So, I have been reading about this for a long time and there's never a conclusive answer to be found anywhere.

I have a Centos 6 LAMP web server which mostly hosts websites created by yours truly and the occasional website created by someone else.

Which is the most secure way to configure Wordpress folders ownership AND keep all the automatic features (updating, uploading and so on) without the need to insert ftp or sftp credentials each time?

Aside from permissions (which I always set to 755 for folder, 644 for files and 600 for special files, as suggested everywhere), there's a lot of different ideas about ownership.

Somebody says apache should be the owner of the whole folder. Somebody says that the owner should be your server user (root for instance, or a dedicated user) and never apache.

But if the owner is not apache, you have to use your ftp credentials to upload, update and so on.

So is there a way to actually have it all? What's the safest and smartest way to configure ownership for Wordpress?

Thanks guys.

Recently we've updated our linux distribution (and our apache version)
We've updated from Apache 2.2 to Apache 2.4
Since there, Apache is unable to check passwords in htpasswd files. Apache refuses to authenticate, even if the password is correct.

Indeed, encrypted passwords in htpasswd files are generated with PHP crypt function.
The salt in this function is always the same and contains the '@' character

With Apache 2.2, authentication works, but it doesn't with Apache 2.4. Otherwise, new passwords with "normal salt" (without @) work with Apache 2.4
It seems Apache 2.4 doesn't like @ in encrypted passwords.

How can we do to keep our old htpasswd files (with @ in salt) ?
Maybe, we need to add an escape character to "@" in the htpasswd files ?

Hello, I have a website hosted at InMotion hosting an I'm having trouble making the .htaccess rules work properly. I need rules for:

1. Force https on every page
2. Force www. when not entered
3. Hide index.php, so a page looks like this https://www.gastronegocios.com/contacto instead of https://www.gastronegocios.com/index.php/contacto

I currently have this rules, but their not working properly:

RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$

RewriteEngine On

RewriteBase /
RewriteCond %{HTTPS} off

RewriteCond %{HTTP_HOST} ^gastronegocios.com [NC]
RewriteRule (.*) https://www.gastronegocios.com/$1 [R=301,L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule .* index.php?/$0 [PT,L]

Select all Open in new window

Friend transferred a wordpress site to a new VPS, the new host is displaying SOME pages but not all pages.

For example /category/mypage works
but category/mypage2 returns 500 server error

Wp-admin works, so i dont htink its a database issue, i re created the htaccess file, no luck.

When i inspect the  broken page it says <!-- html is corrupted -->

They are using the wordpress fastest cache plugin, not sure if that helps (even though i look into the cache folder and not all the pages are in here? is it permissions? i set 777 temporarily on those folders but look slike Fastest Cache isnt loading those pages into the cache)


Any ideas other than corrupted pages one one page would return 500 server error?

Anyway to set more max ram to Tomcat 32bit?

Something wierd seems to be going on... I have an application on tomcat that used to be on a physical windows server 2008 standard 32-bit which I p2v'd with vmware converter over as a VM. I'm upgrading the server to windows server 2008 r2 64bit and instead of doing an inplace, I'm just building another one up and doing parallel side by side, and its a fresh VM from the start, no p2v stuff....

The strange part is I was able to set a max memory in the tomcat9w.exe configuration tool to about 1600 Megabytes and that was the hitting of the wall on that setup (the original physical one that I p2v'd to a VM), I can set less ram, but I cannot set it more than 1600 otherwise when I try to start the tomcat service in services.msc it will just crap outs.

So my thinking was since I have to stay on 32-bit of tomcat and 32-bit of Java JVM anyhow (long story...) that it might be better to put it in a 64-bit OS (server 2008r2) rather than the standard 32bit of server 2008. Long story short, from a fresh VM, on this box I'm only able to set a max total ram in tomcatw as around 1000 m (1GB) and if I set anymore it will not start, as in I cannot get tomcat service to start... so the wall is around 1GB...

As a test, I installed the tomcat (zip extract, not using msi or exe installer) to my own client workstation laptop running the latest windows 10 1809 etc and once again I hit the 1GB wall and cannot even get it to go up to 1.6GB, even …

Hello Htaccss  Experts :)

I have an htaccess file that has, near the end, a rewrite section that redirects the site to another url.

I don't want that redirect to happen, but I'm not sure how to change that htaccess file.

It's running on xampp that I installed on my local windows based server, for testing locally on Localhost.

I have changed the redirect to google, for privacy issues.   But I just want there to be NO redirect. It's a WordPress site that I just want to run locally for some testing. WordPress has been successfully installed.

Below is a snippet from the end of the .htaccess file   My snippet starts a few lines before the rewrite engine section -- and goes all the way to the end of the .htaccess file

ExpiresByType application/x-shockwave-flash "access 1 month"
ExpiresByType image/x-icon "access 1 year"
ExpiresDefault "access 2 days"
</IfModule>
## EXPIRES CACHING ##

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/cpanel-dcv/[0-9a-zA-Z_-]+$
RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$
RewriteRule ^(.*)$ https://www.google.com/$1 [R,L]
# Use PHP70 as default
AddHandler application/x-httpd-php70 .php
# BEGIN custom php.ini PHP70
<IfModule mod_suphp.c>
    suPHP_ConfigPath /home3/zzz/public_html
</IfModule>
# END custom php.ini

Select all Open in new window

Would just changing "rewriteengine" to öff do it?

As I said, I am running this on my local computer using xampp   (which I haven't used for a while, but I got localhost working on it.)

Thanks!
Rowby

Gotta start 2019 with less stress.

