Category Archives: IT Related Stuff

Setting up SSL/HTTPS in WordPress Manually

Prerequisites: A web server with SSL enabled. This method requires you to troubleshoot issues manually and edit WordPress files. However this is a permanent and more performance optimized solution. Performance gains are due to the fact the requested content does not have to be parsed by an additional plugin before it is displayed in the web page. In addition, it gives you more control over your website's security.

Steps

  1. Log into the WordPress Dashboard.
  2. Roll your mouse over Settings in the navigation menu, then click General.
  3. In the WordPress Address (URL) field, enter your https address.
  4. Enter your https address in the Site Address (URL)  field. 
  5. Click the Save Changes button on the bottom of the screen. 

Note: If you get an error to the effect of "Error connecting to web server" after savings the changes - the problem lies at the hosting provider's end . Some hosting providers use a different IP for hosting http: and https: and you will have to ensure the "A" record of your https domain is pointing to the correct one.

Next, you need to set up WordPress redirects from HTTP to HTTPS by adding the following code to your .htaccess file.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>

If you want to force SSL and HTTPS on your WordPress admin area or login pages, then you need to configure SSL in the wp-config.php file. Simply add the following code above the "That's all, stop editing!" line in your wp-config.php file:

define('FORCE_SSL_ADMIN', true);

This line allows WordPress to force SSL / HTTPs in WordPress admin area. Once you do this, your website is now fully setup to use SSL / HTTPS, but you will still encounter mixed content errors.

Mixed content errors are caused by sources (images, scripts, or stylesheets) that are still loading using the insecure HTTP protocol in the URLs. If that is the case, then you will not see a secure padlock icon in your website’s address bar. The majority of these incorrect URLs will be images, files, embeds, and other data stored in your WordPress database.

What you need to do is find all mentions of your old website URL in the database that starts with http and replace it with your new website URL that starts with https .

You can do this by installing and activating the “Better Search Replace” plugin. However, The free version of the "Better Search and Replace" plugin is not useful and even harmful as you cannot see what changes have been made. I used the “Search & Replace” plugin by Inpsyde GmbH. It is not supported anymore but works in WordPress 6.1.1

      

Credits

https://www.wpbeginner.com/wp-tutorials/how-to-add-ssl-and-https-in-wordpress/

Securing your WordPress site with a little code.

WordPress Brute Force Attacks, WordPress Development
Brute force attempts ro crack passwords

Table of Contents

Introduction.

Limiting the number of login attempts.

Denying xmlrpc Requests.

Hiding your wp-login.php file.

Credits.

Updated: 3rd January 2023

Introduction.

Websites are increasing under brute force hacking attempts and distributed denial of service attacks (DDOS) .

As a WordPress website administrator you can secure your site with a little bit of code if you feel confident enough. There are security plugins for WordPress should you wish to go down that route. I haven’t tried any of them and so cannot make a recommendation. The advantages of not using unnecessary plugins is increased code processing efficiency and hence better performance of a website. In addition there is the benefit from the security perspective of avoiding the possibility of getting stuck with outdated and unsupported plugins.

The three setups described below that I recommend are limiting the number of login attempts , denying xmlrpc requests and hiding your wp-admin.php page.

Ideally, you should not edit the functions.php file of the theme you are using. This is because changes will be lost when the theme is updated by the theme’s developers. Instead you should create a child theme and edit the functions.php of this.

Here is a link on how to create a child theme. https://developer.wordpress.org/themes/advanced-topics/child-themes/

Limiting the number of login attempts.

To do this you can put the following code in your WordPress theme’s functions.php file.

// code to limit no. of login attempts - lock for 30 mins function check_attempted_login( $user, $username, $password ) {
if ( get_transient( 'attempted_login' ) ) {
$datas = get_transient( 'attempted_login' );
if ( $datas['tried'] >= 3 ) {
$until = get_option( 'transient_timeout' . 'attempted_login' );
$time = time_to_go( $until );
return new WP_Error( 'too_many_tried', sprintf( __( 'ERROR: You have reached authentication limit, you will be able to try again in %1$s.' ) , $time ) );
}
}
return $user;
}
add_filter( 'authenticate', 'check_attempted_login', 30, 3 );
function login_failed( $username ) {
if ( get_transient( 'attempted_login' ) ) {
$datas = get_transient( 'attempted_login' );
$datas['tried']++;
if ( $datas['tried'] <= 3 ) set_transient( 'attempted_login', $datas , 1800 ); } else { $datas = array( 'tried' => 1
);
set_transient( 'attempted_login', $datas , 1800 );
}
}
add_action( 'wp_login_failed', 'login_failed', 10, 1 );
function time_to_go($timestamp)
{
// converting the mysql timestamp to php time
$periods = array(
"second",
"minute",
"hour",
"day",
"week",
"month",
"year"
);
$lengths = array(
"60",
"60",
"24",
"7",
"4.35",
"12"
);
$current_timestamp = time();
$difference = abs($current_timestamp - $timestamp);
for ($i = 0; $difference >= $lengths[$i] && $i < count($lengths) - 1; $i ++) {
$difference /= $lengths[$i];
}
$difference = round($difference);
if (isset($difference)) {
if ($difference != 1)
$periods[$i] .= "s";
$output = "$difference $periods[$i]";
return $output;
}
}
// end code to limit no. of login attempts - lock for 30 mins

