https://briansnelson.com/index.php?title=Special:NewPages&feed=atom&hidebots=1&hideredirs=1&limit=50&offset=&namespace=0&username=&tagfilter=Brian Nelson Ramblings - New pages [en]2024-03-29T11:11:26ZFrom Brian Nelson RamblingsMediaWiki 1.24.1https://briansnelson.com/Access_mysql/mysqldump_without_password_entry_each_time_-_Using_.my.cnfAccess mysql/mysqldump without password entry each time - Using .my.cnf2023-08-26T02:59:31Z<p>Brian: Created page with "==Access mysql/mysqldump without password entry each time - Using .my.cnf== In this guide we will show you have to save your mysql credentials so you do not have to enter the..."</p>
<hr />
<div>==Access mysql/mysqldump without password entry each time - Using .my.cnf==<br />
<br />
In this guide we will show you have to save your mysql credentials so you do not have to enter them each time run mysql or mysqldump.<br />
<br />
This is done by creating a ~/.my.cnf file in your users home directory.<br />
<br />
vim /home/bnelson/.my.cnf or vim ~/.my.cnf<br />
<br />
After you have created this file you can enter your credentials.<br />
<br />
[client]<br />
user=mysqluser<br />
password=mysqlpass<br />
<br />
* It is best to use a superuser for this, so that you can have access to all databases.<br />
<br />
If you are attempting to create a script to do a mysql dump or optimization, this will allow you run that script without having it stop and wait for credentials.<br />
<br />
===Overview and Thoughts===<br />
<br />
'''For safety, make this file readable to you only by running chmod 0600 ~/.my.cnf <br />
'''<br />
<br />
Of course, if you specify username and password explicitly as part of commands arguments, they will be used.<br />
<br />
Next time you run mysql commands mysql, mysqlcheck, mysqdump, etc; they will pick username & password from this file if you do not provide them as argument (-u and -p).</div>Brianhttps://briansnelson.com/How_do_I_block_a_host_by_ASN_for_apache_-_ExampleHow do I block a host by ASN for apache - Example2022-03-27T17:33:41Z<p>Brian: /* Save the script to /blockasn/cron.script then add it to a cron */</p>
<hr />
<div>==How do I block a host by ASN for apache - Example==<br />
<br />
Do you have issues with bots attempting to cause issues with your site? This is can disrupt your business and cause all types of performance issue.<br />
<br />
Working to solve this we found it best to block entire ASN's for known bad ranges.<br />
<br />
During my investigation I found a list of known bad ASN<br />
<br />
https://raw.githubusercontent.com/brianhama/bad-asn-list/master/bad-asn-list.csv<br />
<br />
I took this list by downloading, and then parsing out the ASN numbers.<br />
<br />
===Get the contents of the bad ASN list===<br />
<br />
First create a directory to download this list to.<br />
<br />
mkdir /blockasn<br />
<br />
Down the above csv file:<br />
<br />
curl https://raw.githubusercontent.com/brianhama/bad-asn-list/master/bad-asn-list.csv > /blockasn/badasnlist.list<br />
<br />
===Parsing the ASN number===<br />
<br />
cat /blockasn/badasnlist.list | awk -F',' '{print $1}' | cut -d'"' -f2<br />
<br />
You can use this with the following to download the ips for that ASN NUMBER, just replace ASN NUMBER<br />
<br />
wget --content-disposition "https://www.enjen.net/asn-blocklist/index.php?asn=AS[[ASN NUMBER]]&type=htaccess&api=1"<br />
<br />
This will save the contents to file: <br />
<br />
Example:<br />
AS9925_htaccess.txt<br />
<br />
Then you can copy this over to apache configuration directory:<br />
<br />
cp AS9925_htaccess.txt /etc/httpd/conf.d/AS9925.conf<br />
<br />
Then just restart apache and it will be blocked<br />
sudo systemctl restart httpd.service<br />
<br />
At this point you have blocked all the ips in that ASN<br />
<br />
==Making a Script that you can apply to a cron to auto update the list==<br />
<br />
#!/bin/bash<br />
#Block bad ASN<br />
#https://briansnelson.com/How_do_I_block_a_host_by_ASN_for_apache_-_Example<br />
###########################<br />
#Download List to use<br />
curl https://raw.githubusercontent.com/brianhama/bad-asn-list/master/bad-asn-list.csv > /blockasn/badasnlist.list<br />
<br />
#Get all the ASN lists download to your blockasn directory<br />
for x in $(cat /blockasn/badasnlist.list | awk -F',' '{print $1}' | cut -d'"' -f2| grep -v ASN); do<br />
wget --content-disposition "https://www.enjen.net/asn-blocklist/index.php?asn=AS$x&type=htaccess&api=1"<br />
done;<br />
#Lets add them to apache<br />
echo '<Directory />' > /etc/httpd/conf.d/blockASN.conf; <br />
echo 'Order Deny,Allow' >> /etc/httpd/conf.d/blockASN.conf; <br />
cat /blockasn/AS*.txt | grep -v Order >> /etc/httpd/conf.d/blockASN.conf; <br />
echo '</Directory>' >> /etc/httpd/conf.d/blockASN.conf;<br />
sudo systemctl restart httpd.service<br />
<br />
===Save the script to /blockasn/cron.script then add it to a cron===<br />
<br />
echo '0 0 * * 6 /blockasn/cron.script >/dev/null 2>&1' >> /var/spool/cron/root<br />
chmod +x cron.script<br />
<br />
Now with everything setup you can easily block bad ASN from causing issues on your network, you can also add ASN that are not part of that list that you find over time, by adding an echo statement to update the badasnlist.list file before it goes into the add to apache<br />
<br />
#!/bin/bash<br />
#Block bad ASN<br />
#https://briansnelson.com/How_do_I_block_a_host_by_ASN_for_apache_-_Example<br />
###########################<br />
#Download List to use<br />
curl https://raw.githubusercontent.com/brianhama/bad-asn-list/master/bad-asn-list.csv > /blockasn/badasnlist.list<br />
#Add non listed ASN numbers to auto block list<br />
echo '32934' >> /blockasn/badasnlist.list<br />
#Get all the ASN lists download to your blockasn directory<br />
for x in $(cat /blockasn/badasnlist.list | awk -F',' '{print $1}' | cut -d'"' -f2| grep -v ASN); do<br />
wget --content-disposition "https://www.enjen.net/asn-blocklist/index.php?asn=AS$x&type=htaccess&api=1"<br />
done;<br />
#Lets add them to apache<br />
echo '<Directory />' > /etc/httpd/conf.d/blockASN.conf; <br />
echo 'Order Deny,Allow' >> /etc/httpd/conf.d/blockASN.conf; <br />
cat /blockasn/AS*.txt | grep -v Order >> /etc/httpd/conf.d/blockASN.conf; <br />
echo '</Directory>' >> /etc/httpd/conf.d/blockASN.conf;<br />
sudo systemctl restart httpd.service<br />
<br />
Use with caution, as come copy and paste will mixup the quotes in the above script</div>Brianhttps://briansnelson.com/How_to_enable_Show_Engine_Innodb_StatusHow to enable Show Engine Innodb Status2022-02-25T03:54:40Z<p>Brian: /* How to enable Show Engine Innodb Status */</p>
<hr />
<div>==How to enable Show Engine Innodb Status==<br />
<br />
Are you trying to see the latest deadlocks or foreign key errors but run in to the following error:<br />
<br />
[Error Code: 1227, SQL State: 42000] Access denied; you need (at least one of) the PROCESS privilege(s) for this operation<br />
<br />
When this happens you will need to grant your user the PROCESS privilege.<br />
<br />
GRANT SELECT, PROCESS ON *.* TO '<youruser>'@'localhost';<br />
<br />
===Creating a new user to view Show Engine Innodb Status===<br />
<br />
Sometimes you find that a client or yourself wants to view Show Engine Innodb Status and they want a new user to do this with.<br />
<br />
Here are the standard commands to create and grant them the privileges:<br />
<br />
CREATE USER '<newuser>'@'%' IDENTIFIED BY '<password>';<br />
GRANT SELECT, PROCESS ON *.* TO '<newuser>'@'%';<br />
FLUSH PRIVILEGES;<br />
<br />
This is the bare minimum to enable them to run (Show Engine Innodb Status)</div>Brianhttps://briansnelson.com/Magento_2_Custom_503_Maintenance_pageMagento 2 Custom 503 Maintenance page2021-12-10T17:49:39Z<p>Brian: </p>
<hr />
<div>==Magento2 Custom 503 Maintenance Page ==<br />
<br />
I would start off by talking about the 503 Maintenance Page and how you can customize it and let your customer know they can still contact you.<br />
<br />
===(HTTP) 503 response code definition:===<br />
<br />
The HyperText Transfer Protocol (HTTP) 503 Service Unavailable server error response code indicates that the server is not ready to handle the request.<br />
Common causes are a server that is down for maintenance or that is overloaded.<br />
<br />
Below is the basic magento2 maintenance page<br />
<br />
[[File:503-magneto2-maintenace-page.png|800px|frameless|alt=create custom magento2 maintenance page]]<br />
<br />
===How to Create a Custom Maintenance Page ===<br />
<br />
You will want to navigate to your html/pub/errors directory, this is where all the changes will happen.<br />
<br />
You will be tempted to change the 503 in html/pub/errors/default directory, however this is the wrong way to go about creating a custom 503 page, unless at some random update you want to lose your page.<br />
<br />
First we will want to copy the html/pub/errors/default to a new directory <br />
<br />
example:<br />
cd html/pub/errors/<br />
cp -rf default custom<br />
<br />
Next go into the new custom directory and start editing your 503.phtml<br />
<br />
Once you are all finished, you will want go back out to the html/pub/errors directory <br />
<br />
First, you have set the xml file<br />
cp local.xml.sample local.xml<br />
<br />
Next you will need to edit the local.xml file to use your new custom directory files<br />
<br />
vim local.xml<br />
<br />
Near the top of the file you will find:<br />
<br />
<config><br />
<skin>default</skin><br />
<report><br />
<br />
You will need to change this to use the custom directory:<br />
<br />
<config><br />
<skin>custom</skin><br />
<report><br />
<br />
Overall you can change any of the files in this directory to have custom 503, 404 and more..<br />
<br />
Now lets enable maintenance mode and show off your new custom 503 page<br />
<br />
bin/magento maintenance:enable</div>Brianhttps://briansnelson.com/How_to_solve_MySQL_max_user_connections_errorHow to solve MySQL max user connections error2021-01-16T05:14:01Z<p>Brian: Created page with "==How to solve MySQL max connections/user connections error== If clients encounter Too many connections errors when attempting to connect to the mysqld server, all available..."</p>
<hr />
<div>==How to solve MySQL max connections/user connections error==<br />
<br />
If clients encounter Too many connections errors when attempting to connect to the mysqld server, all available connections are in use by other clients.<br />
<br />
The permitted number of connections is controlled by the max_connections system variable. The default value is 151 to improve performance when MySQL is used with the Apache Web server. To support more connections, set max_connections to a larger value<br />
<br />
===Checking the max_connections===<br />
<br />
You can run the following command to check the current value of max_connections<br />
<br />
MariaDB [(none)]> show variables like 'max_connections';<br />
+-----------------+-------+<br />
| Variable_name | Value |<br />
+-----------------+-------+<br />
| max_connections | 151 |<br />
+-----------------+-------+<br />
1 row in set (0.00 sec)<br />
<br />
This shows the current value, you can check the current number of connections by running:<br />
<br />
MariaDB [(none)]> show status where variable_name = 'threads_connected';<br />
+-------------------+-------+<br />
| Variable_name | Value |<br />
+-------------------+-------+<br />
| Threads_connected | 146 |<br />
+-------------------+-------+<br />
1 row in set (0.02 sec)<br />
<br />
===You can increase this value in two ways:===<br />
<br />
====Without restarting mysql (temp change) ====<br />
<br />
MariaDB [(none)]> SET GLOBAL max_connections = 300;<br />
Query OK, 0 rows affected (0.00 sec)<br />
<br />
'''Checking the new value:<br />
'''<br />
MariaDB [(none)]> show variables like 'max_connections';<br />
