How to Manually Run Cron Tasks

To manually run cron tasks you can use the run-parts command in Linux.

So to run your cron-weekly, for example, to test that a fix you just made runs without error (this is what I just did, in fact)

run-parts /etc/cron-weekly

run-parts will run all the executables in a directory (you must point at the directory). So if you have several files in cron-weekly to run, you can’t just point to one of the files.

You may run into environmental differences running the script as a different user than the cron test runs at, so you can run as that user if needed. You need to be aware this is a quick and simple way of testing part of the process but it doesn’t do a perfect job of testing if it works as a cron task. But it will let you catch some failures quickly and fix them in time for the actual cron task to run. So do check that the everything works after the real cron job runs.

This is just the kind of thing I said I would put in this blog. Simple stuff but things I forget – so I put it here to remember and maybe help out others, like me, that need really basic tips.

If you have a cron task item (or have setup the whole task this way) that is just a script and you just want to test that 1 item you may run the script directly. For example (for a Linux shell script):

sh /etc/cron.weekly/your_crontask_script.sh

Related: Updates Needed When Upgrading from Apache 2.2 to 2.4Rsync to copy Files Between Servers and ComputersBash Profile Adjustments for Scrolling HistoryChecklist: Setting Up a New Domain on VPS

Compare WordPress Files on Server to Proper WordPress Version

Sadly one of the hassles in managing your own WordPress blog is dealing with people that use your blog to serve spam content. These hacks can insert spam links into your pages and posts or create spam directories that are completely their own content on your domain.

There are many issues to deal with in re-establishing control of your server; but that isn’t the scope of this post.

This is just a tips if you are troubleshooting to try and determine what is going on. Often your server has been hacked to allow uploaded php pages to be added or for WordPress php files to be edited.

One way to track down if the files have been changed or new ones added is to compare the WordPress files on your server to the current files for a fresh WordPress install. This assumes your blog is using the current version, which hopefully it is because on the big improvement WordPress made is to make those updates automatic. That greatly reduces the chance to have WordPress be the vector to infecting your server. If you were using a older version then just compare to the field for that version from the WordPress server.

If you don’t have a current backup I would make a backup before I tried this. Obviously, don’t make any deletions or changes to your server unless you understand what you are doing. You can create big problems for yourself.

You can use the diff command to view the difference between WordPress on your sever and the fresh install from WordPress. I install the new WordPress in a new directory outside public_html. At the cli on a Ubuntu/Linux server:

sudo wget http://wordpress.org/wordpress-4.0.zip
unzip wordpress-4.0.zip
diff -rq wordpress ../public_html/

wordpress-4.0.zip – replace with whatever the version is you are using.
../public_html/blog/ – replace with the path to your blog

Continue reading

How to Dump SQL Result to a Text File Using cli

Just a quick tip on how to dump a sql result to a txt file.

mysql -e “select * from [table]” -u[user] -p [database] > sqlresult.txt

For example:

mysql -e "select * from orders where product_id = 15" -uroot -p  > sqlresult.txt

Related: Some MySQL cli Syntax ExamplesBasic MySQL Performance MonitoringMySQL Performance Tuning Tips

Reset Root Password on MySQL Database

How to reset the root password on a MySQL database.

Stop mysql using this command:

sudo /etc/init.d/mysql stop

Because you are not checking user privledges at this point, it’s safest to disable networking. Then, start the mysqld demon process using the –skip-grant-tables option using

sudo /usr/sbin/mysqld --skip-grant-tables --skip-networking &

Next, start the mysql client process using this command:

mysql -u root

from the mysql prompt execute this command to be able to change any password

FLUSH PRIVILEGES;

Then reset/update your password

SET PASSWORD FOR root@'localhost' = PASSWORD('password');

Related: Turn It Off and On Again (WordPress Loses Database Connection)Some MySQL cli syntax examplesKeeping Your Hosted Ubuntu Web Server Software Up to Date

Make Your Bounce Rate More Meaningful

Nice post on what the operational definition (though it doesn’t use that term) of bounce rate is in Google Analytics and some ideas on how to fix bounce rate to be more meaningful (better fit your desired operational definition).