You can change the lock out time by changing the third argument in the set_transient function which is currently set to 1800 seconds (30 mins.)
This code will stop bots making brute force dictionary attacks on your username and password.

Denying xmlrpc Requests.

XMLrpc is a legacy protocol that used to be used for WordPress ping backs. It relies on transmission of the username and password. So an attacker can use bots to try and gain access to your website by guessing at passwords and usernames.

Another from of attack that uses XMLrpc is DDOS where thousands and even hundreds of thousands of XMLrpc requests are made to a website overwhelming it.

Please refer to the excellent document by SiteGround in the Credits to understand more about the XMLrpc and the vulnerability it poses to WordPress websites.

To disable XMLrpc insert the following code in the functions.php file of your theme.

// refuse XMLRPC requests
add_filter( 'xmlrpc_enabled', '__return_false' );
//end of refuse XMLRPC requests

Important! Make sure you use the correct type of single quotes.

add_filter( 'xmlrpc_enabled', '__return_false' ); will work okay while add_filter( ‘xmlrpc_enabled’, ‘__return_false’ ); will generate Warning: Use of undefined constant ‘xmlrpc_enabled’ - assumed '‘xmlrpc_enabled’' (this will throw an Error in a future version of PHP) in functions.php in a child theme.

You can also add the above code to the wp-config-php file. Add it after the require_once(ABSPATH . 'wp-settings.php'); line. There are a couple more ways to block XMLrpc requests. One being via the web server’s configuration file and the other via a plugin. Please refer to the SiteGround and the debugbar documents.

Hiding your wp-login.php file.

Some experts discourage doing it this as wp-login.php gets updated when the core WordPress version gets updated. If you remember this and update the changes manually this method is fine. It is also inadvisable if your website needs to provide login access to site members other than a handful of admin and authors.

Hiding your wp-login.php is very effective as bots target the wp-login.php either with password crackers or a DDOS attack once they know your website is powered by WordPress. Each wp-login request is costly as as information gets sent to and from the MySql database of the WordPress site.

The steps.

1) Backup your wp-login.php file. Then rename it on the web server.
2) Create a new .php file with a text editor like Notepad, Notepad++, Gedit (on Linux Ubuntu) etc. Name it whatever you want as long as you can remember it when you login e.g foxy-roxy.php
3) Copy all the contents from wp-login.php into foxy-roxy.php or whatever you named the new file. Use Crtl+Alt to select all and Paste.
4) Search and replace every occurrence of wp-login.php with foxy-roxy.php or whatever the file is called. Save the file.
5) The next step is to update the default login and logout URLs This is done via
hooks in the theme’s functions.php .
Add the following code to functions.php of the theme.

add_filter( 'logout_url', 'custom_logout_url' );
function custom_logout_url( $default )
{
return str_replace( 'wp-login', 'foxy-roxy', $default );
}
add_filter( 'login_url', 'custom_login_url' );
function custom_login_url( $default )
{
return str_replace( 'wp-login', 'foxy-roxy', $default );
}

(remember to change ‘foxy-roxy’ to whatever your file is called. )

Add the following code to handle a safe logout and redirect to your home page.

// WP Redirect the user to the homepage after logout add_action('wp_logout','auto_redirect_after_logout');
function auto_redirect_after_logout(){
wp_safe_redirect( home_url() );
exit();
}
//end WP Redirect the user to the homepage after logout

6) Next test your new login page URL. Website name/ foxy-roxy.php. Attempting to login with Website name/wp-login should produce a resource not found error.

7) Finally, delete the renamed wp-login.php from the web server.

Notes: Known vunerabilities with the above method. Due to the login code being hard coded in several places in WordPress , the name of your secret login page can get exposed by calls made wp-admin by an intelligent attacker rather than a bot. I think this can be taken care of by some sort of redirect but I haven't got the time to experiment.

One way to mitigate against this is to limit access to the login process to trusted IPs. This is done by editing the .htaccess file in the root WordPress installation directory and adding the following code. Remember to backup your .htaccess file before editing it.