+-----------------+-------+<br />
| Variable_name | Value |<br />
+-----------------+-------+<br />
| max_connections | 300 |<br />
+-----------------+-------+<br />
1 row in set (0.00 sec)<br />
<br />
====Restarting Mysql via my.cnf (permanent change)====<br />
<br />
Or set this parameter in my.cnf that located at /etc/my.cnf<br />
<br />
vi /etc/my.cnf<br />
max_connections = 300<br />
<br />
Then restart mysql, this is a permanent change to the max_connections at this point</div>Brianhttps://briansnelson.com/HAProxy_Redirect_domain_to_another_domainHAProxy Redirect domain to another domain2020-10-21T06:56:07Z<p>Brian: /* Next restart or start the server to start blocking by ip address */</p>
<hr />
<div>==HAProxy Redirect domain to another domain==<br />
<br />
From time to time, you may find yourself wanting to redirect a domain to a folder on another domain<br />
<br />
===You will want to edit the haproxy.cfg file===<br />
<br />
vim /etc/haproxy/haproxy.cfg<br />
<br />
===Then add something like the following to the frontend in haproxy.===<br />
<br />
acl demoredirect hdr_dom(host) -i demofolder.com<br />
acl demoredirect hdr_dom(host) -i www.demofolder.com<br />
http-request redirect location https://briansnelson.com/demofolder/ code 301 if demoredirect<br />
<br />
===Save and check your configuration===<br />
<br />
service haproxy check<br />
<br />
You are looking for<br />
<br />
Configuration file is valid<br />
<br />
===Next restart or start the server to start redirecting from one domain to another===<br />
<br />
service haproxy restart/start</div>Brianhttps://briansnelson.com/HAProxy_Restrict_by_IP_AddressHAProxy Restrict by IP Address2019-12-12T21:24:53Z<p>Brian: Created page with "==HAProxy Restrict by IP Address== As with any proxy service, you want to block bad ips before they get to the backend servers. With haproxy you can block ips really easy...."</p>
<hr />
<div>==HAProxy Restrict by IP Address==<br />
<br />
As with any proxy service, you want to block bad ips before they get to the backend servers. With haproxy you can block ips really easy.<br />
<br />
Add the following to your haproxy configuration file<br />
<br />
vim /etc/haproxy/haproxy.cfg<br />
<br />
Add the following to your frontend, are blocking via x-forwarded-for and direct ip access, we do this now so you don't have to later if you decided to use cloudflare or another proxy later<br />
<br />
# Blacklist IP list<br />
acl is-blacklisted-ip hdr_ip(x-forwarded-for,1) -f /etc/haproxy/blacklist.txt<br />
acl is-blacklisted-ip src -m ip -f /etc/haproxy/blacklist.txt<br />
http-request deny if is-blacklisted-ip<br />
<br />
Save then add the blacklist-agent.txt file.<br />
<br />
vim /etc/haproxy/blacklist.txt<br />
<br />
Add some ips to the block list file, you can add lot, you can even block entire countries with this method<br />
<br />
192.168.0.1<br />
<br />
Save and check your configuration<br />
<br />
service haproxy check<br />
<br />
You are looking for<br />
<br />
'''Configuration file is valid'''<br />
<br />
Next restart or start the server to start blocking by ip address<br />
<br />
service haproxy restart/start</div>Brianhttps://briansnelson.com/HAProxy_Block_by_User-AgentHAProxy Block by User-Agent2019-12-12T08:32:56Z<p>Brian: </p>
<hr />
<div>==HAProxy block by User-Agent==<br />
<br />
As with any proxy service, you will want to block bad bots. Blocking by the a keyword in the user-agent before it hits the backend servers will save on server resources.<br />
<br />
Add the following to your haproxy configuration file<br />
<br />
vim /etc/haproxy/haproxy.cfg<br />
<br />
Add the following to your frontend<br />
<br />
# Block badbots<br />
acl is-blockedagent hdr_sub(user-agent) -i -f /etc/haproxy/blacklist-agent.txt<br />
http-request deny if is-blockedagent<br />
<br />
Save then add the blacklist-agent.txt file.<br />
<br />
vim /etc/haproxy/blacklist-agent.txt<br />
<br />
Block the basics<br />
<br />
SemrushBot<br />
AhrefsBot<br />
MJ12bot<br />
ZoominfoBot<br />
DotBot<br />
MauiBot<br />
<br />
Save and check your configuration<br />
<br />
service haproxy check<br />
<br />
You are looking for<br />
<br />
'''Configuration file is valid'''<br />
<br />
Next restart or start the server to start blocking by user-agent<br />
<br />
service haproxy restart/start</div>Brianhttps://briansnelson.com/Magento_:_Execute_Custom_Module_Cron_ManuallyMagento : Execute Custom Module Cron Manually2019-07-31T04:06:42Z<p>Brian: Created page with "==Magento1 - Execute Custom Module Cron Manually== let say we have cron setup on config.xml, like this <crontab> <jobs> <alertreminder_abdcart>..."</p>
<hr />
<div>==Magento1 - Execute Custom Module Cron Manually==<br />
<br />
let say we have cron setup on config.xml, like this<br />
<br />
<crontab><br />
<jobs> <br />
<alertreminder_abdcart><br />
<schedule><cron_expr>*/5 * * * *</cron_expr></schedule><br />
<run><model>alertreminder/cron::Abdcart</model></run><br />
</alertreminder_abdcart> <br />
</jobs><br />
</crontab><br />
<br />
and then a functions ready to execute<br />
<br />
class AN_Alertreminder_Model_Cron{ <br />
public function Abdcart(){<br />
//do something<br />
}<br />
}<br />
===Setup Manual Script===<br />
<br />
vim abdcart_cron.php<br />
<br />
Add the following<br />
<br />
<?php<br />
$model = Mage::getModel('alertreminder/cron');<br />
$model->Abdcart();<br />
?><br />
<br />
===Setup to run via your own cron:===<br />
<br />
crontab -e<br />
<br />
Add the following:<br />
<br />
* * * * * /path/magento/shell/abdcart_cron.php</div>Brianhttps://briansnelson.com/Postfix_Mail_Queue_Commands_for_Reviewing_EmailsPostfix Mail Queue Commands for Reviewing Emails2019-07-23T01:27:54Z<p>Brian: Created page with "==Postfix Mail Queue Commands for Reviewing Emails== '''How to review the email message your server is trying to send.''' There are two queues within Postfix: pending and di..."</p>
<hr />
<div>==Postfix Mail Queue Commands for Reviewing Emails==<br />
<br />
'''How to review the email message your server is trying to send.'''<br />
<br />
There are two queues within Postfix: pending and differed. <br />
<br />
The pending queue includes all messages that have been submitted to postfix which have not yet been sent out and handed off to the recipient server. <br />
<br />
The differed mail queue holds all messages that have soft-failed and need to be retired (temporary failure). Postfix will retry sending the deferred queue on set intervals (this is configurable, but is set to 5 minutes as a default).<br />
<br />
The following commands will allow you to review these queues:<br />
<br />
===1- Display the mail queues, deferred and pending===<br />
<br />
mailq<br />
<br />
or<br />
<br />
postqueue -p<br />
<br />
To save the output to a text file you can run:<br />
<br />
mailq > mailqueue.txt<br />
<br />
or<br />
<br />
postqueue -p > mailqueue.txt<br />
<br />
Either of these commands will show you all queued messages.<br />
<br />
NB: this command shows the sender and recipients and ID, not the message itself. The ID is particularly useful if you want to inspect the message itself.<br />
<br />
===2- View message (contents, header and body) in Postfix queue===<br />
<br />
To view a message with the ID XXXXXXX<br />
<br />
(you can see the ID from the queue)<br />
<br />
postcat -vq XXXXXXXXXX<br />
<br />
Or to save it in a file<br />
<br />
postcat -vq XXXXXXXXXX > emailXXXXXXXXXX.txt<br />
<br />
A useful feature for web servers is to enable mail.add_x_header = on in the Postfix configuration. This will add a header to all outgoing email messages showing the script and user that generated each message. Once enabled this will then add the following extra header to message:<br />
<br />
'''X-PHP-Originating-Script: 1001:spamEmailer.php'''<br />
<br />
In this example 1001 is the UID and the spamEmailer.php was the script sending the message. This can allow you to quickly track down the source of spam messages being sent by your server.<br />
<br />
With these commands you should be able to review your mail queue and make sure that intended messages are being sent and have not been rejected.<br />
<br />
==How to delete queued mail from the postfix mail queue==<br />
<br />
Now that we have learned the necessary steps to reviewing your mail queue, the final 3 tips will demonstrate how to delete queued mail.<br />
<br />
===3- Tell Postfix to process the queue now===<br />
<br />
postqueue -f<br />
<br />
OR<br />
<br />
postfix flush<br />
<br />
This will cause Postfix to immediately attempt to send all queued messages.<br />
<br />
===4- Delete queued mail===<br />
<br />
Delete all queued mail<br />
<br />
postsuper -d ALL<br />
<br />
Delete only the differed mail queue messages (i.e. only the ones the system intends to retry later)<br />
<br />
postsuper -d ALL deferred<br />
<br />
===5- Delete mail from the queue selectively===<br />
<br />
This is not something that is natively included with the standard Postfix tools however can be done with a bit of Perl scripting.<br />
<br />
NB: This perl script seems to be free, and is all over the internet however I could not find out where it originates or who wrote it but my thanks go to them!<br />
<br />
<br />
#!/usr/bin/perl<br />
<br />
$REGEXP = shift || die “no email-adress given (regexp-style, e.g. bl.*\@yahoo.com)!”;<br />
<br />
@data = qx;<br />
<br />
for (@data) {<br />
<br />
if (/^(\w+)(\*|\!)?\s/) {<br />
<br />
$queue_id = $1;<br />
<br />
}<br />
<br />
if($queue_id) {<br />
<br />
if (/$REGEXP/i) {<br />
<br />
$Q{$queue_id} = 1;<br />
<br />
$queue_id = “”;<br />
<br />
}<br />
<br />
}<br />
<br />
}<br />
<br />
#open(POSTSUPER,”|cat”) || die “couldn’t open postsuper” ;<br />
<br />
open(POSTSUPER,”|postsuper -d -“) || die “couldn’t open postsuper” ;<br />
<br />
foreach (keys %Q) {<br />
<br />
print POSTSUPER “$_\n“;<br />
<br />
};<br />
<br />
close(POSTSUPER);<br />
<br />
<br />
'''Usage Examples:<br />
<br />
'''Delete all queued messages to or from the domain called spamers.com, enter:<br />
<br />
./postfix-delete.pl spamers.com<br />
<br />
Delete all queued messages that contain the word “spam” in the e-mail address:<br />
<br />
./postfix-delete.pl spam</div>Brianhttps://briansnelson.com/403_Forbidden_Error_Nginx_-_How_to_Solve403 Forbidden Error Nginx - How to Solve2019-07-04T01:15:47Z<p>Brian: /* Incorrect Permissions */</p>
<hr />
<div>==403 Forbidden Error Nginx - How to Solve==<br />
<br />
===Fixing 403 Forbidden Nginx Errors===<br />
<br />
The "403 Forbidden" browser error is the most common error encountered when working with NGINX.<br />
<br />
Learn more about what causes this NGINX error, how to locate the source of the error, and how to correct the underlying problem.<br />
<br />
====About the Error====<br />
"403 Forbidden" is an all-purpose NGINX error which indicates that you have asked for something that NGINX - for a variety of potential reasons - cannot deliver. "403" is actually an HTTP status code that means that the web server has received and understood your request, but that it cannot take any further action.<br />
<br />
===Fixing Nginx HTTP errors===<br />
Once you have the correct error log file, it’s time to watch for errors. In our experience, the best way to do this is by running a continuous stream of the error log in your shell screen using the tail utility.<br />
<br />
tail -n0 -f /var/log/nginx/error.log<br />
<br />
Once you’ve ran this command, tail will continuously output any newly appended content to the error.log as it comes in until you hit Control + C. We are running with zero lines, so this way we do not have any confusion when accessing the site that any output is new. If you are in a live environment you will want to grep out your ip address, so you only get your traffic.<br />