We often make mistakes because we use the data we have assuming it means something other than what it actually means. There suggestions let you make Google Analytics collect the data so it is more aligned to what you want to know.

Essentially bounce rate without any adjustment is operationally defined by Google to mean the visitor doesn’t click a link to another page on your site that has Google Analytic code (so it can register the click).

They suggested using

setTimeout("_gaq.push(['_trackEvent', '15_seconds', 'read'])", 15000);

inside your Google analytic tracking code. They also updated the post with an idea from a Hacker News comment to use scroll tracking as a better option than just timing if they stay on the page at least 15 seconds. The scroll tracking lets you count it as a bounce only if they don’t scroll down and they don’t click to a new page on your site.

Which data is more useful depends on your situation, what you want to know and what you want to do with the data you collect.

Related: Setting Up Multiple WordPress Blog Network on One Server, How To Overcome ConflictsWordPress error, Image could not be processed. Please go back and try again.ModSecurity Adjustments for WordPressSimple Process to Claim Authorship of Pages with Google

Don’t Copy-Paste Directly from Website to Terminal

Good reminder and discussion on Hacker News about the danger of copy-paste from a website into terminal.

When copying from a website it is easy for hidden text to be included in the clipboard. If you paste that into terminal it can be executed before you see the code. Including new line commands in the copied text will automatically execute the commands (in most terminal applications).

The best solution is to paste the clipboard content into something to view the text before pasting into clipboard. The best way is probably to recopy it. I use this double copy method to get rid of formatting I don’t want (when the clipboard includes things like font styling info you don’t want – not relavent when pasting into terminal but the pasting [into say vim, which won’t include the extra formatting details] and recopying part is similar). It may be possible to have text hidden (write it in a way where it won’t show up on the screen but is in the clipboard – using some tricky unicode characters or something).

Some people put # before pasting into clipboard but that only protects the first “line.” Any new lines could still be run without you seeing them.

The discussion warns against a malicious website intentionally creating a problem but if you paste in multiple lines there is also just the danger from the lines executing immediately when you wanted to edit the line before it was executed.

Related: Customizing the Command Prompt for TerminalBash Profile Adjustments, Scrolling HistoryAdding a Key to Your Server for SSH Login

Making Sure You Don’t Run Out of Space on Your VPS

Over the years I have had web sites I work on go down because the server ran out of space (when I wasn’t responsible for the system administration). Well today I had it happen for some sites on one of my servers.

I have a remote monitoring service so I was notified when the sites were unavailable. Looking in the error logs I could see I ran out of space, which is a fairly lame error to make, I think. I cleared up some space quickly and things were in working order again.

A few tips from this experience. To see data on space used and available space from the command line (linux/ubuntu) use the df command.

df

You could check that occasionally to see if anything strange is going on. But it is better to use something like Nagios to monitor the server and provide notice if usage goes past certain points is wise (75%, 80%…).

I found a nice way to find large files (that may be possible to delete to free up space)

sudo find . -mount -ls | awk '{print $7, $11}' | sort -rn > large_file_list

If you get an error with the file creation, you can log in as root (su) or create the file first and then it can overwrite the existing file.

It is smart to have log rotate setup for logs. I didn’t have it setup for every log. To create a file to keep track of all your logs for domains you can do the following. Create a file in the logrotate directory so it is run per your settings.

sudo vim /etc/logrotate.d/virtualhosts

This article from Slicehost provide details on options, a simple setup is to include text such as this in the file created in the line above.

/var/www/domain1.com/logs/*log /var/www/domain2.com/logs/*log {
  rotate 14
  daily
  compress
  delaycompress
  sharedscripts
  postrotate
    /usr/sbin/apache2ctl graceful > /dev/null
  endscript
}

Related: System Monitoring Tools for Ubuntu VPSPhusion Passenger Tips and Troubleshooting IdeasChecklist: Moving WordPress site to a New Host

Continue reading

ModSecurity – Adjustments for WordPress

How to secure an Ubuntu 12.04 LTS server – Part 1 The Basics is a great resource to secure a VPS.

