Sicknick

by Leave a Comment

Synology mail() function

If you’re like me, and you have your WordPress site set up on your Synology box, the moment you forget your password to your login you’re kind of SOL.

You think you can click the Lost your password? link, enter your email, and your password reset link will be sent to you, except you get an error message:

The email could not be sent.
Possible reason: your host may have disabled the mail() function.

Now what?

Well, It is actually fairly simple to fix.

  1. Navigate to your Control panel -> Notifications -> Email
  2. Check Enable email notificaions
  3. Enter the Recipient’s email address
  4. Choose your Service provider
  5. Log in to your service provider
  6. Save your settings, and send out a test e-mail to confirm that they work

by Leave a Comment

Customizing the login page for a Synology box

This post will guide you through on how to set up a customized login screen for a Synology Disk Station beyond the settings provided in the GUI. It will require you to understand how to connect to your Disk Station using terminal (here is the latest version of PuTTY). The following scripts will allow you to manipulate the CSS and the favicon of your device’s login screen.

NOTE: Be careful when messing with the internal file system of your device!!

 

Pre-requisite: Back up everything!

Everyone makes mistakes, and it is better to be safe than sorry.

Create a shared folder

First, we will create a directory for the new and backup files within your root directory:

  1. Navigate to the Control Panel on your Synology DiskStation.
  2. Under File Sharing choose Shared Folders.
  3. Click on Create and Create again.
  4. Name the new shared folder something along the lines of _DiskStation so that it shows up at the top of your shared folders list.
  5. Check all checkboxes to hide the shared folder from My Network Places and users without permissions.
  6. You do not have to encrypt the folder or enable a quota
  7. Click Apply
  8. Edit permissions so that only your admin account has Read/Write access to the shared folder.
Back up CSS folder
  1. Create a folder called ‘backup’ in the _DiskStation directory
  2. In terminal, navigate to /usr/syno/synoman/webman/resources/ 
    $ cd /usr/syno/synoman/webman/resources/
  3. Run the command: 
    $ sudo cp -r css /volume1/_DiskStation/backup/css_bak

    It may ask you for your administrator password again before running the command – enter it.

Back up mobile CSS files
  1. In terminal, navigate to /usr/syno/synoman/mobile/ 
    $ cd /usr/syno/synoman/mobile/
  2. Run the command: 
    $ sudo cp -r ui /volume1/_DiskStation/backup/ui_bak

    It may ask you for your administrator password again before running the command – enter it.

Prepare your files and folder structure

Note: There is a possibility of a DSM update overwriting the style files we will be updating, so in order to prevent it, we are going to create folders under the /volume1/_DiskStation directory and copy the files from there.

Folder structure

The following will be the structure of folders we will make to store our files:

_DiskStation
   customstyle
      loginstyle.css
      mobilestyle.css
   customimage
      background.jpg
   copystyles.sh
   fixoverwrites.sh
File contents

For this part, you will have to use inspect-element to find which pieces you want to modify. Remember that the mobile stylesheet is very different from the desktop version, so use the responsive and device-specific viewports to test your mobile changes.
Any changes you make should be done directly in the _DiskStation folder you created, and later copied into the internal directory.

Bash files

To make things easier and type less, I’ve compiled all the commands needed into two files. You can simply run them with the command 

$ sudo sh /volume1/_DiskStation/yourfilename.sh

The follwing should be ran only once, and after any DSM updates if the login page style gets overwritten:

echo "Removing unneccessary files..";
rm -r /usr/syno/synoman/webman/resources/css/desktop-default.css.gz
rm -r /usr/syno/synoman/webman/resources/css/desktop-business.css.gz
rm -r /usr/syno/synoman/webman/resources/css/desktop.css.gz
rm -r /usr/syno/synoman/webman/resources/css/desktop.css
rm -r /usr/syno/synoman/mobile/ui/style.css.gz

echo "Inserting import statement into stylesheets";
sed -i '1s/^/@import url("loginstyle.css");\n/' /usr/syno/synoman/webman/resources/css/desktop-default.css
sed -i '1s/^/@import url("loginstyle.css");\n/' /usr/syno/synoman/webman/resources/css/desktop-business.css
sed -i '1s/^/@import url("mobilestyle.css");\n/' /usr/syno/synoman/mobile/ui/style.css

echo "Success!";