<br />
tail -n0 -f /var/log/nginx/error.log | grep '192\.168\.2\.2'<br />
<br />
Now, you will need to replicate the issue that you are getting. The error should be printed out right away after you replicate the issue. For example, if you have a 403 Forbidden error, then you should refresh the page that is causing the problem so that a new error log entry can be appended. Once that is done, you’ll see a new line in the error log which should hopefully lead you to the right path to fixing the issue. We’re going to cover a few of the most common issues below.<br />
<br />
====Incorrect Directory Settings====<br />
<br />
The error below can be caused by two different reasons: incorrect directory index or disallowed directory listing.<br />
<br />
'''2019/06/31 15:03:43 [error] 29231#0: *2098806 directory index of "/usr/share/nginx/static/" is forbidden, client: 1.1.1.1, server: domain.com, request: "GET / HTTP/1.1", host: "domain.com"<br />
'''<br />
If you are trying to list all the files in a folder, you will get that error if the directory does not have directory listing enabled. <br />
<br />
You can enable directory listing by adding the following line to your Nginx configuration, you can read more about this option here: http://nginx.org/en/docs/http/ngx_http_autoindex_module.html<br />
<br />
autoindex on;<br />
<br />
The other possibility for that error to come up is if your index setting is incorrect, so for example, you have a index.php file in that folder, however, your index setting is setup to index.htm and index.html. This means that only these files are checked if no specific file is provided. If you alter it to something like the following, your index.php file should work:<br />
<br />
index index.htm index.html index.php;<br />
<br />
====Incorrect Permissions====<br />
<br />
The error below is generally caused by incorrect Unix permissions, you will need to make sure you have the correct permissions for the entire path.<br />
<br />
'''2019/07/01 00:31:57 [error] 29231#0: *2115270 open() "/usr/share/nginx/static/forbidden" failed (13: Permission denied), client: 1.1.1.1, server: domain.com, request: "GET /forbidden HTTP/1.1", host: "domain.com"<br />
'''<br />
<br />
As you see, the file that we are trying to access is /usr/share/nginx/static/forbidden. In order for Nginx to access it with no problems at all, Nginx must have read permissions for that specific file as well as execute for all the folders above it. This means that /, /usr, /usr/share, /usr/share/nginx and /usr/share/nginx/static must be executable by Nginx and the file /usr/share/nginx/static/forbidden must be readable by Nginx in this case.<br />
<br />
=====Set File Ownership=====<br />
Go to the directory above the website's document root. For example, if your website's document root is /usr/share/nginx/example.com go to /usr/share/nginx with the command:<br />
<br />
cd /usr/share/nginx<br />
<br />
Change the ownership of all the files from this point down to the nginx user with the command:<br />
<br />
chown -R nginx:nginx *<br />
<br />
=====Set Permissions=====<br />
Set the permissions of each directory at this location to 755 with the command:<br />
<br />
chmod 2755 [directory name]<br />
<br />
For example, to set the permissions of the briansnelsons.com directory, the command is:<br />
<br />
chmod 2755 briansnelson.com<br />
<br />
Then go to the web document root directory:<br />
<br />
cd example.com<br />
<br />
Change the permissions of all the files in this directory with the command:<br />
<br />
chmod 644 *</div>Brianhttps://briansnelson.com/HAProxy_Cluster_Setup_ExampleHAProxy Cluster Setup Example2019-06-28T03:48:51Z<p>Brian: Protected "HAProxy Cluster Setup Example" ([Edit=Allow only administrators] (indefinite) [Move=Allow only administrators] (indefinite))</p>
<hr />
<div><br />
[root@us ~]# cat /etc/haproxy/haproxy.cfg<br />
global<br />
log /dev/log local0<br />
log /dev/log local1 notice<br />
chroot /var/lib/haproxy<br />
stats timeout 30s<br />
user haproxy<br />
group haproxy<br />
daemon<br />
<br />
<br />
defaults<br />
log global<br />
mode http<br />
option httplog<br />
option dontlognull<br />
option forwardfor<br />
<br />
timeout connect 5000<br />
timeout client 50000<br />
timeout server 50000<br />
<br />
frontend http_front<br />
bind *:80<br />
stats uri /haproxy?stats <br />
# default_backend http_back<br />
# redirect all to https<br />
redirect scheme https if !{ ssl_fc }<br />
<br />
frontend https_front<br />
bind *:443 ssl crt /etc/haproxy/ssl/dev.briansnelson.com.pem <br />
# reqadd X-Forwarded-Proto:\ https<br />
mode http<br />
acl https ssl_fc<br />
<br />
# Add the X-Forwarded-Proto header if we're on https<br />
http-request add-header X-Forwarded-Proto https if https<br />
http-request set-header Ssl-Offloaded 1 if https<br />
http-request set-header X-Forwarded-Port %[dst_port]<br />
<br />
default_backend https_back<br />
<br />
backend http_back<br />
mode http<br />
balance roundrobin <br />
# server web01 108.61.205.235:80 check ssl verify none<br />
# server web02 108.61.205.235:80 check ssl verify none<br />
<br />
backend https_back<br />
mode http<br />
balance leastconn<br />
server web01 127.0.0.1:6081 check ssl verify none<br />
server web02 108.61.205.235:443 check ssl verify none backup</div>Brianhttps://briansnelson.com/How_to_delete_mail_queue_in_PostfixHow to delete mail queue in Postfix2019-06-26T23:39:09Z<p>Brian: /* How to delete mail queue in Postfix */</p>
<hr />
<div>==How to delete mail queue in Postfix==<br />
<br />
In this tutorial we will learn, how to delete mail queue in Postfix .<br />
<br />
To clear the mail queue in Postfix, we will use the command called postsuper . Abbreviation of postsuper is Postfix superintendent . postsuper command can only be run by super user of the system eg. root . <br />
<br />
Postsuper command is used for postfix mail queue related maintenance work.<br />
<br />
To check the mail queue in system, we use '''mailq''' command . <br />
mailq<br />
<br />
It might be possible when you use mailq command,you may see long list of mails which are not delivered. <br />
<br />
'''''Most of the mails have '''deferred''' status .''<br />
'''<br />
In this tutorial we will use postsuper command to delete/remove the mail queue in Postfix MTA .<br />
<br />
First run the command mailq command to check how many mails are in queue<br />
<br />
To clear/remove the mail queue in postfix,read the below given scenarios<br />
<br />
* Scenario 1 : Remove particular mail queue id (on running mailq command,you will get mail queue id)<br />
<br />
postsuper -d mail_queue_id<br />
* Scenario 2: Remove ALL mails from queue<br />
<br />
postsuper -d ALL<br />
* Scenario 3: Remove only ALL deferred mails which are in queue<br />
<br />
postsuper -d ALL deferred</div>Brianhttps://briansnelson.com/What_is_the_Cache-Control_HeaderWhat is the Cache-Control Header2019-06-21T15:14:40Z<p>Brian: </p>
<hr />
<div>==What is the Cache-Control Header==<br />
<br />
Cache-control is an HTTP header used to specify browser caching policies in both client requests and server responses. <br />
<br />
Policies include how a resource is cached, where it’s cached and its maximum age before expiring (i.e., time to live).<br />
<br />
The cache-control header is broken up into directives, the most common of which are detailed below:<br />
<br />
===Cache-Control: Max-Age===<br />
The max-age request directive defines, in seconds, the amount of time it takes for a cached copy of a resource to expire. After expiring, a browser must refresh its version of the resource by sending another request to a server.<br />
<br />
For example, cache-control: max-age=120 means that the returned resource is valid for 120 seconds, after which the browser has to request a newer version.<br />
<br />
===Cache-Control: No-Cache<br />
The no-cache directive mea===ns that a browser may cache a response, but must first submit a validation request to an origin server.<br />
<br />
===Cache-Control: No-Store===<br />
The no-store directive means browsers aren’t allowed to cache a response and must pull it from the server each time it’s requested. This setting is usually used for sensitive data, such as personal banking details.<br />
<br />
===Cache-Control: Public===<br />
The public response directive indicates that a resource can be cached by any cache.<br />
<br />
===Cache-Control: Private===<br />
The private response directive indicates that a resource is user specific—it can still be cached, but only on a client device. For example, a web page response marked as private can be cached by a desktop browser, but not a content delivery network (CDN).<br />
<br />
===Additional HTTP Cache Headers===<br />
In addition to cache-control, notable HTTP cache headers include:<br />
<br />
* '''Expires''' – This header specifies a fixed date/time for the expiration of a cached resource. For example, Expires: Sat, 13 May 2017 07:00:00 GMT signals that the cached resource expires on May 13, 2017 at 7:00 am GMT. The expires header is ignored when a cache-control header containing a max-age directive is present.<br />
* '''ETag''' – A response header that identifies the version of served content according to a token – a string of characters in quotes, e.g., "675af34563dc-tr34" – that changes after a resource is modified. If a token is unchanged before a request is made, the browser continues to use its local version.<br />
* '''Vary''' – A header that determines the responses that must match a cached resource for it to be considered valid. For example, the header Vary: Accept-Language, User-Agent specifies that a cached version must exist for each combination of user agent and language.<br />
<br />
===CDNs and Cache-Control===<br />
The variety of caching headers can make manual cache management overwhelming. CDNs allow for granular cache policy management through a user-friendly dashboard, relieving you of the need to manually tweak individual headers.<br />
<br />
In addition to simplifying cache management, CDNs augment the browser caching process using proxies. Proxy caching brings content closer to site visitors, accelerating the delivery of locally stored resources. This is especially beneficial for first-time visitors whose browsers have yet to cache site content.<br />
<br />
Finally, more advanced CDNs use advanced automation techniques, including machine learning, to cache dynamically generated content and resources. This optimizes your caching policies and further speeds up content delivery.<br />
<br />
===Tool to check your Headers===<br />
<br />
[https://securityheaders.com/?q=https%3A%2F%2Fwww.google.com SecurityHeaders - Checking Googles Headers]</div>Brianhttps://briansnelson.com/HAProxy_Load_BalancingHAProxy Load Balancing2019-06-19T07:26:47Z<p>Brian: /* HAProxy Load Balancing */</p>
<hr />
<div>==HAProxy Load Balancing==<br />
<br />
Are you looking for a solution for load balancing your website across multiple nodes? Here is an example using [http://www.haproxy.org/ HAProxy] on CentOS 7 Cloud nodes, so we can easily add additional webnodes if/when required.<br />
<br />
For this example I will be using a 4 cloud servers, haproxy/web01/web02/database server<br />
<br />
# Haproxy Server<br />
# Web01<br />
# Web02<br />
# Database Server (However not shown in this configuration)<br />
<br />
[[File:Load-balancer-graph-1.png|800px|frameless|none]]<br />
<br />
===HAProxy 1.7 on CentOS Install===<br />
<br />
I will not be installing anything besides haproxy on this node, to reduce resource consumption.<br />
<br />
yum install gcc pcre-static pcre-devel openssl-devel htop vim openssl mod_ssl -y<br />
<br />
Now lets install HAProxy 1.7 from source<br />
<br />
wget https://www.haproxy.org/download/1.7/src/haproxy-1.7.9.tar.gz<br />