#Limit access to website administration
<Limit GET POST PUT>
order deny,allow
deny from all
# admins IP
allow from xxx.xxx.xxx.xxx
</Limit>

where xxx.xxx.xxx.xxx is the IP number. You can add as many allow from IPs as you need or allow a whole Class C subnet with allow from xxx.xxx.xxx.0/24

In closing.

These three methods will certainly help secure your WordPress site and help counter the effects of a DDOS attack if you are subject to one.

Credits.

Phpot.com on Limiting the number of login attempts (09/12/2022):

https://phppot.com/wordpress/how-to-limit-login-attempts-in-wordpress/

SiteGround on XMLrpc (09/12/2022): https://www.siteground.com/blog/xmlrpc/#Brute_Force_Attacks_via_XMLRPC

Martin Aronovitch (09/12/2022): https://wpmudev.com/blog/hide-wordpress-login-page/#hidewithoutplugin

Debugbar.com How to block XML-RPC on WordPress 03/01/2023 https://www.debugbar.com/how-to-block-xml-rpc/

Encryption with eCryptfs on Linux

Introduction

eCryptfs is a POSIX-compliant enterprise cryptographic "stacked" filesystem for Linux. Please note that eCryptfs is not a partition/ disk encryption subsystem like "Veracrypt".

eCryptfs is a stacked filesystem that can be mounted on any directory and on top of the main file system.

Using eCryptfs, we can easily create an encrypted directory to store confidential data and mount it on any directory. Although it is good practice for the mount path to match the path of the underlying file system.

No separate partition or pre-allocated space is actually required. eCryptfs should work well on local filesystems such as EXT3, EXT4, XFS, JFS and ReiserFS etc.

eCryptfs also supports networked filesystems such as NFS, CIFS, Samba and WebDAV, but not does not have full functionality as it was designed to work with local filesystems.

It stores the cryptographic metadata in the headers of files, so the encrypted data can be easily moved between different users and even systems. eCryptfs has been included in Linux Kernel since version 2.6.19.

Installation

I have only tested it on Ubuntu 18.04 which runs on the 5.4.0-87-generic kernel obtained by running

$ uname -r

5.4.0-87-generic

To enable an utilize Ecryptfs install ecryptfs-utils

$ sudo apt install ecryptfs-utils

How to use Ecryptfs

The method below explains how to encrypt a folder called temp2 located at /home/zephyr/temp2

Open terminal and run the following:

$ sudo mount -t ecryptfs /home/zephyr/temp2 /home/zephyr/temp2

Passphrase: ← enter your passphrase

Select cipher:

1) aes: blocksize = 16; min keysize = 16; max keysize = 32

2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56

3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24

4) twofish: blocksize = 16; min keysize = 16; max keysize = 32

5) cast6: blocksize = 16; min keysize = 16; max keysize = 32

6) cast5: blocksize = 8; min keysize = 5; max keysize = 16

Selection [aes]: 1 ← selected

Select key bytes:

1) 16

2) 32

3) 24

Selection [16]: 1 ← selected

Enable plaintext passthrough (y/n) [n]: n ← selected

Enable filename encryption (y/n) [n]: n ← selected

Attempting to mount with the following options:

ecryptfs_unlink_sigs

ecryptfs_key_bytes=16

ecryptfs_cipher=aes

ecryptfs_sig=015fa84ce5a1043d

Mounted eCryptfs

temp2 is now and encrypted folder. Any files and folders moved into it or created in it, will be automatically encrypted.

It is very important to remember your passphrase to be able to access your eCryptfs encrypted files and folders. It is also advisable to make note of your encryption settings for future mounting/access of your encrypted file/directory. Choose a password of 14 characters long made up of 3 random words. This is easier to remember and still secure. You can add symbols and numbers to it increase the strength of the passphrase.

A signature file named "sig-cache.txt" will be created under "/root/.ecryptfs/" directory. This file is used to identify the mount passphrase in the kernel keyring. It is a read only file except for the root user. I suggest saving a copy with a .bak extension as the signature number for each encrypted and mounted folder. It is a good reference to have.

Accessing your encrypted data.

Each time you reboot your system the encrypted volume will be dismounted and you will not be able to access your encrypted data.

To access your data you have to remount the encrypted volume with:

$ sudo mount -t ecryptfs /home/zephyr/temp2 /home/zephyr/temp2

After which Terminal pops up prompting you for your passphrase

passphrase to be entered in Gnome Terminal to access folders(files/ encrypted with ecryprtfs. Zephyr Rodrigues, Belmonte, Luz de Tavira, Portugal
type in your passphrase

The problem with this is that you have to enter all the encryption options each time.

Automating the mount process

My solution to this is make an executable .sh file with a text editor. I use the default, gnome, gedit text editor

In this example, I have called it mount_temp2.sh

Paste the following code into it. Use whatever options you chose when you encrypted the file/folder.