I've been with Hostgator for years and never satisfied, but inertia kept me there.  A couple things recently came up and I gotta get out of there.

I pay $30 a month for their reseller package.  I have about a dozen clients static websites in there. I have the hang of how things work - cpanel and whm. i can move around to different client's cpanels when I log in as me / account owner.

Some have office 365 but some have pop / imap email with hostgator. I think that's the part that kept me from moving sooner - dealing with moving the mail somewhere else and not have them get all the old mail in their pop account, mail getting lost, etc.

1) Any recommendations for hosting companies these days?  Is what I have - reseller with cpanel and whm - common or uncommon?
2) Is moving mail a big deal? Do companies do that for you as part of the move?  Is it pretty seamless?

thank you!

I need some mod rewrite help with a regex.  This is an example url - https://www.thefrugallife.com/12all/lt.php?c=1728&m=2981&nl=1&s=c9b91a7ca200a96e668e515ecf49b34c&lid=19221&l=-http--www.theherbsplace.com/Shop_A_Z_page_1_c_28.html

I am trying to get it to redirect to the url after the last equals sign - http--www.theherbsplace.com/Shop_A_Z_page_1_c_28.html

I have 2,000 links like this all with a different url after the last equals sign.

Here is my code

RewriteCond %{REQUEST_URI} /?12all/lt\.php$
RewriteCond %{QUERY_STRING} c=(.*)$ [NC]
RewriteCond %{QUERY_STRING} m=(.*)$ [NC]
RewriteCond %{QUERY_STRING} nl=(.*)$ [NC]
RewriteCond %{QUERY_STRING} s=(.*)$ [NC]
RewriteCond %{QUERY_STRING} lid=(.*)$ [NC]
RewriteCond %{QUERY_STRING} l=-http--(.*)$ [NC]
RewriteRule ^.*$ https://%6/? [NC,L,R=301]

Select all Open in new window

Please tell me what I am doing wrong so I can get this cleaned up for Google.

Thanks,

my spring jdbc program displayed this error...
This works on tomcat on windows, fails on linux.



 i am trying to access a apache jersey db,

HTTP Status 500 – Internal Server Error
Type Exception Report

Message Servlet.init() for servlet [SpringDispatcher] threw exception

Description The server encountered an unexpected condition that prevented it from fulfilling the request.

Exception

javax.servlet.ServletException: Servlet.init() for servlet [SpringDispatcher] threw exception
      org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:493)
      org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
      org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:650)
      org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
      org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:800)
      org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
      org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:806)
      org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1498)
      org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
      java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      …

Why can't I log in to the status page tomcat or manager app page in tomcat from a clean install?

So I go to get a tomcat version like here :http://mirror.olnevhost.net/pub/apache/tomcat/tomcat-7/v7.0.92/bin/apache-tomcat-7.0.92-windows-x86.zip

This is windows 32 bit, I unzip the thing and place it into my custom app's tomcat folder (renaming it from apache-tomcat-7.0.92 to just tomcat)

Then I install the tomcat7 service to windows services.msc using "service.bat install" command and then start it in the services.msc

I go to localhost:8080 and getr the main page that states tomcat is installed ... then when I try to click on the status page to login it won't allow...

I configured the tomcat-users xml file and triple checked all settings, even restarted server and restarted service etc

but it won't let me login no matter what?!?!?!

Hi EE,

What's the reason behind the following error (see attached) I am getting mixed results when I google it, I am current the local admin on my PC and when I change port numbers in the .ini file (attached) xampp just tries to pick random ones.

Attached is the log file as well no clues I can see here.

Any assistance is welcome.


Thank you.
error.PNG
my.ini
mysql_error.log

Hello,

Does anyone have any idea how to authenticate a user against two different OUs on the same AD server?

I am using Apache 2.4 on Ubuntu 18.04.
Server version: Apache/2.4.18 (Ubuntu)
Server built:   2018-06-07T19:43:03

The user could be in "ABC User" or "XYZ user".
AD OUs are:
AuthLDAPURL "ldap://adx.ABC.org:389/OU=ABC Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*)"
and
AuthLDAPURL "ldap://adx.ABC.org:389/OU=XYZ Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*)"


Part of the current conf file:
<Location />
      AuthName "ABC Intranet"
        AuthBasicProvider ldap

        AuthType Basic
        AuthLDAPURL "ldap://adx.ABC.org:389/OU=ABC Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*)"

      # login to AD
      AuthLDAPBindDN "CN=ldap_ABCweb,OU=ABC Service Accounts,DC=ABC,DC=org"
        AuthLDAPBindPassword
        AuthLDAPGroupAttributeIsDN off
        AuthLDAPGroupAttribute memberUid

# tried this and failed
#      Require ldap-filter (&(memberOf='OU=XYZ Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*')|(memberOf='OU=ABC Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*'))

# tried this and failed                                     
#      <RequireAny>
#        Require ldap-filter (&(memberOf='OU=ABC Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*'))
#        Require ldap-filter (&(memberOf='OU=XYZ Users,DC=ABC,DC=org?sAMAccountName?sub?(objectClass=*'))
#       </RequireAny>

      # require any is implied
      require any
      Require valid-user
      …

Hello,

We are facing issues of transaction declines on our Application Server. After running netstat -ano it is observed that there are many entries find out with "Time_Wait" status. This server has Apache, Java Middleware, Switch & ActiveMQ components installed on it. The transactions are high in volume approximately 2.5 million per day.

We want to know any parameters needs to be checked on registry or in Application to troubleshoot this issue.

Regards
Gurunath