tar xzvf haproxy-1.7.9.tar.gz<br />
cd haproxy-1.7.9<br />
<br />
The next command has added support for openssl, as later this will be used for https connections and I recommended setting this up now, so it's there when needed.<br />
<br />
make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_CRYPT_H=1 USE_LIBCRYPT=1<br />
make install<br />
<br />
Create a few needed directories and files<br />
<br />
mkdir -p /etc/haproxy<br />
mkdir -p /var/lib/haproxy<br />
touch /var/lib/haproxy/stats<br />
<br />
Create a symbolic link for the binary to allow you to run HAProxy commands as a normal user.<br />
<br />
ln -s /usr/local/sbin/haproxy /usr/sbin/haproxy<br />
<br />
If you want to add the proxy as a service to the system, copy the haproxy.init file from the examples to your /etc/init.d directory. Change the file permissions to make the script executable and then reload the systemd daemon.<br />
<br />
cp ./example/haproxy.init /etc/init.d/haproxy<br />
chmod 755 /etc/init.d/haproxy<br />
<br />
Now we need to reload the damon and make sure HAProxy starts if the server ever gets rebooted<br />
<br />
systemctl daemon-reload<br />
chkconfig haproxy on<br />
useradd -r haproxy<br />
<br />
That went pretty easy and fast, now comes the fun part of configuring the server<br />
<br />
===Let's Configure the Firewall for traffic and stats port===<br />
<br />
firewall-cmd --permanent --zone=public --add-service=http<br />
firewall-cmd --permanent --zone=public --add-service=https<br />
firewall-cmd --reload<br />
<br />
Setting up HAProxy for load balancing is a quite straight forward process. Basically, all you need to do is tell HAProxy what kind of connections it should be listening for and where the connections should be relayed to.<br />
This is done by creating a configuration file /etc/haproxy/haproxy.cfg with the defining settings. You can read about the configuration options at HAProxy documentation page if you wish to find out more.<br />
<br />
===Configuring HAProxy for Load Balancing Layer 7===<br />
<br />
vi /etc/haproxy/haproxy.cfg<br />
<br />
Add the following for a basic configuration, which will get everything up and running without https/port 443 support.<br />
<br />
global<br />
log /dev/log local0<br />
log /dev/log local1 notice<br />
chroot /var/lib/haproxy<br />
stats timeout 30s<br />
user haproxy<br />
group haproxy<br />
daemon<br />
<br />
defaults<br />
log global<br />
mode http<br />
option httplog<br />
option forwardfor<br />
option dontlognull<br />
timeout connect 5000<br />
timeout client 50000<br />
timeout server 50000 <br />
<br />
frontend http_front<br />
bind *:80<br />
stats uri /haproxy?stats<br />
default_backend http_back<br />
<br />
backend http_back<br />
balance roundrobin<br />
server web01 255.255.255.1:80 check<br />
server web02 255.255.255.2:80 check<br />
<br />
This defines a layer 4 load balancer with a front-end name http_front listening to the port number 80, which then directs the traffic to the default backend named http_back. <br />
<br />
The additional stats URI /haproxy?stats enables the statistics page at that specified address.<br />
<br />
After making the configurations, save the file and restart [[Main_Page#HAProxy|HAProxy]] with the next command.<br />
<br />
systemctl restart haproxy<br />
<br />
===HAProxy Troubleshooting===<br />
<br />
We ran into a few issues at first with spellings, with this configuration everything is dumped into /var/log/messages<br />
<br />
===High Availability===<br />
The layer 4 and 7 load balancing setups described before both use a load balancer to direct traffic to one of many backend servers. However, your load balancer is a single point of failure in these setups; if it goes down or gets overwhelmed with requests, it can cause high latency or downtime for your service.<br />
<br />
A high availability (HA) setup is an infrastructure without a single point of failure. It prevents a single server failure from being a downtime event by adding redundancy to every layer of your architecture. A load balancer facilitates redundancy for the backend layer (web/app servers), but for a true high availability setup, you need to have redundant load balancers as well.</div>Brianhttps://briansnelson.com/HAProxy_vs_NginxHAProxy vs Nginx2019-06-19T06:09:35Z<p>Brian: Created page with "==HAProxy vs Nginx== In the present era are high availability and scalable systems. First, you can learn about how to make an application redundant and puts two instances wit..."</p>
<hr />
<div>==HAProxy vs Nginx==<br />
<br />
In the present era are high availability and scalable systems. First, you can learn about how to make an application redundant and puts two instances with a load balancer in front of it. Incidentally, a load balancer is becoming one point of failure. A load balancer is a point of entrance to their data center. They are many critical paths to be accessed everything and anything. It gives some interesting characteristics. The first one is the most important thing that is a monitor in infrastructure. The second one is that there is a distinctive position to give an insight not only regarding them but also regarding each and every service is backing. <br />
<br />
There are 2 popular open source software load balancers that are HAProxy and Nginx. <br />
<br />
===HAProxy: ===<br />
HAProxy is reliable and fast open source solution for proxying and load balancing of HTTP and TCP-based application traffic. It is canonical modern software of load balancer. Also, it is supported as a basic feature of HTTP reverse proxy. <br />
<br />
It can provide some following advantages over the HAProxy as a load balancer: <br />
<br />
* Pluggable architecture <br />
* HTTP / 2 supports <br />
* Ability to hot re-start <br />
* Substantially more information statistics <br />
* Integrated with the remote global rate of limited service <br />
* Integrated with the remote service of discovery service <br />
* Multithread architecture is easy to operate and configured circuit breaking setting. <br />
* Single process deploys as per machine Vs potentially many different processes. <br />
<br />
===Nginx: ===<br />
Nginx is canonical modern software of web server. It is supported to serve a static content, HTTP / 2, HTTP L7 reverse proxy of load balance and other features. Nginx has so far on overall features rather than edge reverse proxy. However, modern service-oriented architecture does not make use of them. <br />
<br />
Even the freelance jobs provide some following important advantages over the Nginx as an edge proxy: <br />
<br />
* Full HTTP / 2 transparent proxy s supported HTTP / 2 for both upstream and downstream communication. <br />
* Nginx is supported HTTP / 2 for only downstream connection. <br />
* Advanced load balance is freely available. <br />
* Nginx plus is supported similar to the capable of advanced load balancing. <br />
<br />
Ability is to run the same software on each service node as well as at the edge. Several infrastructures can run in the combination of HAProxy and Nginx. A single proxy solution at the each and every hop is simpler from the operations perspective. <br />
<br />
===Comparison of HAProxy and Nginx: ===<br />
<br />
This comparison is by no mean complete feature list for each project. Look at the respective sites for getting more information. A full web server is present in Nginx while the haproxy is not present. Both Nginx and haproxy are asynchronies by the concurrency. Also, both are presented in load balancer and SSL offloading. Plug-in is statically compiled in Nginx and not present in haproxy. Admin console exists in haproxy while other does not exist. SPDY is supported both haproxy and Nginx through a plug-in. Nginx is running on the windows while another haproxy is not running on windows. TCP proxy exists in haproxy as same as not exist in Nginx. <br />
<br />
===Load balancing (HAProxy versus Nginx):===<br />
<br />
All large customers have many web servers in a front end of the systems and all those have a few types of load balancing. Some use LVS or DNS and most Nginx use as a better load balancer. <br />
<br />
However, you can think about HAProxy is more powerful and better load balancer rather than Nginx. HAProxy is used for most of the systems that need to scale and good control or complex. Most of the people have been heard HAProxy and know it has the same architecture as a Nginx. Then it has to be the single threaded event driven system that may scale from 100 to 200000 simultaneous connections and 100000 requests as per second on the big systems. <br />
<br />
Most important that the HAProxy is flexible and more powerful with a different variety of front end, back end, flexible rewrite rule and checking, standby pool and much more. HAProxy is flexible logging and powerful including how each request or connection was begun and end at what phase of HTTP and by who that really helps to troubleshoot. Additionally, a real-time API is allowed engineers to dynamically adding/removing server from the standby pool, which needs for testing. <br />
<br />
Maintenance and so on (though you have to build their special tool to make it very easy). <br />
<br />
The most useful part of HAProxy is sophisticated monitoring include nice GUI that is accessed in a web browser. Let’s see that the statistics and status of all standby pools and servers including request rates, connection, check info, errors and much more. You can hire freelancers online directly use for real-time monitoring and pulls data through API to feed your monitoring system. Further, Nginx has none of those features and very simplistic specifically control and monitor. There is no another way to know that what server is okay. There is no status on the connection rate or other information that make very useful to your system for control, monitoring or troubleshooting. <br />
<br />
Nginx is very simple to work, but cannot be suited for complex or large systems. One thing HAProxy cannot do in SSL that is directly not supported. The easiest way of using Nginx has handled SSL connection on the port 443 and forward to a unencrypted connection of port 80. This is more complex, but not bad too and works well. Though some works are needed to get their client IP address and then passed in all way via the system to a real application server. <br />
<br />
===Summary:===<br />
Generally, HAProxy load balancing is one of the best choices for the large scale load balancing of a real system specifically when you are changing many pools, good monitoring with control and complex needs. Nginx is more convenient and nice solution specifically when one would leverage of its function together, but the HAProxy offers more when you can look at the freelance jobs for giving an advanced load balancing. Nginx is not a bad choice, but the HAProxy load balancer is much better.</div>Brianhttps://briansnelson.com/Magento_2_Reindex_via_the_CLIMagento 2 Reindex via the CLI2019-06-19T04:39:19Z<p>Brian: Created page with "==Magento 2 - Reindex via the CLI== This article shows how you can reindex Magento 2 index types using the command line. The first thing you will want to do is determine whi..."</p>
<hr />
<div>==Magento 2 - Reindex via the CLI==<br />
<br />
This article shows how you can reindex Magento 2 index types using the command line.<br />
<br />
The first thing you will want to do is determine which indexes need reindexed<br />
<br />
===Check Status ===<br />
Let’s check the status of all the index types using the following command:<br />
<br />
php bin/magento indexer:status<br />
<br />
Running the above command will output something like this:<br />
<br />
Design Config Grid: Ready<br />
Customer Grid: Ready<br />
Category Products: Ready<br />
Product Categories: Ready<br />
