Saturday, January 5, 2013

WordPress SEO by Yoast and Nginx

Wordpress-SEO by Yoast is a great plugin for search engine optimization. It can generate XML sitemaps on the fly. While on Nginx, I found that I was getting 404 errors when trying to load the sitemap.

The solution was simple. We just need to pass the "sitemap name" as a URI to "index.php" which can be done by simply adding this to "server block":

rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
If you are already using Nginx with Wordpress friendly URLs, these steps are not necessary and redundant.

Wednesday, August 22, 2012

Allow only SCP/SFTP transfers with 'scponly'

scponly restricts users to SCP and SFTP logins by acting itself as a shell and this disables SSH logins. This allows using Filezilla or 'scp' tool to transfer files but restrict SSH logins via SSH clients. Debian has this package as 'scponly'. TO install it:
# apt-get install scponly
Since, we will not be chrooting users, suid binary is not required. So, select no to: Install the chrooted binary /usr/sbin/scponlyc SUID root? <-- No For existing users, do:
# usermod -s /usr/bin/scponly username
To create a new user with scponly:
# useradd -m -s /usr/bin/scponly username
# passwd username

Wednesday, August 1, 2012

Optimized LEMP Installer for Debian/Ubuntu with Virtual Hosts Automator.

LAMP stacks are used widely but they are notorious for being less resource friendly and in the same time, incredibly attracting to script kiddies and part time crackers.

There's a tradition to play with most popular toys rather than one which was designed to be small and less expensive. As a kid, what would you like to steal in a kindergarten: a Spider-Man toy or a small spider miniature?
Leaving aside these arguments, let's move on to the real-valued part. I wrote this script which I think, has the following featured jobs:

  • Configures Nginx for performance and static file caching as well as gzipping the output.
  • Installs and PHP-FPM as well as PHP-APC for Opcode Caching
  • Optimizes MySQL for caching queries, while being light on resources.
  • Facilitates interactive virtual hosts creation with dedicated PHP-FPM pool for each user so that each PHP process runs as the owner. This eliminates the need to install FTP server for updating Wordpress or installing plugins. Since, PHP runs as the user owning the script, "wp-config" can be set to very strict permissions like 700.

There's even more...

  • Virtual hosts generation script also has the ability to create MySQL user and database as well as allowing user to import SQL file onto the newly created database for easy migration.
  • PHPMyAdmin installer is also built-in which allows PHPMyAdmin to be installed on specified domain or sub-domain. 
  • This script uses unix sockets instead of TCP which promises some more improvement and lowers TCP overhead within the system. 
  • I have implemented some security practices like "cgi.fixpath_info=0". 
Download the script here and run it as root:
wget https://raw.github.com/aatishnn/lempstack/master/lemp-debian.sh
chmod +x lemp-debian.sh
./lemp-debian.sh
This script works for me but I cannot guarantee that it will work for you too. I am not a Bash expert. Please add some regexp to your brain to ignore my scripting laziness. This is designed to work with Debian and Ubuntu. You may freely use it to suit your needs under the condition that you will thank me. I would be glad if you can share something about this script, test it, debug it or just scold, rebuke or criticize.


Monday, June 4, 2012

Using WiFi just from Linux Terminal

Are you tired of Network Managers that try to reduce pain regarding Wireless connections and end up with unstable or never-connecting Wireless problems? Then, command line comes to the rescue and `wpa_supplicant` as our weapon. Throughout the tutorial, I will be using these random access point details with WPA-PSK:
SSID: linuxdo
Passphrase: myphrase
And, `wlan0` is the wireless interface. Find the one corresponding in your system using `iwconfig`.
Install `wpa_supplicant` for your distro if not installed.
For CentOS/RedHat and other Yum based systems:
# yum install wpa_supplicant

For Debian based systems including Ubuntu:
# apt-get update && apt-get install wpa_supplicant
Now, we need to create the configuration file for `wpa_supplicant`. There is an easy way out using:
# wpa_passphrase linuxdo myphrase >/root/linuxdo.conf
It's the time to connect now. Run `wpa_supplicant` as:
# wpa_supplicant -iwlan0 -c/root/linuxdo.conf
After you get `CTRL-EVENT-CONNECTED`, you should run `dhclient` as:
# dhclient wlan0
This way, you will get a dynamic IP from the router.
Test your internet connection by opening a web browser and loading `linuxdo.blogspot.com`. You will get it.
Since, we are now familiar with `wpa_supplicant` now, disable Wireless in NetworkManager interface to avoid conflicts.