The below should be ran whenever you make a change to the stylesheet to copy the files over.

echo "Copying stylesheets...";
cp -f /volume1/_DiskStation/customstyle/loginstyle.css /usr/syno/synoman/webman/resources/css
cp -f /volume1/_DiskStation/mobilestyle/mobilestyle.css /usr/syno/synoman/mobile/ui/

echo "Copying images...";
cp -Rf /volume1/_DiskStation/customimage /usr/syno/synoman/webman/resources/images
cp -Rf /volume1/_DiskStation/customimage /usr/syno/synoman/mobile/ui/images

echo "Updating permissions...";
find /usr/syno/synoman/webman/resources -type d -exec chmod 755 {} \;
find /usr/syno/synoman/webman/resources -type f -exec chmod 755 {} \;

find /usr/syno/synoman/mobile/ui -type d -exec chmod 755 {} \;
find /usr/syno/synoman/mobile/ui -type f -exec chmod 755 {} \;

echo "Success!";

CTRL+SHIFT+R and your changes should appear on your login screen!

Questions, comments, concerns?

by Leave a Comment

Configure PHP mail() on Ubuntu

If you have installed WordPress on your Ubuntu instance, and choose to use a plugin such as Contact Form 7 (highly recommended), you might notice that your emails are not sending – because you have to enable the PHP mail() function on your system.

To do so, initialize puTTy or any other SSH client you use.

Step 1 – Install sendmail

The first thing you need to do is install the sendmail package on your system with the following command:

$ sudo apt-get install sendmail

Step 2 – Configure sendmail

Once the package installs, you need to configure it. To do so, run the following command:

$ sudo sendmailconfig

Choose Y for every question to follow, unless you have your own configurations to apply.

Step 3 – Check host file

$ sudo nano /etc/hosts

Make sure your hosts file contains 127.0.0.1 localhost
If it does not, add it and Save.

Step 4 – Restart Apache

The server does not need to be restarted, but I like to do so for good measure. The PHP mail() function should be working now, and we can test it in the following step.

To restart Apache:

$ sudo service apache2 restart

To restart Nginx:

$ sudo service nginx restart

Step 5 – Test the mail() function

The final step is to test your mail configuration.

To test with command line:
$ php -a
php > mail('you@example.com', "Test Subject", "Test message");
php > exit();

Note: If after running php -a, you get Interactive mode enabled message but no php > prompt, then your PHP is not compiled with readline support.

If you run into that issue, you can create a testmail.php file with the following code inside:

<?php
    mail('you@example.com', "Test Subject", "Test message");
?>

and run it with

$ php -f testmail.php

If you can’t see any email form PHP, then that means its PHP’s fault.
Check value of sendmail_path in php.ini config by running

$ which sendmail

You should get back a path similar to /usr/sbin/sendmail.

To test with WordPress

If PHP can send mails, but WordPress cannot, it must be an issue on WordPress’s end.

  • If you have not already, install the WP Mail SMTP plugin.
  • In the plugin, enter wordpress@yourdomain.com for the ‘From’ address, and your preferred ‘From’ name below it.
  • Leave the Mailer setting at the default PHP, and save.
  • Proceed to the Email Test tab and enter your email address.

If you receive your email, you are good to go.
If you get an error, check out the support forum for WP Mail SMTP to troubleshoot your issue!

by Leave a Comment

Securing Apache with Let’s Encrypt on Ubuntu 16.04

This tutorial will show you how to set up a TLS/SSL certificate from Let’s Encrypt on an Ubuntu 16.04 server running Apache as a web server.

SSL certificates are used within web servers to encrypt the traffic between the server and client, providing extra security for users accessing your application. Let’s Encrypt provides an easy way to obtain and install trusted certificates for free.

Step 1 — Install the Let’s Encrypt Client

Let’s Encrypt certificates are fetched via client software running on your server. The official client is called Certbot, and its developers maintain their own Ubuntu software repository with up-to-date versions. Because Certbot is in such active development it’s worth using this repository to install a newer version than Ubuntu provides by default.