Product Price: Reindex required<br />
Product EAV: Ready<br />
Catalog Search: Reindex required<br />
Stock: Ready<br />
Catalog Rule Product: Ready<br />
Catalog Product Rule: Ready<br />
<br />
From the above output, you will noticed that Product Price and Catalog Search need indexed<br />
<br />
===Getting the indexer name/type ===<br />
<br />
First of all, let’s get the information/list of all the index types present in Magento 2. For this, we use the following command:<br />
<br />
php bin/magento indexer:info<br />
<br />
Running the above command will output something like this:<br />
<br />
design_config_grid Design Config Grid<br />
customer_grid Customer Grid<br />
catalog_category_product Category Products<br />
catalog_product_category Product Categories<br />
catalog_product_price Product Price<br />
catalog_product_attribute Product EAV<br />
catalogsearch_fulltext Catalog Search<br />
cataloginventory_stock Stock<br />
catalogrule_rule Catalog Rule Product<br />
catalogrule_product Catalog Product Rule<br />
<br />
With this information we can running the following commands to reindex just the specific indexes that require it<br />
<br />
===Reindex specific indexes ===<br />
<br />
php bin/magento indexer:reindex catalog_product_price catalogsearch_fulltext<br />
<br />
Running the above command will output something like this:<br />
<br />
Product Price index has been rebuilt successfully in 00:00:23<br />
Catalog Search index has been rebuilt successfully in 00:00:15<br />
<br />
===Reindex all indexes via CLI ===<br />
<br />
This is done with the same command as above, but without specifying individual indexes.<br />
<br />
php bin/magento indexer:reindex<br />
<br />
Sample output:<br />
<br />
Design Config Grid index has been rebuilt successfully in 00:00:04 <br />
Customer Grid index has been rebuilt successfully in 00:00:06<br />
Category Products index has been rebuilt successfully in 00:00:02<br />
Product Categories index has been rebuilt successfully in 00:00:00<br />
Product Price index has been rebuilt successfully in 00:00:01<br />
Product EAV index has been rebuilt successfully in 00:00:00<br />
Catalog Search index has been rebuilt successfully in 00:00:04<br />
Stock index has been rebuilt successfully in 00:00:01<br />
Catalog Rule Product index has been rebuilt successfully in 00:00:00<br />
Catalog Product Rule index has been rebuilt successfully in 00:00:00</div>Brianhttps://briansnelson.com/Magento_2_Reindex_Error:_Index_is_locked_by_another_reindex_process._SkippingMagento 2 Reindex Error: Index is locked by another reindex process. Skipping2019-06-19T04:26:06Z<p>Brian: /* Possible error messages */</p>
<hr />
<div>==Magento 2 Reindex Error: Index is locked by another reindex process. Skipping==<br />
<br />
Help! I am getting a magento 2 reindex error, that its locked and being used by another process<br />
<br />
===Problem===<br />
During full reindex in CLI (Command Line Interface, SSH), magento returns error message like “index is locked by another reindex process. Skipping.”<br />
<br />
===Reason===<br />
Error is possible if previous reindex process wasn’t completed successfully. There are few possible reasons of this issue:<br />
<br />
* Fatal PHP error during reindex<br />
* Mysql Error (like timeout)<br />
* Memory limit<br />
* Process was unexpectedly interrupted (by user or another process)<br />
<br />
===Solution===<br />
You need reset index status and then try run new reindex process. For reset index status, you need run command:<br />
<br />
php bin/magento indexer:reset <index identifier><br />
<br />
If you don’t know index identifier (code), you can use command:<br />
<br />
php bin/magento indexer:info<br />
<br />
All possible combinations for native indexes:<br />
<br />
bin/magento indexer:reset design_config_grid; <br />
bin/magento indexer:reset customer_grid;<br />
bin/magento indexer:reset catalog_category_product;<br />
bin/magento indexer:reset catalog_product_category;<br />
bin/magento indexer:reset catalogrule_rule;<br />
bin/magento indexer:reset catalog_product_attribute;<br />
bin/magento indexer:reset cataloginventory_stock;<br />
bin/magento indexer:reset catalog_product_price;<br />
bin/magento indexer:reset catalogrule_product;<br />
bin/magento indexer:reset catalogsearch_fulltext;<br />
<br />
===Possible error messages===<br />
<br />
Below are some of the errors you might be seeing:<br />
<br />
* Design Config Grid index is locked by another reindex process. Skipping.<br />
* Customer Grid index is locked by another reindex process. Skipping.<br />
* Product Flat Data index is locked by another reindex process. Skipping.<br />
* Category Flat Data index is locked by another reindex process. Skipping.<br />
* Category Products index is locked by another reindex process. Skipping.<br />
* Product Categories index is locked by another reindex process. Skipping.<br />
* Product Price index is locked by another reindex process. Skipping.<br />
* Product EAV index is locked by another reindex process. Skipping.<br />
* Catalog Rule Product index is locked by another reindex process. Skipping.<br />
* Catalog Product Rule index is locked by another reindex process. Skipping.<br />
* Stock index is locked by another reindex process. Skipping.<br />
* Catalog Search is locked by another reindex process. Skipping.<br />
<br />
Once you reset the index, you will be able to run the reindex command, make sure watch the process or have it output to a log file to find what the original issue was.</div>Brianhttps://briansnelson.com/Magento_2_How_to_check_Magento_VersionMagento 2 How to check Magento Version2019-06-19T03:34:18Z<p>Brian: /* =Special Magento 2 version page */</p>
<hr />
<div>==Magento 2 - How to check Magento Version==<br />
<br />
There´s many Magento 2 versions and editions. Sometimes you need to know, which exactly version of Magento you´re running - for example, for planning upgrade.<br />
<br />
Here is a few tricks, which will show your actual version of Magento 2.<br />
<br />
===Special Magento 2 version page===<br />
The simplest way to know, which version you are running without logging in, is a special version page, which each Magento store features.<br />
<br />
Just visit this URL: http://your_store.com/magento_version<br />
<br />
It will automatically render a simple page with your Magento 2 version.<br />
<br />
[[File:Magento2version-url.png|900px|frameless|none]]<br />
<br />
It will display only major version number, though. If you wish to know also minor version, see other methods below.<br />
<br />
'''**NOTE - I would recommend disabling this output to prevent hackers from trying to find vulnerabilities in your site'''<br />
<br />
===Backend Footer===<br />
<br />
Another simple method to check version is available, when you have access to backend. Here is what you need to do:<br />
<br />
* Log in to your store backend and open any page, say, Orders.<br />
* Pay attention to the right bottom section - you will see there current Magento 2 version.<br />
<br />
===SSH/CLI Command===<br />
<br />
Another simple method is a special CLI command. Here is what you need to do:<br />
<br />
Log in to SSH/CLI of your store and navigate to the root of your store.<br />
<br />
php bin/magento --version<br />
<br />
You will see log, which describes current Magento CLI version, which corresponds to your actual Magento version:<br />
<br />
===Composer Installation File===<br />
<br />
If your Magento was installed via Composer, you have another method to check Magento 2 version. Here is what you need to do:<br />
<br />
Log in to your store using FTP/SSH and navigate to the root of your store.<br />
* Open composer.json file.<br />
* version property in first data structure contains precise version of your Magento 2</div>Brianhttps://briansnelson.com/How_to_Enable_Disable_Magento_2_cachesHow to Enable Disable Magento 2 caches2019-06-19T03:11:12Z<p>Brian: Created page with "==How to Enable Disable Magento 2 caches== Magento cache are pages (or parts of pages) that are stored to improve the page load time of subsequent requests. A cache stores..."</p>
<hr />
<div>==How to Enable Disable Magento 2 caches==<br />
<br />
Magento cache are pages (or parts of pages) that are stored to improve the page load time of subsequent requests. <br />
<br />
A cache stores data so that future calls for that data can be loaded quicker, and Magento includes these types: <br />
* configuration<br />
* layout <br />
* block HTML layout<br />
* full page (the most well-known) <br />
* collections <br />
* DDL <br />
* EAV <br />
* reflection <br />
* translation <br />
* integration configuration<br />
* integration API configuration <br />
* web services configuration. <br />
<br />
Other types can be created and defined.<br />
<br />
===Enable/disable cache types via Backend===<br />
In Magento 2 backend<br />
In your Magento backend, go to System > Tools > Cache Management.<br />
Enable them all to prevent slow sites<br />
<br />
===Enable/disable cache types via CLI===<br />
<br />
Using command line<br />
This command allows you to enable or disable some or all cache types. <br />
<br />
Disabling cache types is useful during development because you see the results of your changes without having to flush the cache; however, disabling cache types has some negative effect on performance.<br />
<br />
php bin/magento cache:enable [type] ... [type]<br />
php bin/magento cache:disable [type] ... [type]<br />
<br />
Where omitting [type] enables or disables all cache types at the same time. The type option is a space-separated list of cache types.<br />
<br />
To list cache types and their status:<br />
<br />
php bin/magento cache:status<br />
<br />
==Clear cache in Magento 2 ==<br />
<br />
To clear out-of-date items from the cache, you can clean or flush cache types:<br />
<br />
* Cleaning a cache type deletes all items from enabled Magento cache types only. In other words, this option does not affect other processes or applications because it cleans only the cache that Magento uses. Disabled cache types will not be cleaned.<br />
* Flushing a cache type clears the cache storage, which might affect other processes or applications that are using the same storage.<br />
<br />
You should only flush cache types if you’ve already tried cleaning the cache and you’re still having issues that you cannot isolate.<br />
<br />
===Clear Magento 2 via Backend ===<br />
# In your Magento backend, go to System > Tools > Cache Management.<br />
# Check the box on which cache type you want to clean/flush. Then,<br />
# Click Flush Magento Cache if you want to clean cache. This is equivalent to magento cache:clean<br />
# Click Flush Cache Storage if you want to flush cache. This is equivalent to magento cache:flush<br />
<br />
For further cache clean/flush, you can also scroll down to Additional Cache Management section, where you’re able to flush these types of cache:<br />
# Flush Catalog Images Cache: Removes all automatically resized and watermarked catalog images that are stored at: media/catalog/product/cache. If recently uploaded images aren’t reflected in the catalog, try flushing the catalog and refreshing your browser.<br />
# Flush JavaScript/CSS Cache: Removes the merged copy of JavaScript and CSS files from the cache. If recent changes to the style sheet or JavaScript aren’t reflected in the store, try flushing the JavaScript/CSS cache and refreshing your browser.<br />
# Flush Static Files Cache: Removes preprocessed view files and static files.<br />
<br />
Make sure to also clear the cache of your browser.<br />
<br />
===Clear Magento 2 via CLI ===<br />
<br />
Command usage:<br />
<br />
php bin/magento cache:clean [type] ... [type]<br />
php bin/magento cache:flush [type] ... [type]<br />
