Fix to Try if WordPress Won’t Allow Comments

One of the my blogs stopped allowing comments. If you experience this is might be due to an issue with https. The blog in question was serving https pages and everything had been working previously. I am not sure when the issue first appeared, but I noticed it after updating to WordPress v 5.1.

When I looked at the page source I could see the comment form was trying to submit to http (even though it was being submitted from a https page). I received a message that the page was going to be submitted in an insecure manner and did I want to submit anyway. I said yes and a new page was loaded (though it was blank). But no comment was submitted to the wordpress database.

Using another browser it gave a 405 error.

This page isnโ€™t working
If the problem continues, contact the site owner.

HTTP ERROR 405

I couldn’t figure out why it was submitting to http. I remembered there is a general settings page (/wp-admin/options-general.php) and I went there and noticed the

WordPress Address (URL)
and
Site Address (URL)

fields were set to http. I updated them to https and then everything worked fine.

Related: Compare WordPress Files on Server to Proper WordPress VersionFix for When a WordPress Blog Stops Displaying ImagesWordPress: Multiple Blog Network on One Server โ€“ Overcoming Conflicts

Compare WordPress Files on Server to Proper WordPress Version

Sadly one of the hassles in managing your own WordPress blog is dealing with people that use your blog to serve spam content. These hacks can insert spam links into your pages and posts or create spam directories that are completely their own content on your domain.

There are many issues to deal with in re-establishing control of your server; but that isn’t the scope of this post.

This is just a tips if you are troubleshooting to try and determine what is going on. Often your server has been hacked to allow uploaded php pages to be added or for WordPress php files to be edited.

One way to track down if the files have been changed or new ones added is to compare the WordPress files on your server to the current files for a fresh WordPress install. This assumes your blog is using the current version, which hopefully it is because on the big improvement WordPress made is to make those updates automatic. That greatly reduces the chance to have WordPress be the vector to infecting your server. If you were using a older version then just compare to the field for that version from the WordPress server.

If you don’t have a current backup I would make a backup before I tried this. Obviously, don’t make any deletions or changes to your server unless you understand what you are doing. You can create big problems for yourself.

You can use the diff command to view the difference between WordPress on your sever and the fresh install from WordPress. I install the new WordPress in a new directory outside public_html. At the cli on a Ubuntu/Linux server:

[code]sudo wget http://wordpress.org/wordpress-4.0.zip
unzip wordpress-4.0.zip
diff -rq wordpress ../public_html/[/code]

wordpress-4.0.zip – replace with whatever the version is you are using.
../public_html/blog/ – replace with the path to your blog

Continue reading

Reset Root Password on MySQL Database

How to reset the root password on a MySQL database.

Stop mysql using this command:

[bash]sudo /etc/init.d/mysql stop[/bash]

Because you are not checking user privledges at this point, it’s safest to disable networking. Then, start the mysqld demon process using the –skip-grant-tables option using

[bash]sudo /usr/sbin/mysqld –skip-grant-tables –skip-networking &[/bash]

Next, start the mysql client process using this command:

[bash]mysql -u root[/bash]

from the mysql prompt execute this command to be able to change any password

[bash]FLUSH PRIVILEGES;[/bash]

Then reset/update your password

[bash]SET PASSWORD FOR root@’localhost’ = PASSWORD(‘password’);[/bash]

Related: Turn It Off and On Again (WordPress Loses Database Connection)Some MySQL cli syntax examplesKeeping Your Hosted Ubuntu Web Server Software Up to Date

Making Sure You Don’t Run Out of Space on Your VPS

Over the years I have had web sites I work on go down because the server ran out of space (when I wasn’t responsible for the system administration). Well today I had it happen for some sites on one of my servers.

I have a remote monitoring service so I was notified when the sites were unavailable. Looking in the error logs I could see I ran out of space, which is a fairly lame error to make, I think. I cleared up some space quickly and things were in working order again.

A few tips from this experience. To see data on space used and available space from the command line (linux/ubuntu) use the df command.

[bash]df[/bash]

You could check that occasionally to see if anything strange is going on. But it is better to use something like Nagios to monitor the server and provide notice if usage goes past certain points is wise (75%, 80%…).

I found a nice way to find large files (that may be possible to delete to free up space)

[bash]sudo find . -mount -ls | awk ‘{print $7, $11}’ | sort -rn > large_file_list[/bash]

If you get an error with the file creation, you can log in as root (su) or create the file first and then it can overwrite the existing file.

It is smart to have log rotate setup for logs. I didn’t have it setup for every log. To create a file to keep track of all your logs for domains you can do the following. Create a file in the logrotate directory so it is run per your settings.

[bash]sudo vim /etc/logrotate.d/virtualhosts[/bash]

This article from Slicehost provide details on options, a simple setup is to include text such as this in the file created in the line above.

[bash]/var/www/domain1.com/logs/*log /var/www/domain2.com/logs/*log {
rotate 14
daily
compress
delaycompress
sharedscripts
postrotate
/usr/sbin/apache2ctl graceful > /dev/null
endscript
}[/bash]

Related: System Monitoring Tools for Ubuntu VPSPhusion Passenger Tips and Troubleshooting IdeasChecklist: Moving WordPress site to a New Host

Continue reading

System Monitoring Tools for VPS

Tools for monitoring performance and troubleshooting Ubuntu VPS web servers

  • Munin – graphs of system resources over time. Very nice. Can be a bit difficult to setup.
  • top – system stats
  • iotop – like top, but for io stats. Install [bash]sudo apt-get install iotop[/bash] Useful setup [bash]iotop -b -o -d 30 -t[/bash] -b (batch – so you can keep a running tally of results) -o (only those processes with io) -d (delay and seconds – how often to print out stats) -t (include time in printout)
  • vmstat – stats on memory, io, swap, cpu and system. Example: [bash]vmstat 10[/bash] (prints out stats every ten seconds.
  • iostat

Error logs

  • [bash]sudo nano /var/log/apache2/error.log[/bash]

Apache web server access log statistics

  • Webalizer – [bash]sudo apt-get install webalizer[/bash] GeoIP is required for webalizer [bash]sudo apt-get install geoip-bin[/bash] detailed instructions