First, add the repository:

$ sudo add-apt-repository ppa:certbot/certbot

You’ll need to press ENTER to accept. Afterwards, update the package list to pick up the new repository’s package information:

$ sudo apt-get update

And finally, install Certbot from the new repository with apt-get:

$ sudo apt-get install python-certbot-apache

The certbot Let’s Encrypt client is now ready to use.

Step 2 — Set Up the SSL Certificate

Generating the SSL certificate for Apache using Certbot is quite straightforward. The client will automatically obtain and install a new SSL certificate that is valid for the domains provided as parameters.

To execute the interactive installation and obtain a certificate that covers only a single domain, run the certbot command like so, where example.com is your domain:

$ sudo certbot --apache -d example.com

If you want to install a single certificate that is valid for multiple domains or subdomains, you can pass them as additional parameters to the command. The first domain name in the list of parameters will be the base domain used by Let’s Encrypt to create the certificate, and for that reason we recommend that you pass the bare top-level domain name as first in the list, followed by any additional subdomains or aliases:

$ sudo certbot --apache -d example.com -d www.example.com

For this example, the base domain will be example.com.

If you have multiple virtual hosts, you should run certbot once for each to generate a new certificate for each. You can distribute multiple domains and subdomains across your virtual hosts in any way.

After the dependencies are installed, you will be presented with a step-by-step guide to customize your certificate options. You will be asked to provide an email address for lost key recovery and notices, and you will be able to choose between enabling both http and https access or forcing all requests to redirect to https. It is usually safest to require https, unless you have a specific need for unencrypted http traffic.

When the installation is finished, you should be able to find the generated certificate files at /etc/letsencrypt/live. You can verify the status of your SSL certificate with the following link (don’t forget to replace example.com with your base domain):

https://www.ssllabs.com/ssltest/analyze.html?d=example.com&latest
You should now be able to access your website using a https prefix.

Step 3 — Verifying Certbot Auto-Renewal

Let’s Encrypt certificates only last for 90 days. However, the certbot package we installed takes care of this for us by running certbot renew twice a day via a systemd timer. On non-systemd distributions this functionality is provided by a cron script placed in /etc/cron.d. The task runs twice daily and will renew any certificate that’s within thirty days of expiration.

To test the renewal process, you can do a dry run with certbot:

$ sudo certbot renew --dry-run

If you see no errors, you’re all set. When necessary, Certbot will renew your certificates and reload Apache to pick up the changes. If the automated renewal process ever fails, Let’s Encrypt will send a message to the email you specified, warning you when your certificate is about to expire.

Conclusion

In this guide, we saw how to install a free SSL certificate from Let’s Encrypt in order to secure a website hosted with Apache. We recommend that you check the official Let’s Encrypt blog for important updates from time to time, and read the Certbot documentation for more details about the Certbot client.

by Leave a Comment

Adding G Suite email addresses to @gmail account

In G Suite:

  1. Navigate to Apps -> G Suite -> Settings for Gmail -> Advanced settings
  2. Check Allow users to send mail through an external SMTP server when configuring a “from” address hosted outside your email domains.

NOTE: It may take up to an hour for the setting to propagate for all users under your account.

In G Mail:

  1. Navigate to Settings and click on the Accounts and Import tab
  2. In the Check mail from other accounts section, click Add a mail account
  3. In the popup, enter the @yourdomain email address.
  4. With Import emails from my other account (POP3) checked, click next.
  5. Enter email address for username
  6. Enter password
  7. Enter pop.gmail.com for POP Server
  8. Change the Port to 995
  9. Check Always use a secure connection (SSL) when retrieving mail
  10. Check Label incoming messages if you want to group the messages from your other account into a different label
  11. Click Add account
  12. It will ask you if you’d like to also send mail as that account, click Yes.

    NOTE: if it does not prompt, go to Send mail as section and click Add another email address

  13. Make sure your settings are as follows: 
    SMTP Server: smtp.gmail.com
Port: 587
Username: full email address
Password: enter password
Secured connection using TLS (recommended) is checked
  14. Click Add Account
  15. Keep the window open until you receive the confirmation email in the account you are adding.
  16. Grab the verification code and paste it.
  17. Click Verify.