<br />
Where [type] is a space-separated list of cache types. Omitting [type] cleans or flushes all cache types at the same time. For example, to flush all cache types:<br />
<br />
php bin/magento cache:flush<br />
<br />
You can view the caches to see if they are enabled by running:<br />
<br />
php bin/magento cache:status</div>Brianhttps://briansnelson.com/How_to_speed_up_Magento_2_out_of_the_boxHow to speed up Magento 2 out of the box2019-06-19T02:54:00Z<p>Brian: Created page with "==How to speed up Magento 2 out of the box== Magento 2 (M2) comes as a new era of e-commerce innovation. It has more features and is more complex, and has more lines of code,..."</p>
<hr />
<div>==How to speed up Magento 2 out of the box==<br />
<br />
Magento 2 (M2) comes as a new era of e-commerce innovation. It has more features and is more complex, and has more lines of code, compared to the first generation of this popular platform. <br />
<br />
Such a level of flexibility comes at a price, M2 can be slow. Poor performance is the number one complaint from store owners and developers.<br />
<br />
In this article I will share my expertise on how to '''make Magento 2 faster''', and provide 10 practical tips to optimize the performance of any M2 site.<br />
<br />
===Step 1: Enable Flat Categories and Products ===<br />
<br />
May be you know that one of the aspects having a great influence on the speed of Magento 2 performance is the ability of database loading. In the configuration, enable Flat Catalog to speed up that. Flat Catalog allows offloading the number of the database once there is any request for showing the product. At the same time, the MySQL query complexity will be reduced.<br />
<br />
Go to backend, Stores > Configuration > Catalog > Catalog > Storefront, choose Yes in Use Flat Catalog Category field.<br />
<br />
===Step 2: Merge CSS and JS Files ===<br />
<br />
The next step you need to follow is merging and minifying CSS and Javascript files, that means making the web page as light as possible for the fast loading. <br />
<br />
'''**Note This may end badly if you have incompatible extensions '''<br />
<br />
====Merge/Minify Javascript Files====<br />
<br />
Go to backend, Stores -> Configuration > Advanced > Developer > JavaScript Settings<br />
# Set Merge JavaScript Files to '''Yes'''<br />
# Set Minify JavaScript Files to '''Yes'''<br />
<br />
====Merge/Minefy CSS File====<br />
Go to backend, Stores > Configuration > Advanced > Developer > CSS Settings<br />
# Set Merge CSS Files to '''Yes'''<br />
# Set Minify CSS Files to '''Yes'''<br />
<br />
===Step 3: Enable all Caching===<br />
<br />
In the backend, System > Cache Management.<br />
<br />
Here, you find a plenty of caching options to flush your Magento 2 cache. <br />
<br />
Tap Enable and then Submit the options which you need.<br />
<br />
===Step 4: Image Optimization ===<br />
<br />
The image is a necessary factor to make your Magento 2 store’s performance more vivid. <br />
<br />
However, the image size that is too heavy to upload on your site is one of the crucial reason for the overload page. <br />
<br />
Thus, compressing should be done before submitting any image. You can use JPEG format for Product images, and PNG or SVG for the layout as well as the logo.<br />
<br />
We have tutorial with tools that should be installed at the server level to help optimize images.<br />
<br />
# [[How to install jpegoptim for CentOS]]<br />
# [[How to install optipng for CentOS]]<br />
# [[How to install gifsicle for CentOS]]<br />
# [[How to install jpegtran for CentOS]]<br />
<br />
===Step 5: Enable Compression ===<br />
<br />
Follow the resources to enable compression by Google’s offer.<br />
<br />
<IfModule mod_deflate.c><br />
# Compress HTML, CSS, JavaScript, Text, XML and fonts<br />
AddOutputFilterByType DEFLATE application/javascript<br />
AddOutputFilterByType DEFLATE application/rss+xml<br />
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject<br />
AddOutputFilterByType DEFLATE application/x-font<br />
AddOutputFilterByType DEFLATE application/x-font-opentype<br />
AddOutputFilterByType DEFLATE application/x-font-otf<br />
AddOutputFilterByType DEFLATE application/x-font-truetype<br />
AddOutputFilterByType DEFLATE application/x-font-ttf<br />
AddOutputFilterByType DEFLATE application/x-javascript<br />
AddOutputFilterByType DEFLATE application/xhtml+xml<br />
AddOutputFilterByType DEFLATE application/xml<br />
AddOutputFilterByType DEFLATE font/opentype<br />
AddOutputFilterByType DEFLATE font/otf<br />
AddOutputFilterByType DEFLATE font/ttf<br />
AddOutputFilterByType DEFLATE image/svg+xml<br />
AddOutputFilterByType DEFLATE image/x-icon<br />
AddOutputFilterByType DEFLATE text/css<br />
AddOutputFilterByType DEFLATE text/html<br />
AddOutputFilterByType DEFLATE text/javascript<br />
AddOutputFilterByType DEFLATE text/plain<br />
AddOutputFilterByType DEFLATE text/xml <br />
<br />
# Remove browser bugs (only needed for really old browsers)<br />
BrowserMatch ^Mozilla/4 gzip-only-text/html<br />
BrowserMatch ^Mozilla/4\.0[678] no-gzip<br />
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html<br />
Header append Vary User-Agent<br />
</IfModule><br />
<br />
===Step 6: Inspect every installed 3rd-party extension===<br />
<br />
Magento 2 core is written by programming experts. There is not much room for improvement in the core code. <br />
<br />
That is normally not the case for extensions you can buy, or download for free. Some of them could really slow the site down.<br />
<br />
You should perform a 3rd-party extensions audit. <br />
<br />
Turn every module on and off, clear caches, and see if it changes the site’s speed. <br />
<br />
Test all important page types, front page, category pages, product pages and checkout. <br />
<br />
If you turn off an extension and the site becomes faster – you have found an abuser. <br />
<br />
Contact this plugin’s vendor and let them know about the performance problem. Ask for a refund, write a review, and find an alternative if they don’t respond.<br />
<br />
To turn off the extension you will need SSH access. Most hosting companies will allow you to access the server via SSH and will provide you with necessary credentials.<br />
<br />
Once you are logged in:<br />
<br />
Disable Plugin:<br />
<br />
php bin/magento module:disable VendorName_PluginName<br />
<br />
Enable Plugin:<br />
<br />
php bin/magento module:enable VendorName_PluginName<br />
<br />
Check Status:<br />
<br />
php bin/magento module:status<br />
<br />
It is always good practice to delete unused extensions from the file system, they will just be an unnecessary security risk.<br />
<br />
===Step 7: Reduce Server Response Time===<br />
<br />
By Magento 2 Buit-in cache functionality, your site’s response time is quite good with approximately 0.5s. But it is not ideal time as Google expects. Due to that, Magento 2 supports Full Page Cache via Varnish natively. Let’s setup Varnish to get the first byte around 0.1-0.2s.<br />
<br />
Go to backend, Stores > Configuration > Advanced > System > Full Page Cache, transfer Caching Application to Varnish Cache.<br />
<br />
Once everything is setup, here is an example of how to purge the Varnish Cache<br />
# [[Magento 2 Purge Varnish Cache]]<br />
<br />
===Step 8: Put Site in Production Mode ===<br />
<br />
Putting Magento 2 into production mode to increase performance<br />
<br />
Magento 2 has three modes of operation: <br />
* default<br />
* developer<br />
* production<br />
<br />
The fastest one is '''production'''. Default and developer modes are used for debugging purposes and should never be used for a live site.<br />
<br />
You will need to get SSH access details from your hosting provider to find out what mode you are running in now. The command is pretty simple:<br />
<br />
php bin/magento deploy:mode:show<br />
<br />
Run it once inside the root Magento folder.<br />
<br />
To set production mode issue this command:<br />
<br />
php bin/magento deploy:mode:set production<br />
<br />
'''**NOTE: Depending on your configuration it might take a while<br />
'''<br />
===Step 9: Get a Good Hosting Company===<br />
<br />
The hosting plan you choose plays an important role in overall website’s performance. You can’t have a fast M2 store on a cheap VPS.<br />
<br />
Magento 2 has specific technology requirements. [http://devdocs.magento.com/guides/v2.0/install-gde/system-requirements-tech.html You can have a look at them here]. <br />
<br />
I would mention only two: 2G of RAM at minimum and SSD (solid state disk). You can not expect decent speed if you don’t meet either one of those two criteria. <br />
<br />
The top pick for our Magento hosting needs is [https://www.nexcess.net/pricing/cloud-pricing/ Nexcess.net] with their optimized platform and dedicated managed hosting<br />
<br />
===Step 10: Site back and enjoy all your customers===<br />
<br />
Yes, I know I said 10 things to speed up your Magento 2 store, however this last one plays a large part to your success</div>Brianhttps://briansnelson.com/Magento_2_Redis_Page_Cache_and_Default_Cache_ExampleMagento 2 Redis Page Cache and Default Cache Example2019-06-19T01:19:38Z<p>Brian: /* Results in you Env.php */</p>
<hr />
<div>==Magento 2 Redis Page Cache and Default Cache Example==<br />
<br />
Magento provides command line options to configure Redis page and default caching. <br />
<br />
Although you can also configure caching by editing the <Magento install dir>app/etc/env.php file, the command line is the recommended method, especially for initial configuration. <br />
<br />
The command line provides validation, thereby ensuring the configuration is syntactically correct.<br />
<br />
[[Install_Redis_on_Centos_7_How_To|You must install Redis before continuing.]]<br />
<br />
===Setting up Redis for Full Page Caching===<br />
<br />
To configure Redis page caching on Magento, run the setup:config:set command with additional parameters.<br />
<br />
bin/magento setup:config:set --page-cache=redis --page-cache-redis-<parameter_name>=<parameter_value>...<br />
<br />
where<br />
<br />
'''--page-cache=redis''' enables Redis page caching. If this feature has already been enabled, omit this parameter.<br />
<br />
'''--page-cache-redis-<parameter_name>=<parameter_value>''' is a list of parameter/value pairs that configure page caching:<br />
<br />
{| class="wikitable"<br />
|-<br />
! CLI Parameter !! Parameter !! Default value<br />
|-<br />
| page-cache-redis-server || server || 127.0.0.1<br />
|-<br />
| page-cache-redis-port || port || 6379<br />
|-<br />
| page-cache-redis-db || database || 0<br />
|-<br />
| page-cache-redis-password || password ||<br />
|}<br />
<br />
==== Example command ====<br />
The following example enables Redis page caching, sets the host to 127.0.0.1 and assigns the database number to 1. All other parameters are set to the default value.<br />
<br />
bin/magento setup:config:set --page-cache=redis --page-cache-redis-server=127.0.0.1 --page-cache-redis-db=1<br />
<br />
===Setting up Redis for Magento 2 Default Caching===<br />
<br />
Run the setup:config:set command and specify parameters that specific to Redis default caching.<br />
<br />
bin/magento setup:config:set --cache-backend=redis --cache-backend-redis-<parameter_name>=<parameter_value>...<br />
where<br />
<br />
'''--cache-backend=redis''' enables Redis default caching. If this feature has already been enabled, omit this parameter.<br />
<br />
'''--cache-backend-redis-<parameter_name>=<parameter_value>''' is a list of parameter/value pairs that configure default caching:<br />
<br />
{| class="wikitable"<br />
|-<br />
! CLI Parameter !! Parameter !! Default value<br />
|-<br />
| page-cache-redis-server || server || 127.0.0.1<br />
|-<br />