#!/bin/bash $ sudo mount -t ecryptfs -o ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=no,ecryptfs_enable_filename_crypto=no /home/zephyr/temp2 /home/zephyr/temp2

Save mount_temp2.sh

Right click, on the file in File Manager, go to the Permissions tab and tick the box “Allow executing file as a program”

Ubuntu 18.04, File Manager, Make executable, Zephyr Rodrigues, Belmonte, Luz de Tavira, Algarve , Portugal

Next with your Text Editor, create a new executable file.
Call it run_mount_temp2.sh for example.
Paste the following code into it.

#!/bin/bash #start terminal and mount encrypted temp2 folder gnome- terminal -- sh -c './mount_temp2.sh'

Make it executable as described previously. Now when you start your system, simply double click on

run_mount_temp2.sh

this it will call Terminal and prompt you to enter your passphrase. After entering the correct passphrase you will be granted full access to your encrypted folder and files within.

Automating the dismount process

You can dismount (unmount) your encrypted folder at any time to make it inaccessible. By default

to unmount an encrypted drive manually, open Terminal an run

sudo umount /path/to encrypted/folder

so, in my test case it is

sudo umount /home/zephyr/temp2

To Automate unmount/dismount:

Create an executable file (refer to ‘Automating the mount process’ for the steps) called

unmount_temp2.sh and in it enter the following code. Paths and folders should match your own.

#!/bin/bash sudo umount /home/zephyr/Documents echo "Dismounting Documents folder.."; sleep 5;

Next create the run file that will open Terminal and run the previous created executable.

Create an executable file called run_unmount_temp2.sh

Enter the following code into it:

#!/bin/bash #start terminal and unmount encrypted temp2 folder gnome-terminal -- sh -c './unmount_temp2.sh'

Double clicking on run_unmount_temp2.sh will run Terminal and execute the command to unmount the encrypted folder

Notes on Automation

All the automation files should be in the same folder/directory

The folder/directory containing the automation files should not be encrypted.

Creating an encrypted folder on a USB drive

On your Linux machine format a USB stick with ext4 file system. The USB stick will only be accessible to machines with Linux operating systems.

In this example I have given the USB stick a Volume Label called “SECRET”.

Whenever you plug in this USB stick it will be mounted as “SECRET” by the operating system.

Next create a folder on “SECRET”. I called mine temp3.

Next mount and encrypt the temp3 folder by running the following command in Terminal. The path name should start with media/home directory name/usb volume name on a standard Ubuntu 18.04 install.

$ sudo mount -t ecryptfs /media/zephyr/SECRET/temp3 /media/zephyr/SECRET/temp3

The steps to automate are the same as described earlier on.

Note: Verify the volume name for the usb that you use in your scripts is correct and matches the one shown in Terminal when you type df .

In Conclusion

To further automate the mount process you could utilize the Startup Applications Preferences app

Start Program App to start ecryptfs .sh type executables at computer startup. Ubuntu 18.04
Start Program App

which comes pre-installed on Ubuntu 18.04 . This allows configuring applications to run automatically when logging in to your desktop. So just add the run_mount_temp2.sh example to the list of startup apps.

In the Command: field you need to enter bash U% followed by the path to your .sh executable.

bash %U /path/to/file/run_mount_temp2.sh

Alternatively you can create a .desktop file in /home/your home directory/.config/autostart . So for example mount_documents.desktop with the following code in it.

[Desktop Entry]
Type=Application
Exec= bash %U /home/zephyr/Desktop/batch/ecryptfs_batch/ecryptfs_mount_Documents.sh
Terminal=true
Hidden=false NoDisplay=false X-GNOME-Autostart-enabled=true Name[en_GB]=mount-documents.desktop Comment[en_GB]="mount encrypted Documents"

One quirk I noticed is that ecryptfs will allow you to carry on mounting your encrypted volume with an incorrect passphrase and proceed to create a new signature for it but you won’t be able to access your encrypted files and folders. Ecryptfs does warn you first that the passphrase you have entered maybe be incorrect and do you want to proceed with the mount. Best to abort if you are unsure about the passphrase you entered.

All in all , I think ecryptfs is a robust , fast and very flexible file encryption system.

Source Reference:

Who is keeping your Android company?

Android Vulnerability, BlueFrag

Let's start with BlueFrag

This is a critical security issue allows a malicious entity to silently log onto your phone via bluetooth . “This vulnerability can lead to theft of personal data and could potentially be used to spread malware ” (TechSecurity, 2020). This vulnerability affects Android versions 4.2, 6.0.1, 7.0 and 8.0. If you are on a version that is older than 3 years you will not receive any security patches from Google.

How to reduce the risk of a BlueFrag vulnerability on older versions .

