Deprecated: Hook custom_css_loaded is deprecated since version jetpack-13.5! Use WordPress Custom CSS instead. Jetpack no longer supports Custom CSS. Read the WordPress.org documentation to learn how to apply custom styles to your site: https://wordpress.org/documentation/article/styles-overview/#applying-custom-css in /srv/www/srvfail.com/public_html/wp-includes/functions.php on line 6078
SysAdminStuff ⋆ Page 3 of 15 ⋆ My Online Notebook

Disable Chrome stripping subdomains from URL

In version 69 of Chromium and Google Chrome default browser behavior is to enable “Omnibox UI Hide Steady-State URL Scheme and Trivial Subdomain” feature.

This will cause browser not displaying not just the protocol part of address but also what it considers trivial subdomains.
Subdomains like www or m subdomain will not be shown in address bar with this feature enabled.
This will cause www.example.com to be shown as example.com and www.m.example.www.example.com would be shown as example.example.com, like described in this issue report:

https://bugs.chromium.org/p/chromium/issues/detail?id=881410

To disable this feature open chrome://flags/#omnibox-ui-hide-steady-state-url-scheme-and-subdomains in your browser and set the flag to “Disabled”.

Version 69 has also introduced new UI design.

If you wish to revert to old design you can do so with “UI Layout for the browser’s top chrome” setting.
Input chrome://flags/#top-chrome-md in Chrome and set it to Normal to have the old UI design again.

 

Find which directory is using most inodes

Oneliners to find which directory on the server is using most inodes:

To find how many inodes are used per each directory on certain path run:

find ./ -maxdepth 1 -type d -print0 | while IFS= read -r -d $'\0' dir; do echo "$(find "$dir" | wc -l) "$dir""; done| sort -n | tail

Last line will show the path being searched and second to last line will be directory with most inodes, then cd to that directory and run again to see which subfolder is using most inodes.

To get directory with most inodes immediately, without the need to cd in each directory you can run following:

find ./ -type d -print0 | while IFS= read -r -d $'\0' dir; do echo "$(stat -t "$dir" | awk '{print$2}') "$dir""; done | sort -n | tail

This will not show the number of inodes used, only which directory has most inodes in it.
Oneliner from top can be used to get exact number of inodes in it.

Small WordPress backup script

Simple backup script written in bash, for WordPress on Linux, that will dump MySQL database used by WordPress site and create tar.gz file consisting of WordPress site files and database dump

#!/bin/bash

BKPDIR=/local/backup/directory
WEBROOT=/wordpress/install/directory/

DBUSER=$(grep DB_USER $WEBROOT/wp-config.php | awk -F\' '{print$4}')
DBNAME=$(grep DB_NAME $WEBROOT/wp-config.php | awk -F\' '{print$4}')
DBPASSWORD=$(grep DB_PASSWORD $WEBROOT/wp-config.php | awk -F\' '{print$4}')
DBDUMP="$BKPDIR""$DBNAME"_$(date +"%Y-%m-%d-%H-%M").sql

#In case you want to rsync backups to remote server
RUSER=remoteuser
RHOST=remoteserver
RDIR=/remote/backup/directory/
RSSHPORT=22

mysqldump -u $DBUSER -p$DBPASSWORD $DBNAME > $DBDUMP

tar -czvf "$BKPDIR"wpbackup_$(date +"%Y-%m-%d_%H-%M").tar.gz $WEBROOT $DBDUMP

rsync -az $BKPDIR -e "ssh -p $RSSHPORT" $RUSER@$RHOST:$RDIR

It will create two backup files, one for database dump in format that looks like “dbname_2018-01-04-06-00.sql” and one tar.gz file that will look like “wpbackup_2018-01-04_06-00.tar.gz”.

Script can be saved as wpbackup.sh and put in crontab to run at a certain time like 6:00AM.

0 6 * * * /path/to/script/wpbackup.sh 2>/dev/null

It can also be run manually with bash wpbackup.sh

WordPress http to https switch using Cloudflare SSL

If you have a WordPress site behind Cloudflare free account and you want to make your site or part of it accessible over HTTPS you can use free Cloudflare Universal SSL certificate.

Enable SSL on Cloudflare

To enable your site being served over HTTPS from Cloudflare, login to your Cloudflare account, select domain you want to enable SSL on and click on the Crypto page with lock icon, to manage cryptography settings for your website.

Cloudflare Crypto

On the Crypto page first setting on top will be SSL, where you can switch SSL from Off to one of the three other options available.

There are three options you can use to enable SSL:

  • Flexible: Cloudflare will serve site to end users on https, but will communicate with your site over http, in this case you don’t have to install SSL on your site’s server or make any changes on your site, if you are using relative links, where http is not hardcoded in any links.
  • Full: Cloudflare will serve end users over https, communicate with your site over https, but will not verify the authenticity of the SSL. In this case you need to install SSL on your site and have your site’s server listen for connections on port 443, but you can use self-signed certificate as it’s authenticity is not verified.
  • Full (strict): Cloudflare will server end users over https, communicate with your site over https and will verify the validity of your SSL. As with Full option above you will need to set port 443 for listener and install SSL, but in this case you will need to install a valid SSL containing your site hostname and signed by certificate authority. You do not need to buy SSL for this to work, you can configure Let’s Encrypt SSL or use Origin CA certificates, generated by Cloudflare.

