Installing WordPress on Ubuntu 18.04 LTS

In this post, we will deploy a server with Ubuntu 18.04 LTS and install WordPress on it.

The installation of Ubuntu Server is straightforward. The only step we need to pay attention to, is the static IP. It will make the things easier later.

Once Ubuntu is installed, we need to run the two simple, yet important commands:

sudo apt update
sudo apt upgrade

Once this is done, we will install the Apache web server:

sudo apt install apache2

If everything went well, we should see the Apache default configuration page on our browser:

Next, we will install the MySQL database engine, and secure the installation (we will choose a password for the MySQL root user during this step):

sudo apt install mysql-server
sudo mysql_secure_installation

Then, we will install php and some additional modules:

sudo apt install php libapache2-mod-php php-mysql

Once this is done, we will restart and enable Apache:

sudo systemctl restart apache2
sudo systemctl enable apache2

Next, we are going to create a MySQL database for WordPress:

sudo mysql -u root -p
create database wordpress;
GRANT ALL ON wordpress.* TO ‘wordpressuser’@’localhost’ IDENTIFIED BY ‘password’;
flush privileges;
exit

Next, edit the Apache configuration file:

sudo nano /etc/apache2/apache2.conf

Copy and paste the following block of text at the end of the file:

<Directory /var/www/html/>
AllowOverride All
</Directory>

Ctrl-O to save the changes, and Ctrl-X to close the file.
Next step is to enable mod_rewrite module:

sudo a2enmod rewrite
sudo systemctl restart apache2

Now comes the beautiful part of installing WordPress:

wget -c http://wordpress.org/latest.tar.gz
tar -xzvf latest.tar.gz

After downloading and unzipping the files, we will copy everything in the web directory:

sudo rsync -av wordpress/* /var/www/html/

Give the right permissions for the web directory:

sudo chown -R www-data:www-data /var/www/html/
sudo chmod -R 755 /var/www/html/

We need to rename the sample configuration file and edit it:

cd  /var/www/html
sudo mv wp-config-sample.php wp-config.php
sudo nano /var/www/html/wp-config.php

Put the values that you choose earlier for your database_name, db_user and db-password. Leave everything else as it is.

Save and close the file.

One more thing: remove the index.html file from the web directory, since wordpress uses an index.php to run.

sudo rm index.html

Reboot.

After reboot, open the IP address of your server in a browser, fill out the required fields, click on Install WordPress and start blogging !

Note: If we want this WordPress installation to be available on the internet, by forwarding port 80 to the IP address of the server and add a domain to it, it is a good practice to add a SSL certificate to our server. Check my post about adding free ssl certificate in ubuntu with let’s encrypt

Use Task Scheduler to reboot a PC every day at specific time

This task is very useful when you have a computer that does a job unattended, like running a machine in a warehouse. Windows needs to be rebooted from time to time, in order to free up memory, clean temporary files, run updates or whatever reason you may find.

Luckily, the tool to do a scheduled reboot is already available. Here’s how to use such a tool in Windows 10.

Press the WIN key, and start typing Task Scheduler until the program is displayed in the options:

Start it, and take a look at the main window:

Select Create Basic Task, on the right panel. You will be prompted to give it a name:

Then, select when the task is scheduled to run, and at what time of the day:

The next step is to specify what program will run when the task is executed:

Type shutdown, and add the /r argument in the second field. R stands for reboot.

Note: If, for whatever reason, a user is working on that computer, we need to inform him and add a delay, so he can cancel the reboot, if he wants to. We add /t and the time in seconds to delay the reboot. For example, if we want to reboot after 30 minutes, the arguments will be: /r /t 1800. In that case, the user will receive a warning and he will have half an hour to cancel the reboot. He can do that by running shutdown /a at the command prompt, or execute a batch file that contains this command. Argument /a stands for Abort. See the Addendum at the end of this post on how to create a batch file.

Select Finish to complete the task, and we’re done.

Addendum:

To create a batch file that will cancel the reboot, open Notepad, type the words shutdown /a in it, save it with the extension .bat instead of txt and place it somewhere easy to find. When the Scheduled Task triggers the reboot, the user will have 30 minutes to execute that batch file and cancel it.

Set a desktop wallpaper using Group Policy

So, we are in an Windows Active Directory environment and we want to deploy the same wallpaper for all the users in the domain.