Since there aren’t any software patches what you can do is to keep your bluetooth connection turned off when not in use and not to make your phone is not discoverable via bluetooth.

The danger of running unsupported Android OS versions is high.

The current Android version is 10 but there are a lot of phones (millions!) running older versions which are no longer supported by Android and hence not patched for vulnerabilities. I have a phone with such an older android operating system v4.2 KitKat) and I am sure it has been hacked and the apps infected by malware. It has come to my attention many apps on it have every permission under the sun and even if you force stop them, they restart on reboot. BlueFrag is just one vulnerability. There are a host of malware apps that can be downloaded from the Google’s PlayStore including ones that can steal payments information and other personal information. To my mind Google takes a flexible view on security policy when it comes to safeguarding users’ personal data. Google have only committed to 3 year support plan for each version release. So you should consider this if you are in the market for a second hand phone.

What’s to be done if you are on a older OS?

Ditch phones with older versions. Personally I wouldn’t run anything older that v6.0 (Marshmellow) which has more strict settings to what permissions an app is granted. On v6.0 apps have to be granted permissions explicitly by the user to access sub systems on your phone. Of’course this requires knowledge by the user to know which permissions to allow or deny an app when prompted.

If you have the ability you can use ADB (Android Debug Bridge ) utility to remove bloatware apps from your phone and generally manage what is on your phone, in a better way.

More is less.

Be very careful with which apps you install. Just because an app (application) is available from Google Play for download does not mean that it is secure or that it will be secure in the future. Carefully check which permissions an app is requesting and has been granted. See this in your Settings -→ Apps.

Good luck everyone – remember to think twice 🙂

References:

https://techsecurity.news/2020/02/bluefrag-critical-bluetooth-vulnerability-in-android-cve-2020-0022/

thtps://www.cvedetails.com/vulnerability-list.php?vendor_id=1224&product_id=19997&version_id=188440&page=1&hasexp=0&opdos=0&opec=0&opov=0&opcsrf=0&opgpriv=0&opsqli=0&opxss=0&opdirt=0&opmemc=0&ophttprs=0&opbyp=0&opfileinc=0&opginf=0&cvssscoremin=0&cvssscoremax=0&year=0&cweid=0&order=1&trc=772&sha=cc989d75eb9a930c55694358f687a94f77858134h

GoAccess -a fab tool for quick Web Analysis on Linux

I was looking for linux Web Analysis tools and came across GoAccess. I found it’s recommended on a cybercitibiz site (Gite,2021).

On Linux Ubuntu 18.04 you can install it from the debian repository. Open Terminal and type

sudo install goaccess

This will run the install script and install goaccess on your system. To get help type

goaccess –help

To do something useful you need to point it at a web server log file. I am using a LAMP configuration for my test web server (Linux Apache MySql and PHP) . The log files here are located at /var/log/apache2/access.log where access.log is the name of the log file. If you have virtual hosts running you may have setup separate log files for each virtual host which is a good idea.

You can download remote web server log files to your local linux and view them in the goacess application.

To view the log file in goaccess run

goaccess -f/path/to/logfile/access.log

example: goaccess -f/var/log/apache2/access.log

Note: If any of your directory names contains a space or spaces enclose it in quotes or goaccess will encounter a parsing error.

The following screen should come up.

GoAccess initial selection screen- GoAccess is a light weight web traffic analysis Terminal tool for Linux

Pressing enter gives you the Analysis view shown below.

GoAccess Analysis of log file from a web server

I think it is an excellent tool for giving you some idea quickly, on what’s happening on your web site.

In my February log file snapshot, you can see that I had 3748 unique visitors and unfortunately no referrals (referrers). Referrals are when visitors come to your site through a link of your website on another site.

I think it is an really excellent tool! It’s small in size, just over 2Mb and easy on processor resources. And you don’t have to pass your or your client’s data to a third party like Google. Having mentioned Google , there is Google Analytics which is a full blown web analytics application. It is free. The down side is google have access all your web server traffic and activity.

There are Open Source Web Analytics alternatives which I am going to look into but for the moment I am happy with just GoAccess.

Sources: 7 Awesome Open Source Analytics Software For Linux and Unix - nixCraft , https://goaccess.io/

Installing Linux with Persistence on a USB stick

This was covered by myself in this previous article when I first ventured into the world of Linux and Ubuntu.

I have learned some new things now and this is a follow up to correct some inaccuracies. Firstly, you should not install Linux on any FAT file system including FAT32 as these file systems don't work correctly with linux file permissions.

Choose a partition size greater than 6GB preferably 10GB minimum for the primary partition which will contain the linux OS files and boot loader. Create a 4GB linux-swap partition as previously. Choose the ext4 journaling file system for the primary partition.

