Compare WordPress Files on Server to Proper WordPress Version

Sadly one of the hassles in managing your own WordPress blog is dealing with people that use your blog to serve spam content. These hacks can insert spam links into your pages and posts or create spam directories that are completely their own content on your domain.

There are many issues to deal with in re-establishing control of your server; but that isn’t the scope of this post.

This is just a tips if you are troubleshooting to try and determine what is going on. Often your server has been hacked to allow uploaded php pages to be added or for WordPress php files to be edited.

One way to track down if the files have been changed or new ones added is to compare the WordPress files on your server to the current files for a fresh WordPress install. This assumes your blog is using the current version, which hopefully it is because on the big improvement WordPress made is to make those updates automatic. That greatly reduces the chance to have WordPress be the vector to infecting your server. If you were using a older version then just compare to the field for that version from the WordPress server.

If you don’t have a current backup I would make a backup before I tried this. Obviously, don’t make any deletions or changes to your server unless you understand what you are doing. You can create big problems for yourself.

You can use the diff command to view the difference between WordPress on your sever and the fresh install from WordPress. I install the new WordPress in a new directory outside public_html. At the cli on a Ubuntu/Linux server:

sudo wget http://wordpress.org/wordpress-4.0.zip
unzip wordpress-4.0.zip
diff -rq wordpress ../public_html/

wordpress-4.0.zip – replace with whatever the version is you are using.
../public_html/blog/ – replace with the path to your blog

Continue reading

Reset Root Password on MySQL Database

How to reset the root password on a MySQL database.

Stop mysql using this command:

sudo /etc/init.d/mysql stop

Because you are not checking user privledges at this point, it’s safest to disable networking. Then, start the mysqld demon process using the –skip-grant-tables option using

sudo /usr/sbin/mysqld --skip-grant-tables --skip-networking &

Next, start the mysql client process using this command:

mysql -u root

from the mysql prompt execute this command to be able to change any password

FLUSH PRIVILEGES;

Then reset/update your password

SET PASSWORD FOR root@'localhost' = PASSWORD('password');

Related: Turn It Off and On Again (WordPress Loses Database Connection)Some MySQL cli syntax examplesKeeping Your Hosted Ubuntu Web Server Software Up to Date

Making Sure You Don’t Run Out of Space on Your VPS

Over the years I have had web sites I work on go down because the server ran out of space (when I wasn’t responsible for the system administration). Well today I had it happen for some sites on one of my servers.

I have a remote monitoring service so I was notified when the sites were unavailable. Looking in the error logs I could see I ran out of space, which is a fairly lame error to make, I think. I cleared up some space quickly and things were in working order again.

A few tips from this experience. To see data on space used and available space from the command line (linux/ubuntu) use the df command.

df

You could check that occasionally to see if anything strange is going on. But it is better to use something like Nagios to monitor the server and provide notice if usage goes past certain points is wise (75%, 80%…).

I found a nice way to find large files (that may be possible to delete to free up space)

sudo find . -mount -ls | awk '{print $7, $11}' | sort -rn > large_file_list

If you get an error with the file creation, you can log in as root (su) or create the file first and then it can overwrite the existing file.

It is smart to have log rotate setup for logs. I didn’t have it setup for every log. To create a file to keep track of all your logs for domains you can do the following. Create a file in the logrotate directory so it is run per your settings.

sudo vim /etc/logrotate.d/virtualhosts

This article from Slicehost provide details on options, a simple setup is to include text such as this in the file created in the line above.

/var/www/domain1.com/logs/*log /var/www/domain2.com/logs/*log {
  rotate 14
  daily
  compress
  delaycompress
  sharedscripts
  postrotate
    /usr/sbin/apache2ctl graceful > /dev/null
  endscript
}

Related: System Monitoring Tools for Ubuntu VPSPhusion Passenger Tips and Troubleshooting IdeasChecklist: Moving WordPress site to a New Host

Continue reading

System Monitoring Tools for VPS

Tools for monitoring performance and troubleshooting Ubuntu VPS web servers

  • Munin – graphs of system resources over time. Very nice. Can be a bit difficult to setup.
  • top – system stats
  • iotop – like top, but for io stats. Install
    sudo apt-get install iotop

    Useful setup

    iotop -b -o -d 30 -t

    -b (batch – so you can keep a running tally of results) -o (only those processes with io) -d (delay and seconds – how often to print out stats) -t (include time in printout)

  • vmstat – stats on memory, io, swap, cpu and system. Example:
    vmstat 10

    (prints out stats every ten seconds.

  • iostat

Error logs

  • sudo nano /var/log/apache2/error.log

Apache web server access log statistics

  • Webalizer –
    sudo apt-get install webalizer

    GeoIP is required for webalizer

    sudo apt-get install geoip-bin

    detailed instructions