It would be recommended to use Full (strict option) for SSL as it maximizes security of your site data.

You can see all options explained with more details in this Cloudflare support article.

Create Edge and Origin certificates

If you don’t already have SSL with your site hostname listed under Edge Certificates, click on Order SSL certificate button and select Universal SSL (Shared) option. This will be SSL certificate server to visitors of your site by Cloudflare.

Edge Certificates

To get SSL certificate that will be used for communication between Cloudflare and your site, go to Origin Certificates section of page and click on Create Certificate button. You do not need to create Origin Certificate if you used Flexible option when you enabled SSL or if you already have some other SSL on your web server.

Origin Certificates

Once you click on Create Certificate you will be presented with Origin Certificate Installation window where in most cases you can just leave default options, after which you will be presented with Certificate and Private key which you need to install on your web server.

Change your WordPress to https URLs

If you have used Full of Full (strict) option when enabling SSL you need to edit your WordPress settings in Settings » General” and change your WordPress Address (URL) and Site Address (URL) fields to https URL instead of http URL.

You do not need to make this change if you are using Flexible option when enabling SSL on Cloudflare.

If you want to have your whole site being served over HTTPs and not just some subsets of it, like wp-admin or a store page, enable Always use HTTPS option on Crypto page of your Cloudflare account.

Always use HTTPS

If you don’t want to have whole site over https, but only some parts of URL, like example.com/wp-admin, example.com/wp-login.php or example.com/section leave this option Off, and setup redirection to https for those pages either on your web server or in Page Rules page on your Cloudflare account.

To avoid getting mixed content warning in browser when your page is visited over https enable Automatic HTTPS Rewrites option, which will try to rewrite your content from http to https if a link or a reference to a http URL is available over https.

Automatic HTTPS rewrites

Change to https in webmaster tools

If you are using webmaster tools in Bing, Google or Yandex here is how to notify those search engines about your change to https:

Google
Google doesn’t at this time support http to https change in their Change of Address option, so you will need to add a new property with https URL, and data from http property will eventually change to your new https property.

Bing
Go to Diagnostics & Tools » Site Move” and select  I am moving URLs from one place to another within the current site” and then input your old URL in Source field and new https URL in Destination field.

Yandex
Add new site address with URL using https and then on the old site with http go to “Indexing » Relocate site” and tick “Add HTTPS” box.

Reset SSH, and find SSH port on cPanel/WHM server

If you lock yourself out of SSH access to your cPanel server or if you do not know on which port your SSH server is running there are several ways you can gain back SSH access to your server.

Flush iptables

If your  IP got locked out in iptables you can use one of cPanel autofixer scripts to flush all iptables chains so your IP can reach SSH on your server again.

Script can be called by adding “scripts2/doautofixer?autofix=iptablesflush” to the end of the WHM url in your browser, and should look something like this:

https://server.domain.tld:2087/cpsess1290981925/scripts2/doautofixer?autofix=iptablesflush

flushing iptables

Reset SSH

If you SSH server is not accessible because of a broken configuration or anything else and is not restarting properly through Home »Restart Services »SSH Server (OpenSSH) in WHM you can try starting safesshrestart script which will kill any running instance of sshd and start a new process on port 22, or if that port is taken on first available port after that, like port 23.

Script can be started by adding “scripts2/doautofixer?autofix=safesshrestart” to the end of your WHM url and should look something like this:

https://server.domain.tld:2087/cpsess1290981925/scripts2/doautofixer?autofix=safesshrestart

Pay attention to the output in WHM when script runs, it will say on which port was SSH started.

safesshrestart

Find out your SSH port

If you are not sure on which port is your SSH server running you can find that out on two ways.

You can use the Restart Services part of WHM and restart SSH by going to Home »Restart Services »SSH Server (OpenSSH) in WHM and watching the output in WHM after you restart SSH, it will say on which port is SSH listening.

Other option is to use an API call to show the port.
You can do that by adding “xml-api/cpanel?user=cpanel&cpanel_xmlapi_apiversion=1&cpanel_xmlapi_module=SSH&cpanel_xmlapi_func=getport” to the end of your WHM url which should look something like this:

https://server.domain.tld:2087/cpsess1290981925/xml-api/cpanel?user=cpanel&cpanel_xmlapi_apiversion=1&cpanel_xmlapi_module=SSH&cpanel_xmlapi_func=getport

You can find out more about WHM autofixers on following link:

https://documentation.cpanel.net/display/ALD/WHM+FAQ#WHMFAQ-WhatistheWHMAutofixer?

Full list of all autofixers can be found here:

http://httpupdate.cpanel.net/autofixer/