Ubuntu 18.04 partitioned with G-Parted

During installation I made a mistake and installed the ext2 file system which is a legacy linux file system and does not support journaling. A Journaling file system verifies the state of a file during the copy/move process by keeping logs. If a power outage occurred during the file copy process the system would know about it and inform the user that the file was not transferred/saved successfully. There is no such tracking with a non journaling file system and the corrupted file would be saved as a valid entry. I will have to see if I can convert from ext2 to ext4 without having to re-install.

Ubuntu 18.04 installation ext2 primary partition

The rest of the installation procedure for a portable Ubuntu linux 18.04 is still valid.

References: LinuxFilesystemsExplained - Community Help Wiki

Share your Smartphone internet – Bluetooth

I decided to invest in a Bluetooth dongle to help me access the internet on my desktop etc via my smartphone. Why, I think is more secure in being less visible than a Wifi connection.

After having a look around I decided to go for the Plugable USB-bt4le from amazon. This is because it claimed be run on Linux. You can read the review here

And it did! However I had an issue when connecting on an unlocked smartphone that was on the Orange network. This forced me to dig into the world of Android development . It was a baptism of fire. 🙂 I spent and entire day and most of the night learning about Android’s adb (android debug bridge) and the android development environment.

Thanks to Canonical who maintain the software packages for Ubuntu, it is easy to install adb using the apt install adb command in Terminal.

Plagable bluetooth 4.0 on Ubumtu 18.04, Canonical, debian,

After digging around on the internet I found that tethering was set to use DUN and to disable this you had to run

sudo adb shell in Terminal

followed by the statement below after you enter shell in

shell@E####:/ $ settings put global tether_dun_required 0

I think removing the APN for the DUN setting from the mobile phone carrier (on the Orange network in my case) also helped as it seemed to re-enable DUN on reboot.

shell@E####:/ $ settings delete global tether_dun_apn=[ApnSettingV3]Orange Internet,orange.fr,,,orange,orange,,,,,208,01,0,DUN,,,true,0,,,,,,,spn,Orange F

Then reboot.

This did not solve the tethering problem entirely although it prevented the DUN (Dail-up Network)lookup on trying to connect.

What really got it working - Solution to Bluetooth tethering the Smartphone running Android 6.0.1

On your Android Smartphone Go to Settings

Turn on Bluetooth first (ensure you also have an internet connection although this can be done later ). Then

Settings → More → Tethering and Portable Hotspot

then Enable Bluetooth tethering.

And this should work! Unfortunately it seems you have to do this each time you turn Bluetooth on.

Credits:

phpMyAdmin on Ubuntu 18.04

I had phpMyAdmin version 4.6 something running on php 7.2.24 on Ubuntu 18.04 linux.

I checked the version I had by running the following command in Terminal : apt show phpmyadmin

Package: phpmyadmin
Version: 4:4.6.6-5ubuntu0.5
Priority: extra
Section: universe/web
Origin: Ubuntu
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Original-Maintainer: Thijs Kinkhorst <thijs@debian.org>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 25.0 MB

I uninstalled the older version of phpMyAdmin via Terminal and running :

sudo apt remove phpmyadmin

These were originally installed from the Debian repository using Terminal and command line when I setup LAMP .

Do not use the autoremove command if you want the current version of php left in place. I also left the old phpMyAdmin database in place. Because I was not sure if it was needed by the new version.

My current php and phpMYAdmin versions are as shown in the image below

phpMyAdmin error - Warning in ./libraries/sql.lib.php#613

You can refer to this article here. phpMyAdmin never worked properly. When accessing tables in databases I got the following type error.

Warning in ./libraries/sql.lib.php#613

count(): Parameter must be an array or an object that implements Countable etc….

After looking at various articles the best solution I think is the one I found at AskUbuntu.com . See the image below.

How to get rid of phpMyAdmin error - Warning in ./libraries/sql.lib.php#613

It is simple and very effective. And exemplifies the portability of phpMyAdmin. The other methods of removing the installed version of phpMyAdmin and installing a newer version look painful and are not guaranteed as the Debian repository may not have the latest version or version compatible with your current Php version.

Method:

  • Go to the phpMyAdmin website. Download the latest version in zip format (5.0.4 at the time of writing). Copy the hash number as well. This will enable you to verify the integrity of the downloaded file.
  • Verify the hash number. To do this, open Terminal, supply the path where the zip file has been downloaded and type sha256sum filename.zip . Verify the hash number is the same as that supplied by the phpMyAdmin download site. See image below.
  • Unzip the file.
  • Copy the unzipped folder and all it’s contents to your public folder. On Ubuntu 18.04 running Apache 2.4.29 this is in ‘/var/html’ . You can renamed to folder to something shorter if you like.
  • Make a copy of config.sample.inc.php and rename it to config.inc.php.
  • Edit config.inc.php

Make sure you have the authentication part setup correctly as follows to use a cookie and your web server is correctly specified in host.