| page-cache-redis-port || port || 6379<br />
|-<br />
| page-cache-redis-db || database || 0<br />
|-<br />
| page-cache-redis-password || password ||<br />
|}<br />
<br />
====Example command====<br />
<br />
The following example enables Redis default caching, sets the host to 127.0.0.1 and assigns the database number to 0. Redis uses default values for all other parameters.<br />
<br />
bin/magento setup:config:set --cache-backend=redis --cache-backend-redis-server=127.0.0.1 --cache-backend-redis-db=0<br />
<br />
=== Results in you Env.php ===<br />
<br />
As a result of the two example commands, Magento adds lines similar to the following to '''<Magento install dir>app/etc/env.php''':<br />
<br />
'cache' => [<br />
'frontend' => [<br />
'default' => [<br />
'backend' => 'Cm_Cache_Backend_Redis',<br />
'backend_options' => [<br />
'server' => '127.0.0.1',<br />
'database' => '0',<br />
'port' => '6379'<br />
'compress_data' => '1',<br />
'compress_tags' => '1',<br />
'compress_threshold' => '20480',<br />
'lifetimelimit' => '57600',<br />
],<br />
],<br />
'page_cache' => [<br />
'backend' => 'Cm_Cache_Backend_Redis',<br />
'backend_options' => [<br />
'server' => '127.0.0.1',<br />
'port' => '6379',<br />
'database' => '1',<br />
'compress_data' => '1',<br />
'compress_tags' => '1',<br />
'compress_threshold' => '20480',<br />
'lifetimelimit' => '57600',<br />
]<br />
]<br />
]<br />
],<br />
<br />
===Redis monitor command===<br />
<br />
In a command prompt on the server on which Redis is running, enter:<br />
<br />
redis-cli monitor</div>Brianhttps://briansnelson.com/Magento_2_Purge_Varnish_CacheMagento 2 Purge Varnish Cache2019-06-19T01:04:59Z<p>Brian: Created page with "===Magento 2 Purge Varnish Cache=== Magento 2 has the built in functionality to use Varnish Cache This can be setup with: <nowiki>bin/magento setup:config:set --http-cache..."</p>
<hr />
<div>===Magento 2 Purge Varnish Cache===<br />
<br />
Magento 2 has the built in functionality to use Varnish Cache<br />
<br />
This can be setup with:<br />
<br />
<nowiki>bin/magento setup:config:set --http-cache-hosts=127.0.0.1:6081</nowiki><br />
<br />
Once this is set, the application should handle sending requests to varnish to purge the full page cache. <br />
<br />
===Purge Varnish Cache using Curl===<br />
<br />
Otherwise, you can send CURL requests as well like the following:<br />
<br />
Using Curl to purge the varnish cache from the CLI is done with the following command<br />
<br />
<nowiki>curl -H "X-Magento-Tags-Pattern: .*" -X PURGE 127.0.0.1:6081</nowiki><br />
<br />
Happy Varnish Speeds by default</div>Brianhttps://briansnelson.com/Magento_2_How_to_Add_Alternative_HTTP_headersMagento 2 How to Add Alternative HTTP headers2019-06-19T00:57:44Z<p>Brian: Created page with "==Magento 2 How to Add Alternative HTTP headers== If you have more than one frontend server running on your Magento 2 store, it’s needed to load balance the traffic between..."</p>
<hr />
<div>==Magento 2 How to Add Alternative HTTP headers==<br />
<br />
If you have more than one frontend server running on your Magento 2 store, it’s needed to load balance the traffic between the nodes. In this case we have a new instance between the browser and the web-server.<br />
<br />
Often it’s a system like [[Main_Page#HAProxy|HAProxy]] or [[Main_Page#Varnish_Cache|Varnish]].<br />
<br />
If the load balancer or proxy receives a request from a browser, it forwards it to backend server in the internal network. <br />
<br />
The IP address of the client is than added to a forward header which contains the IP address of a forward chain.<br />
<br />
Example:<br />
<br />
X-Forwarded-For: client, proxy1, proxy2<br />
<br />
In some situation i.e. for GEO-IP checks, you need the real IP address of a client. <br />
<br />
If you don’t configure Magento the remote address is always the proxy or load balancer (127.0.0.1).<br />
<br />
That’s not what we want. We need the first part of the comma separated list of the IP chain. <br />
<br />
Magento offers us a mechanism to solve this issue.<br />
<br />
===Remote Address===<br />
<br />
The key to solve the issue is the class <br />
<br />
Magento\Framework\HTTP\PhpEnvironment\RemoteAddress <br />
<br />
which is provided by the Magento 2 framework.<br />
<br />
In Magento 2 it’s prohibited to call the $_SERVER['REMOTE_ADD'] directly. <br />
<br />
The RemoteAddress class is a wrapper to deal with the remote address.<br />
<br />
The correct way to get the remote address is this:<br />
use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;<br />
<br />
use Magento\Framework\HTTP\PhpEnvironment\RemoteAddress;<br />
<br />
class MyClass<br />
{<br />
/**<br />
* @var RemoteAddress<br />
*/<br />
private $remoteAddress;<br />
<br />
public function __construct(RemoteAddress $remoteAddress)<br />
{<br />
$this->remoteAddress = $remoteAddress;<br />
}<br />
<br />
public function doSomething()<br />
{<br />
$ipAddressOfTheClient = $this->remoteAddress->getRemoteAddress();<br />
}<br />
}<br />
<br />
===Configuration===<br />
<br />
It’s possible to inject a list of alternative headers to the RemoteAddress class by Dependency Injection. <br />
<br />
This config isn’t related to any module. It’s a special config for a production server setup.<br />
<br />
It’s important to know that Magento 2 will load any di.xml file from any subfolder of the '''app/etc''' folder!<br />
<br />
With this information we can create a subfolder like '''app/etc/myproject/di.xml''' with the following content:<br />
<br />
<nowiki><?xml version="1.0"?> <br />
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"<br />
xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd"><br />
<br />
<type name="Magento\Framework\HTTP\PhpEnvironment\RemoteAddress"><br />
<arguments><br />
<argument name="alternativeHeaders" xsi:type="array"><br />
<item name="x-forwarded-for" xsi:type="string">HTTP_X_FORWARDED_FOR</item><br />
</argument><br />
</arguments><br />
</type><br />
</config></nowiki><br />
<br />
After that Magento will look into the given HTTP header „X-Forwarded-For“. The name of the header is normalized by PHP.<br />
<br />
'''X-Forwarded-For is available as $_SERVER['HTTP_XFORWARDED_FOR'].'''<br />
<br />
It’s possible to add more than one header to alternative header list.</div>Brianhttps://briansnelson.com/What_is_HAProxyWhat is HAProxy2019-06-12T00:54:09Z<p>Brian: /* What is HAProxy */</p>
<hr />
<div>==What is HAProxy==<br />
[[File:Haproxy.png|frameless|right|HAProxy - What is HAProxy]]<br />
HAProxy is free, open source software that provides a high availability load balancer and proxy server for TCP and HTTP-based applications that spreads requests across multiple servers. It is written in C and has a reputation for being fast and efficient (in terms of processor and memory usage)<br />
<br />
HAProxy can also be setup with varnish for ssl termination to allow https connections to use an http backed with varnish. This allows your sites to be faster while being secure.<br />
<br />
HAProxy is used by a number of high-profile websites including GoDaddy, GitHub, Bitbucket, Stack Overflow, Reddit, Speedtest.net, Tumblr, Twitter and Tuenti.<br />
<br />
===Interesting Fact about HAProxy===<br />
<br />
Servers equipped with a dual-core Opteron or Xeon processor generally achieve between 15000 and 40000 hits per second, and have no trouble saturating a 2 Gbit/sec connection under Linux.<br />
<br />
===HAProxy Terminology===<br />
There are many terms and concepts that are important when discussing load balancing and proxying. We will go over commonly used terms in the following sub-sections.<br />
<br />
Before we get into the basic types of load balancing, we will talk about ACLs, backends, and frontends.<br />
<br />
====Access Control List (ACL)====<br />
In relation to load balancing, ACLs are used to test some condition and perform an action (e.g. select a server, or block a request) based on the test result. Use of ACLs allows flexible network traffic forwarding based on a variety of factors like pattern-matching and the number of connections to a backend, for example.<br />
<br />
Example of an ACL:<br />
<br />
acl url_blog path_beg /blog<br />
<br />
This ACL is matched if the path of a user's request begins with /blog. This would match a request of http://yourdomain.com/blog/blog-entry-1, for example.<br />
<br />
For a detailed guide on ACL usage, check out the [http://cbonte.github.io/haproxy-dconv/configuration-1.4.html#7 HAProxy Configuration Manual].<br />
<br />
====Backend====<br />
A backend is a set of servers that receives forwarded requests. Backends are defined in the backend section of the HAProxy configuration. In its most basic form, a backend can be defined by:<br />
<br />
# which load balance algorithm to use<br />
# a list of servers and ports<br />
<br />
A backend can contain one or many servers in it--generally speaking, adding more servers to your backend will increase your potential load capacity by spreading the load over multiple servers. Increase reliability is also achieved through this manner, in case some of your backend servers become unavailable.<br />
<br />
Here is an example of a two backend configuration, web-backend and blog-backend with two web servers in each, listening on port 80:<br />
<br />
backend web-backend<br />
balance roundrobin<br />
server web1 web1.yourdomain.com:80 check<br />
server web2 web2.yourdomain.com:80 check<br />
<br />
backend blog-backend<br />
balance roundrobin<br />
mode http<br />
server blog1 blog1.yourdomain.com:80 check<br />
server blog1 blog1.yourdomain.com:80 check<br />
<br />
'''balance roundrobin''' line specifies the load balancing algorithm, which is detailed in the Load Balancing Algorithms section.<br />
<br />
'''mode http''' specifies that layer 7 proxying will be used, which is explained in Types of Load Balancing section.<br />
<br />
The check option at the end of the server directives specifies that health checks should be performed on those backend servers.<br />
<br />
====Frontend====<br />
A frontend defines how requests should be forwarded to backends. Frontends are defined in the frontend section of the HAProxy configuration. Their definitions are composed of the following components:<br />
<br />
# a set of IP addresses and a port (e.g. 10.1.1.7:80, *:443, etc.)<br />
# ACLs<br />
# use_backend rules, which define which backends to use depending on which ACL conditions are matched, and/or a default_backend rule that handles every other case<br />
<br />
A frontend can be configured to various types of network traffic, as explained in the next section.<br />
<br />
===Types of Load Balancing===<br />
<br />
Now that we have an understanding of the basic components that are used in load balancing, let's get into the basic types of load balancing.<br />
<br />
====No Load Balancing====<br />
<br />
In this example, the user connects directly to your web server, at yourdomain.com and there is no load balancing. If your single web server goes down, the user will no longer be able to access your web server. Additionally, if many users are trying to access your server simultaneously and it is unable to handle the load, they may have a slow experience or they may not be able to connect at all.<br />
<br />
====Layer 4 Load Balancing====<br />
<br />
The simplest way to load balance network traffic to multiple servers is to use layer 4 (transport layer) load balancing. Load balancing this way will forward user traffic based on IP range and port (i.e. if a request comes in for http://yourdomain.com/anything, the traffic will be forwarded to the backend that handles all the requests for yourdomain.com on port 80). <br />
<br />