First, we need the create a share, readable by all the users, and put the wallpaper image inside that share. The share can be on the DC itself or on another domain-joined server.

Next step, we go to the DC, open Group Policy Management, select the domain and create a new GPO:

We give a name to the GPO and save it. Next, we right click on the newly created GPO and select Edit:

In the editor, we navigate to User Configuration – Policies – Administrative Templates – Desktop – Desktop:


On the list of policies, we open the one called Desktop Wallpaper and do two things:

  1. indicate the path and the name of the image
  2. enable the policy

Click OK and we’re done.
Note that it will take a log off / log on cycle on the client pc to see the policy in action.
The policy can be further customized according to some specific needs, but the basics are here.

Have fun!

Adding free SSL certificate in Ubuntu with Let’s Encrypt

So, we have a Virtual Private Server (I prefer Digital Ocean) hosting a website or a WordPress blog, and we want to look serious by adding an SSL certificate, so the visitors could use https instead of http.

There are a couple of easy steps to do that. First, I will assume you only have one site on that VPS, so no virtual hosts are set up. First two commands are for installing certbot:

sudo add-apt-repository ppa:certbot/certbot
sudo apt update
sudo apt-get install python-certbot-apache

Next, we will obtain an SSL certificate:

sudo certbot –apache -d example.com -d www.example.com

Of course, we need to replace example.com with the actual name of the domain.

Enter your email address, then agree with the Terms of Service.

When asked if we want to redirect all http traffic to https, answer yes by choosing number 2.


Also, when asked about the virtual host, choose the second one (since we don’t have virtual hosts configured), that is the one with our domain name next to it. In my case, the virtual host file was named 000-default-le-ssl.conf

Once the certificate is successfully installed, run this:

sudo certbot renew –dry-run

If we see no errors, then the auto-renewal is enabled.

Now, there is a glitch to this: The browser might show a yellow exclamation mark, like this:

If the website already has images or other internal links on it, the URL’s that points to those images have to be changed to https://path_to_image. Yes, just by adding an s to the link, nothing else. So, it is a better practice to add the certificate before deploying the website or installing WordPress.

If all is done, the browser will give a green light. Like this:

Warning messages after installing Nextcloud server

In a previous post, we installed Nextcloud on Ubuntu Server 16.04 LTS. All good, but once we go to User  – Settings – Basic Settings we see several messages written in red, telling us we need to perform additional tasks.

Now, Nextcloud will work without those corrections, but if we want maximum responsiveness from our server, it’s better to take care of them. Let’s start with the first one:

Your data directory and your files are probably accessible from the internet. Your .htaccess files is not working.

Log in to the server and make a small change in the apache2.conf file:

sudo nano /etc/apache2/apache2.conf

Look for those lines:

<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>

Replace None with All. Then save and close the file and restart the apache service:

sudo service apache2 restart

The first warning message is gone. We are going to ignore the second message (Accessing site insecurely via HTTP), since our server is not public and it doesn’t have a domain name, so it doesn’t need and can’t have an SSL certificate.

No memory cache has been configured. To enhance performance, please configure a memcache

We start by installing APCu and Redis to enable caching. That will make our server faster when displaying media files and generating thumbnails:

sudo apt-get install php-apcu redis-server php-redis
sudo nano /etc/redis/redis.conf

In the file, make the following changes:

  • port 6379 to port 0
  • uncomment the line:   unixsocket /var/run/redis/redis.sock
  • uncomment the line:   unixsocketperm 700
  • on the same line, change 700 to 770

Save and close the file, then add the apache user www-data to the redis group, then restart apache service and start the redis service:

sudo usermod -a -G redis www-data
sudo service apache2 restart
sudo service redis-server start
sudo systemctl enable redis-server

Next, we open the Nextcloud configuration file:

sudo nano /var/www/html/nextcloud/config/config.php

Add the following block of code at the end of the file, BEFORE the last closing bracket:

‘memcache.local’ => ‘\\OC\\Memcache\\Redis’,
‘memcache.locking’ => ‘\\OC\\Memcache\\Redis’,
‘filelocking.enabled’ => ‘true’,
‘redis’ =>
array (
‘host’ => ‘/var/run/redis/redis.sock’,
‘port’ => 0,
‘timeout’ => 0.0,
),

Reboot the server for the configuration to take effect.