/* Authentication type */

$cfg['Servers'][$i]['auth_type'] = 'cookie';

/* Server parameters */

$cfg['Servers'][$i]['host'] = 'localhost';

$cfg['Servers'][$i]['compress'] = false;

$cfg['Servers'][$i]['AllowNoPassword'] = false;

  • Save config.inc.php
  • Launch phpMyAdmin by accessing the phpMyAdmin hosted folder.
  • In my case https://localhost/phpMyAdmin5/ You should get the phpMyAdmin login screen. See image below.

All done! 🙂

Spell Check not working in LibreOffice on Ubuntu 18.04

This even though the hunspell dictionary seems to been installed in LibreOffice.

The solution is to open Terminal and

 sudo apt install hunspell-en-gb

Credits

Thanks to @timothy at AskUbuntu.com for the phpMyAdmin solution.

Thanks to TrisquelUser on https://ask.libreoffice.org/en/question/78558/spell-check-not-working/

for the LibreOffice Spell Checker fix.

Moving a live WordPress site to a local LAMP Server

Linux, Apache, MySql, WordPress, Web Development, Algarve, Portugal
LAMP on Ubuntu 18.04

Audience: Ubuntu Desktop and Server users. Tested on 18.04

Steps to follow to setup a local development WordPress installation.

1) Copy your entire live WordPress directory to your local LAMP server.

Do this by means of FTP using and FTP Client such as Filezilla.

This should include your wp-admin, wp-includes , wp-admin and all the files in the root directory in which these reside. This is where the wp-config.php, wp-login.php, .htaccess files etc reside.

2) On your LAMP server these should be placed in the directory. It is advisable to create a folder under the html directory where these files will go if you are hosting more than one test site. e.g var/www/html/testsite

3) Backup the MySql database related to your WordPress live site. It is easiest to do this using PHPMyAdmin provided by your control panel of your hosting site. This is the only way have done it so far. Accept defaults and export the database. You will be given the option to save the file as a *.sql file.

Ubuntu 18.04, WordPress, Stack Exchange, Ask Ubuntu, Algarve, Portugal

4) On your LAMP server create a MySql database and database user. You can use PHPMyAdmin. However I have had problems, with PHPMyAdmin throwing up errors and not importing the database correctly or granting user privileges correctly. I have had to do it via command line like this. I strongly advise this method, as command line rules. 🙂

By command line.

Log into mysql as root

Create database

mysql> create database db_name;

Import the database:

mysql> use db_name;

mysql> source backup-file.sql;

Create a user and grant privileges

GRANT ALL PRIVILEGES ON mydb.sql TO myuser@localhost IDENTIFIED BY "mypassword";

5) Edit your WordPress wp-config.php ensuring that the database name, username and user password match the ones created.

6) Update your tables to ensure your links work but running the following 3 command line MySql queries on the following tables. You can do this by logging into mysql as root via command line.

UPDATE wp_options SET option_value = replace(option_value, 'https://www.example.com', 'https://localhost/test-site') WHERE option_name = 'home' OR option_name = 'siteurl';

UPDATE wp_posts SET post_content = replace(post_content, 'https://www.example.com', 'https://localhost/test-site');

UPDATE wp_postmeta SET meta_value = replace(meta_value,'https://www.example.com','https://localhost/test-site');

These queries will replace references to your live site’s URL from database with the localhost URL.

7) Lastly, an mostly importantly this pertains to the Ubuntu operating system environment. Apache here is installed differently from a native install for security reasons. In order to get your development WordPress running, you must do the following otherwise none of the symlinks ( symbolic links) to other pages on your site will work.

Note: nano is a text editor that’s pre-installed on Ubuntu

  1. In /etc/apache2/apache2.conf, edit AllowOverride None for /var/www/ to AllowOverride All
  2. To edit use

sudo nano /etc/apache2/apache2.conf

Press CTRL + W and search for “<Directory /var/www/>”

Change here AllowOverride None to AllowOverride All

Save file and exit. (Press CTRL + X, press Y and then press ENTER)

  1. Type in the following command to enable mod_rewrite for .htaccess

sudo a2enmod rewrite

  1. Restart your apache server:

sudo service apache2 restart

Finally make sure you have a .htaccess file in the root directory where WordPress is installed.

It should contain code similar to this:

# BEGIN WordPress

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteBase /your_directory/

RewriteRule ^index\.php$ - [L]

RewriteCond %{REQUEST_FILENAME} !-f

RewriteCond %{REQUEST_FILENAME} !-d

RewriteRule . /your_directory index.php [L]

</IfModule>

# END WordPress

That’s about it for now! Coming soon, a Control Panel App for a local LAMP install.

