My Monkey Do

A Log of Coding Solutions

Server Stuff

Hardening WordPress

by

I’ll be updating this post as I find more and better explanations to hardening wordpress.  The more secure, the better.  Some things to keep in mind when you are trying to secure your wordpress installation.

  • Be careful when saying a security measure is “not worth the time” to do it.  If it takes 5 minutes to do, then it’s almost always worth it to do it.
  • It is always worth doing something that will prevent those rare cases.  Just remember that most default settings will already protect you from the common cases, it’s those rare ones that get you.
  • “Simple folk” not understanding things is not an excuse to not do things.

WordPress codex has many good solutions.  This post is will only repeat those solutions if there is more explanation.

http://codex.wordpress.org/Hardening_WordPress

 

Move your wp-config.php file

 

OSCommerce admin pages show 401

by

Problem

The OSCommerce admin pages were working fine a couple months ago.  Now I go to it and it shows a 401 error.

Solution

The problem was that the htaccess file had a rewrite added to it to always include www to the address.  Apparently the SEO guy did this.  The solution is to update the OSCommerce configuration files.  Meaning add “www” to the address variables in

includes/configure.php
includes/admin/configure.php

 

source: http://forums.oscommerce.com/topic/341940-how-to-change-htaccess-to-rewrite-the-url-hard/
http://forums.jaguarpc.com/design-development/24039-just-installed-oscommerce-admin-links-giving-401-authentication-failed.html

keywords: oscommerce 401

MAMP – MySQL can’t connect after OS X Crash

by

Problem

I had my macbook open, it went to sleep and I couldn’t wake it up.  After holding down the powerbutton for over 10 seconds, it turned on.  Everything was fine until I tried to open the MAMP home page.  MySQL couldn’t start.  the error logs showed:

InnoDB: Check that you do not already have another mysqld process
InnoDB: using the same InnoDB data or log files.
120904 14:51:31 InnoDB: Unable to open the first data file
InnoDB: Error in opening ./ibdata1

Solution

Solution is to find the mysqlid process and end it.  Then restart MAMP and things should be good to go.  more details on this great post:

http://aralbalkan.com/1931

 

Another Problem

When visiting phpMyAdmin you get the following errors:

Cannot start session without errors, please check errors given in your PHP and/or webserver log file and configure your PHP installation properly.”

Another Solution

Clear your browser cache.

thanks to: http://stackoverflow.com/questions/5013118/cannot-start-session-without-errors-in-phpmyadmin

 

 

keywords: mamp check that you do not already have another mysqlid process

Page Speed SEO

by

One of the metrics for Search Engine Optimization is the time it takes to load a page.  With Google’s PageSpeed tool, you can see if your page is loading optimally.  One of the ways to better your page loading is by leveraging browser cache.  The article below explains it well.  What I did was a little simpler.  I basically just bypassed all the ExpiresByType and just put the ExpiresDefault in my .htaccess.


<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access 2 week"
</IfModule>

keywords: leverage browser caching
source: http://thomasgriffinmedia.com/blog/2010/11/how-to-leverage-browser-caching-in-wordpress-via-htaccess/

PHP ini overriding

by

On shared hosts, overriding the php.ini file can be frustrating.  Sometimes it works, sometimes it doesn’t.  It’s up to the host provider.   This post will keep a record of what hosts need what type of requirements and will be updated from time to time.  This overriding php.ini file can be a partial override like so:

[PHP]
; Maximum size of POST data that PHP will accept.
post_max_size = 20M
; Maximum allowed size for uploaded files.
upload_max_filesize = 20M

 

GoDaddy

The php.ini file needs to be named php5.ini if you are using PHP version 5.x.  Sometimes you’ll need to restart the web process in the control panel.  It is located under the “System Processes” icon.   Once in System Processes click on “End Web”.

mysqldump – Using password: NO error

by

Problem

I need to back up a mysql database on a shared hosting server.  I am using the cron job to run a bash file which runs a mysqlcommand.  The problem is that I can’t get MySQL to recognize the password.  I have no spaces after the “-p” however, I still get the following error:

mysqldump: Got error: 1045: Access denied for user ‘some_user’@’localhost’ (using password: NO) when trying to connect

 

Solution

No thanks to JustHost of course.  They don’t know why this doesn’t work as one support member tried to help me, but stopped replying after all his solutions failed and another support member just plain said “we do not provide support for this issue”.

On to the solution.  The problem is that the mysql configuration file on JustHost is set to not supply a password no matter what you pass into the mysqldump command.  I’m not sure of the specifics of this so you can read more on configuration files if you need more details.  The key that clued me into the problem was a comment on this page.   He had a similar problem to what I was having.  In the end my cnf file looked like below, named “mymysql.cnf”:

 

[client]
# The following password will be sent to all standard MySQL clients
password="thePassword"

 

And my bash file looked like so:

#!/bin/bash

mysqldump --defaults-file=/somedir/mymysql.cnf -u theusername thedbname > /somedir/thedbname`date +%d`.sql

 

keywords: access denied using password NO
source: http://dev.mysql.com/doc/refman/5.1/en/option-files.html