Mod_Security is a web application firewall. I found a couple things to add to my servers.

The same site includes a very good guide to installing it (you also may well want to whitelist Googlebot, instructions in the link). However it blocked my access to one of my sites. You end up just getting the message:

“Forbidden

You don’t have permission to access / on this server.”

There are tips on some edits to include when using WordPress on an Apache server with modsecurity.

One simple action is to include

SecRule SERVER_NAME “[your-domain.com]” phase:1,nolog,allow,ctl:ruleEngine=off

SecRule SERVER_NAME "code.curiouscatnetwork.com" phase:1,nolog,allow,ctl:ruleEngine=off

on the bottom of modsecurity.conf which is found /etc/modsecurity (for me, on Ubunutu 12.04). Then restart Apache

sudo service apache2 restart

and see if the problem goes away. If it does then you have a very good indication modsecurity was blocking access and can continue to narrow the scope of the problem by adding the WordPress whitelist rules in the link above.

Another note, service apache2 start, failed in a non-obvious way to me anyway. For me if I use sudo it works fine. If I don’t it gives odd errors which lead me on a 10 minute wild goose chase before remembering to try sudo.

Related: Upgrading VPS Web Server from Ubuntu 10.04 to 12.04Keeping Your Hosted Ubuntu Web Server Software Up to DateLinux/Ubuntu File and Directory Permissions

Set the Web Server to Use the Domain Without www

The main reason to bother with this is to help search rankings. Sub-domains (for example, www.curiouscat.com and curiouscat.com) are treated as separate websites even if you have entirely the same content displayed for both. If 20% of the links to your site use the www and 80% don’t then your sites ranking by search engines is less than it would be if it was just treated as one site.

You can set the domain to use in Google webmaster tools. But that doesn’t do anything for all the other search engines. Also if you have both, some reports some will keep statistics separately for the non-www and www domain (Google Adsense does this, for example).

Using virtual hosts file (sites-enabled)

For Apache you can place the following code in your virtual hosts file (in the sites-available directory under Apache).

Replace curiouscat.com with your domain name.

<Directory /srv/www/curiouscat.com/public_html/>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www.curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://curiouscat.com/$1 [R=301,L]
</Directory>

Then you need to capture the update and reload Apache.

Disable the site (in order to enable it with the updates)

sudo a2dissite curiouscat.com

Enable the site

sudo a2ensite curiouscat.com

Reload Apache (new way – Ubuntu 12.04)

sudo service apache2 reload

Old way to reload Apache was > sudo /etc/init.d/apache2 reload

If when you try to reload you get this error message:

“Invalid command ‘RewriteEngine’, perhaps misspelled or defined by a module not included in the server configuration” then enable modrewrite on apache:

sudo a2enmod rewrite

You should then be told to restart apache

sudo /etc/init.d/apache2 restart

Using .htaccess

Or you can include the following in your .htaccess file

  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^www.curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://curiouscat.com/$1 [R=301,L]

Related: Checklist for Setting Up a New Domain on VPSPhusion Passenger Tips and Troubleshooting Ideas

If you wanted to force www to be used instead just flip the regular expression around:

<Directory /srv/www/curiouscat.com/public_html/>
  RewriteEngine On
  RewriteCond %{HTTP_HOST} ^curiouscat.com$ [NC]    
  RewriteRule ^(.*)$ http://www.curiouscat.com/$1 [R=301,L]
</Directory>

Replace Text in Files Recursively (Linux)

To replace text in all the files in a directory, recursively, you can use grep.

sudo grep -rl texttoreplace /somedirectory/ | sudo xargs sed -i ‘s/repacethis/withthis/g’

sudo grep -rl oldtext /example/directory/ | sudo xargs sed -i 's/oldtext/newtext/g'

The g on the end, lets it replace all the instances of the text in each file.

More ubuntu and linux tips and code samples