///

navigate to Security -> Advanced security settings -> Less secure apps
Check the radio button for ‘Allow users to manage their access to less secure apps’ and click SAVE at the bottom
Go to https://myaccount.google.com/lesssecureapps and make sure Allow less secure apps: ON

In G Mail:
for @gmail.com

  1. Log in as the account you are trying to add (ending in @gmail.com)
  2. Navigate to https://myaccount.google.com/lesssecureapps and make sure it is ON
  3. Navigate to https://accounts.google.com/DisplayUnlockCaptcha and click Continue
  4. Log out
  5. Log in with your @yourdomain.com account
  6. Navigate to Settings and click on the Accounts and Import tab
  7. In the Check mail from other accounts section, click Add a mail account
  8. In the popup, enter the @gmail.com email address.
  9. With Import emails from my other account (POP3) checked, click next.
  10. Enter email address for username
  11. Enter password
  12. Enter pop.gmail.com for POP Server
  13. Change the Port to 995
  14. Check Always use a secure connection (SSL) when retrieving mail
  15. Check Label incoming messages if you want to group the messages from your other account into a different label
  16. Click Add account
  17. It will ask you if you’d like to also send mail as that account, click Yes.

    NOTE: if it does not prompt, go to Send mail as section and click Add another email address

  18. Make sure your settings are as follows: 
    SMTP Server: smtp.gmail.com
Port: 587
Username: full email address
Password: enter password
Secured connection using TLS (recommended) is checked
  19. Click Add Account
  20. Keep the window open until you receive the confirmation email in the account you are adding.
  21. Grab the verification code and paste it.
  22. Click Verify.

by Leave a Comment

WordPress on Synology

PHP version

Most hosts use PHP 5.6, but I do suggest using 7.0

php.ini file

Change the following memory limits for optimal use with wordpress:

upload_max_filesize = 32M
post_max_size = 48M
memory_limit = 128M
max_execution_time = 600
max_input_vars = 10000
max_input_time = 400

required extensions:

  • cURL – 127 uses (requires libcurl)
    • HTTP API (class WP_Http_curl)
    • url_is_accessable_via_ssl()
    • SimplePie (overridden with class WP_SimplePie_File)
    • GoogleSpell (from TinyMCE package, is not used?)
  • Date/Time – 367 uses
  • DOM – 6 uses (requires libxml)
    • iis7_rewrite_rule_exists()
    • iis7_delete_rewrite_rule()
    • iis7_add_rewrite_rule()
    • saveDomDocument()
  • POSIX Regex – 23 uses
  • Filter – 2 uses
    • class PHPMailer->ValidateAddress() (optional)
  • FTP – 72 uses
    • class ftp_base
    • class ftp (pure and sockets versions)
    • class WP_Filesystem_FTPext
    • class WP_Filesystem_ftpsockets
  • GD – 56 uses
    • wp-admin\includes\image-edit.php
    • wp-admin\includes\image.php
    • wp-includes\media.php
  • Hash – 6 uses
    • wp-includes\pluggable.php multiple uses (optional – fallback in wp-includes\compat.php)
  • iconv – 5 uses
    • class SimplePie (optional)
    • wp_check_invalid_utf8() (optional)
    • wp-mail.php (optional)
  • JSON – 20 uses
    • optional, fallbacks in wp-includes/compat.php
  • libxml – 4 uses
    • class WP_oEmbed->_parse_xml() (optional)
    • SimplePie
  • Multibyte String – 29 uses
    • some fallback in wp-includes/compat.php
  • MySQL – 60 uses
    • class wpdb
    • class SimplePie_Cache (overridden with class WP_Feed_Cache)
  • OpenSSL – 4 uses
    • class PHPMailer
  • PCRE – 743 uses
  • SimpleXML – 1 uses
    • class WP_oEmbed (seems optional)
  • Sockets – 64 uses
    • class ftp (sockets implementation)
  • SPL – 3 uses
  • Tokenizer – 3 uses
    • wp_doc_link_parse() (optional)
  • XML Parser – 89 uses
  • XMLReader – 1 uses
    • SimplePie (seems optional)
  • Zlib – 30 uses

Let’s Talk

Looking to get your business a website or update your current online presence?

Please send me information about you project so that I can determine how to best fulfill your needs.