The PHP OPcache is not properly configured

Open the php.ini configuration file:

sudo nano /etc/php/7.0/apache2/php.ini

Find each one of the following lines, un-comment them and change the settings according to the indications in the warning message. (The Ctr-W combination in the nano editor will help with the search):

opcache.enable=1
opcache.enable_cli=1
opcache.interned_strings_buffer=8
opcache.max_accelerated_files=10000
opcache.memory_consumption=128
opcache.save_comments=1
opcache.revalidate_freq=1

There is one more consideration. The maximum file size for uploads is set to 2 MB, which is way too small for a photo or a video. So let’s change that to something bigger, like 1 GB or more. In the same file, find and change those two lines:

upload_max_filesize = 1024M
post_max_size = 1050M

We put the second value a little big bigger, to avoid errors when uploading a file that is EXACTLY 1 GB in size.

One more apache2 restart and we’re done.

How to set up a VPN client in Windows 10

In this short post, we will connect to the VPN server we configured in my other post from a remote computer running Windows 10.

First, we go to Network and Sharing Center, by right-clicking on the Network icon on the desktop and selecting Properties. Next, we select Set up a new connection or network:

Select Connect to a workplace:

Enter your public IP address (or the host name, if you have a dynamic IP and are using a service like NoIP)

Once the VPN connection has been created, we need to change one setting, so we go back to Network Connections and access the properties. Select Use Extensible Authentication Protocol, and click OK.

Double click on the VPN connection, enter your credentials and you’re done.

Now, remember: this connection will only work if you followed my tutorial about setting up VPN in Windows Server 2012 R2, and used the exact same settings. If you set up the VPN server with different security settings, then you will have to set the client accordingly.

Adding VPN role in Windows Server 2012 R2

In this post, we will enable and configure VPN role in Windows Server 2012 R2.

It is a good practice to do that in an Active Directory domain, preferably on a dedicated machine that is a member server, but not a domain controller.

First step is to add the role in Server Manager:



Enable the Remote Access role:

Leave the Features as they are and click Next:

Follow the wizard using the default settings.
Once finished, go back to Server Manager – Tools – Routing and Remote Access. Right click on the name of the server, and select Configure and Enable Routing and Remote Access:

Select Custom configuration and enable the VPN Access service:

Follow the wizard until the end. Then, click on the server name and select Properties:

Navigate to Security tab, and click on Authentication Methods:

Make sure to select the EAP Protocol and MS-CHAP version 2:

Next, we need to enable the PPTP Passthrough (also known as GRE) in the router, and also forward the 1723 TCP port to the IP address of the VPN server.

Last thing to do is allow the two protocols thru the server’s firewall:

Every user that is allowed to connect to that VPN needs to have the Dial-In feature in Active Directory set to Allow access:

This is the most simple setup for a Windows VPN. You can play further with settings to increase security, but the basics are here. Have fun !

Check out my other post about setting up a VPN client in Windows 10.

Error message on MSI workstation: We can’t find your camera

So, I had to troubleshoot an error message on a mobile workstation from MSI. The camera wasn’t detected. Not just a missing driver or a yellow exclamation mark in Device Manager, but nothing. Nada. Here is the error message:

I was sure the camera was simply dead. But, after troubleshooting the issue for a couple of hours, i felt like dumb when I discovered that the camera can be enabled/disabled by pressing Fn+F6. Pressed the combination and, voila!

Apparently, MSI has a hardware switch, and Windows 10 doesn’t know if the camera is there, but it’s disabled, like you disable an Ethernet adapter and still see it grayed out.

Simple three columns responsive website template

This is a sample HTML file that I would use if I want to build a very basic HTML website by hand. It was created by the guys at w3schools.com.

It’s only the skeleton that everyone can use to start a website using nothing but HTML and CSS. It looks like this:

The left and right columns take 25% of the width, and the middle column takes 50%. When viewing the page on mobile devices, the right column goes to the bottom of the page, making room for the other two. The left column usually has an Item Menu, and the middle column has the actual content of the articles. That is what designers call a responsive design.

Many more lines of code and custom CSS can be added after that, according to everyone’s taste. But the basics are there.
The file can be downloaded here: Three columns website

Happy coding!