Sources:

Credits to: https://wordpress.stackexchange.com/users/84055/avinash (April,2020)

Credits to: https://www.wpbeginner.com, Editorial Staff at WPBeginner led by Syed Balkhi. (April,2020)

LAMP on Ubuntu 18.04

I took the leap and migrated to linux, ditching MS Windows 7 as my main operating system.

On the whole I am very pleased with Ubuntu 18.04.

I was running XAMPP on Windows 7 as test environment for hosting WordPress and PHP based applications.

So I needed to install a similar test environment on Ubuntu 18.04 desktop. In the Linux world this is LAMP. The components of LAMP are Linux, Apache Web Server, MySQL Server and PHP

Here is how to install LAMP on Ubuntu 18.04

Using command line via Terminal (press Control+Alt+T ) Terminal  Ubuntu 18.04

Install Mysql.

  • Ensure you have an internet connection then open Terminal.
  • Type sudo apt install mysql-server

Press Enter on the keyboard. This will install the Mysql Metapackage from the Debian repositories.

Test your Mysql server installation by typing mysql in the terminal window. You used be able to login with your Ubuntu user login password.

Install Apache 2

To install Apache you must install the Metapackage apache2 from the Debian repositories. This can by

  • Ensure you have an internet connection then open Terminal.
  • Type sudo apt install apache2

Install PHP

  • Ensure you have an internet connection then open Terminal.
  • sudo apt install php-pear php-fpm php-dev php-zip php-curl php-xmlrpc php-gd php-mysql php-mbstring
  • Your server should restart Apache automatically after the installation of both MySQL and PHP. If it doesn't, execute this command.

Check Apache

You should see the following page with a message saying that it work

Apache Web Server running

Check PHP

  • You can check your PHP by executing any PHP file from within /var/www/.
  • Alternatively you can execute the following command, which will make PHP run the code without the need for creating a file . $ php -r 'echo "Your PHP installation is working\n";'

Pat yourself on the back and take a break. Congratulations! You have just successfully installed a LAMP server on Apache.

As a reward install and play Chromium BSU.

  • Ensure you have an internet connection then open Terminal.
  • Type sudo apt install chromium-bsu

This should download and install this excellent arcade game which you can play for 5 minutes to have a break :). I tried downloading it from the Ubuntu Snap store but it didn’t install correctly from there. Chromium B.S.U Debian, Ubuntu 18.04

Preparing LAMP to run as a local WordPress and Web Hosting Test Environment.

Ubuntu installs Apache in modules and splits the configuration files which is different from the standard install.

The Mysql server installs with the Ubuntu user as root for authentication. WordPress and other applications use native mysql authentication.

Here is how to enable native root user authentication and change the mysql root user password.

  • Stop mysql:
  • $ sudo service mysql stop
  • (Be sure to stop the current server before performing the steps. Only one server can run at a time.)
  • $ sudo mkdir /var/run/mysqld; sudo chown mysql /var/run/mysqld
  • $ sudo mysqld_safe –skip-grant-tables&
You should see sonething like this if it runs successfully

[1] 1901

*@*-desktop:~$ 2020-04-29T20:36:42.126862Z mysqld_safe Logging to syslog.

2020-04-29T20:36:42.132327Z mysqld_safe Logging to '/var/log/mysql/error.log'.

  • 2020-04-29T20:36:42.197722Z mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql
  • Next run $ sudo mysql --user=root mysql
  • This will log you in as the native mysql root user.

“Welcome to the MySQL monitor. Commands end with ; or \g.

Your MySQL connection id is 2

Server version: 5.7.29-0ubuntu0.18.04.1 (Ubuntu)..”

and you should have the mysql prompt mysql>

  • to change the root pasword run

mysql> update user set authentication_string=PASSWORD('new_password') where user='root';

You should see

Query OK, 1 row affected, 1 warning (0.03 sec)

Rows matched: 1 Changed: 1 Warnings: 1”

  • To change the authentication plugin run

mysql> UPDATE user SET plugin='mysql_native_password';

You should see someething like

Query OK, 4 rows affected (0.00 sec)

Rows matched: 4 Changed: 4 Warnings: 0

  • Finally

mysql> FLUSH PRIVILEGES;

  • mysql> quit
  • stop and start the mysql server and test root login:

Stop mysql:

$ sudo service mysql stop

Start mysql (normal):

$ sudo service mysql start

Log in as root on localhost:

$ mysql -h localhost -u root -p 

That’s it for now! 

Sources:
Ask Ubuntu - software installation - mysql doesn't ask for root password when installing - Ask Ubuntu

Initial Server Setup with Ubuntu 18.04 | DigitalOcean

https://howtoubuntu.org/ ,How to Install LAMP on Ubuntu, April,2020