The user accesses the load balancer, which forwards the user's request to the web-backend group of backend servers. Whichever backend server is selected will respond directly to the user's request. Generally, all of the servers in the web-backend should be serving identical content--otherwise the user might receive inconsistent content. Note that both web servers connect to the same database server.<br />
<br />
====Layer 7 Load Balancing====<br />
<br />
Another, more complex way to load balance network traffic is to use layer 7 (application layer) load balancing. Using layer 7 allows the load balancer to forward requests to different backend servers based on the content of the user's request. This mode of load balancing allows you to run multiple web application servers under the same domain and port. <br />
<br />
In this example, if a user requests yourdomain.com/blog, they are forwarded to the blog backend, which is a set of servers that run a blog application. Other requests are forwarded to web-backend, which might be running another application. Both backends use the same database server, in this example.<br />
<br />
A snippet of the example frontend configuration would look like this:<br />
<br />
frontend http<br />
bind *:80<br />
mode http<br />
<br />
acl url_blog path_beg /blog<br />
use_backend blog-backend if url_blog<br />
<br />
default_backend web-backend<br />
<br />
This configures a frontend named http, which handles all incoming traffic on port 80.<br />
<br />
'''acl url_blog path_beg /blog''' matches a request if the path of the user's request begins with /blog.<br />
<br />
'''use_backend blog-backend if url_blog''' uses the ACL to proxy the traffic to blog-backend.<br />
<br />
'''default_backend web-backend''' specifies that all other traffic will be forwarded to web-backend.<br />
<br />
===Load Balancing Algorithms===<br />
The load balancing algorithm that is used determines which server, in a backend, will be selected when load balancing. HAProxy offers several options for algorithms. In addition to the load balancing algorithm, servers can be assigned a weight parameter to manipulate how frequently the server is selected, compared to other servers.<br />
<br />
Because HAProxy provides so many load balancing algorithms, we will only describe a few of them here. See the HAProxy Configuration Manual for a complete list of algorithms.<br />
<br />
A few of the commonly used algorithms are as follows:<br />
<br />
====roundrobin====<br />
Round Robin selects servers in turns. This is the default algorithm.<br />
<br />
====leastconn====<br />
Selects the server with the least number of connections--it is recommended for longer sessions. Servers in the same backend are also rotated in a round-robin fashion.<br />
<br />
====source====<br />
This selects which server to use based on a hash of the source IP i.e. your user's IP address. This is one method to ensure that a user will connect to the same server.<br />
<br />
===Sticky Sessions===<br />
Some applications require that a user continues to connect to the same backend server. This persistence is achieved through sticky sessions, using the appsession parameter in the backend that requires it.<br />
<br />
===Health Check===<br />
HAProxy uses health checks to determine if a backend server is available to process requests. This avoids having to manually remove a server from the backend if it becomes unavailable. The default health check is to try to establish a TCP connection to the server i.e. it checks if the backend server is listening on the configured IP address and port.<br />
<br />
If a server fails a health check, and therefore is unable to serve requests, it is automatically disabled in the backend i.e. traffic will not be forwarded to it until it becomes healthy again. If all servers in a backend fail, the service will become unavailable until at least one of those backend servers becomes healthy again.<br />
<br />
For certain types of backends, like database servers in certain situations, the default health check is insufficient to determine whether a server is still healthy.<br />
<br />
===Lastest Version HAProxy===<br />
<br />
[https://www.haproxy.com/blog/haproxy-1-9-has-arrived/ HAProxy 1.9 Has Arrived]<br />
<br />
HAProxy Technologies is proud to announce the release of HAProxy 1.9. This release brings a native HTTP representation (HTX) powering end-to-end HTTP/2 support and paving the way for future innovations such as HTTP/3 (QUIC). It also contains improvements to buffers and connection management including connection pooling to backends, threading optimizations, updates to the Runtime API, and much more.</div>Brianhttps://briansnelson.com/Bash_Script_to_Check_Site_Code_Status_with_Email_AlertBash Script to Check Site Code Status with Email Alert2019-05-02T01:31:17Z<p>Brian: </p>
<hr />
<div>===Bash Script to Check Site Code Status with Email Alert===<br />
<br />
Ever want a low cost way to check and make sure your site is loading correctly?<br />
<br />
Here is a bash script that will send you an email alert when your site does not return a 200 status code<br />
<br />
#!/bin/bash <br />
#######################################################################################<br />
#Script Name :alertsitedown.sh<br />
#Description :send alert email when 200 is not returned<br />
#Author :Brian Nelson<br />
#Email :brian[at]briansnelson.com<br />
#######################################################################################<br />
#Check the Status of a site<br />
SC=$(curl --silent -IL $1 -A "Website Checker - https://briansnelson.com/Bash_Script_to_Check_Site_Code_Status_with_Email_Alert" | grep ^HTTP | awk '{print $2}'); <br />
##Now lets check if it gives a 200<br />
if [ "$SC" != "200" ]; then <br />
#echo 'Site Error!!!!'<br />
echo "Alert for $1 - Error Code $SC" | /usr/bin/mail -s "Alert for $1" 555555555[at]vzwpix.com<br />
else<br />
#echo 'Site Working'<br />
fi<br />
<br />
After creating your script make sure to make it executable <br />
chmod +x alertsitedown.sh<br />
<br />
===Usage===<br />
<br />
Very simple usage, set it up as a cronjob<br />
<br />
crontab -e<br />
<br />
Run every minute for best results<br />
<br />
* * * * * /bin/bash /<location of script>/alertsitedown.sh https://briansnelson.com/<br />
<br />
Replace our domain with the domain you wish to check, and there you go, a site down script checker.<br />
<br />
===Download script to your Server===<br />
<br />
It has come to my attention that you can not copy and paste the above code without an error to get around this you can download the script<br />
<br />
wget https://briansnelson.com/stuff/alertsitedown.txt -O alertsitedown.sh ; chmod +x alertsitedown.sh<br />
<br />
Just make sure to change the email in the script or it will not send, I like to get the alerts to my cell phone via a text message</div>Brianhttps://briansnelson.com/Bash_Script_to_Check_Memory_with_Email_Alert_when_LowBash Script to Check Memory with Email Alert when Low2018-11-08T00:35:28Z<p>Brian: /* Setting up the Cron */</p>
<hr />
<div>==Bash Script to Check Memory with Email Alert when Low==<br />
<br />
One of the critical components of a server is memory (RAM), it greatly impacts on overall performance of a system.<br />
<br />
In this how-to, we will share a small but useful shell script to send an alert email to one or more system administrator(s), if server memory is running low.<br />
<br />
This is script is particularly useful for keeping an eye on Linux VPS (Virtual Private Servers) with small amount of memory, say of about 4GBs.<br />
<br />
This is how the bsCheckMemory.script script works: first it checks the free memory size, then determines if amount of free memory is less or equal to a specified size (50 MB for the purpose of this guide)<br />
<br />
If this condition is true, it will generate a list of the top 10 processes consuming server RAM and sends an alert email to specified email addresses.<br />
<br />
===MemoryCheck Script===<br />
<br />
#!/bin/bash <br />
########################################<br />
## declare mail variables<br />
##email subject <br />
subject="Server Memory Status Alert"<br />
##sending mail as<br />
from="memorycheck@briansnelson.com"<br />
## sending mail to<br />
to="webmaster@briansnelson.com"<br />
## send carbon copy to<br />
##Like to also send to my phone <br />
also_to="phonealert@att.net"<br />
<br />
## get total free memory size in megabytes(MB) <br />
free=$(free -mt | grep Total | awk '{print $4}')<br />
<br />
## check if free memory is less or equals to 50MB<br />
if [[ "$free" -le 50 ]]; then<br />
## get top processes consuming system memory and save to temporary file <br />
ps aux --sort -rss | head -n11 >/tmp/top_memory.txt <br />
<br />
file=/tmp/top_memory.txt<br />
## send email if system memory is running low<br />
echo -e "Warning, server memory is running low!\n\nFree memory: $free MB" | mail -a "$file" -s "$subject" -r "$from" -c "$to" "$also_to"<br />
fi<br />
<br />
exit 0<br />
<br />
--Note you may need to make a few changes depending on the memory limit you set and the mail program used to send the Alerts<br />
<br />
===Setting up the Cron===<br />
<br />
I would suggest running the script every few minutes to get the best results<br />
<br />
Example command if script was saved in the /root directory<br />
<br />
chmod +x /root/bsCheckMemory.script<br />
<br />
Edit your crontab<br />
<br />
crontab -e<br />
<br />
Then add<br />
<br />
*/5 * * * * /bin/bash /root/bsCheckMemory.script >/dev/null 2>&1<br />
<br />
Now you will get an alert when your memory gets below your threshold.<br />
<br />
[https://briansnelson.com/stuff/memory_usage_alert.txt Download the Memory Check Script]</div>Brianhttps://briansnelson.com/How_to_Change_Magento_2_modeHow to Change Magento 2 mode2018-11-02T19:17:25Z<p>Brian: Created page with "==How to Change Magento 2 mode (Default, Production, Development)== ===Display the Current Mode=== The easiest way to do that is to run this command as the Magento file syst..."</p>
<hr />
<div>==How to Change Magento 2 mode (Default, Production, Development)==<br />
<br />
===Display the Current Mode===<br />
<br />
The easiest way to do that is to run this command as the Magento file system owner. If you have shared hosting, this is the user your provider gives you to log in to the server. If you have a private server, it’s typically a local user account on the Magento server.<br />
<br />
bin/magento deploy:mode:show<br />
<br />
You then get a message letting you the current mode<br />
<br />
Current application mode: developer.<br />
<br />
===Magento 2 Change Modes ===<br />
<br />
Below is the basic syntax for changing the Magento 2 mode<br />
<br />
bin/magento deploy:mode:set {mode} [-s|--skip-compilation]<br />
<br />
Where:<br />
<br />
'''{mode}''' is required; it can be either developer or production<br />
<br />
'''--skip-compilation''' is an optional parameter you can use to skip code compilation when you change to production mode.<br />
<br />
With that being stated, lets show an example of changing your site to developer and production<br />
<br />
====Change to production mode====<br />
<br />
bin/magento deploy:mode:set production<br />
<br />
You then see status as it switches the site over to production, example:<br />
<br />
Enabled maintenance mode<br />
Requested languages: en_US<br />
=== frontend -> Magento/luma -> en_US ===<br />
... more ...<br />
Successful: 1884 files; errors: 0<br />
---<br />
<br />
=== frontend -> Magento/blank -> en_US ===<br />
... more ...<br />
Successful: 1828 files; errors: 0<br />
---<br />
<br />
=== adminhtml -> Magento/backend -> en_US ===<br />
... more ...<br />
---<br />
<br />
=== Minify templates ===<br />
... more ...<br />
Successful: 897 files modified<br />
---<br />
<br />
New version of deployed files: 1440461332<br />
Static content deployment complete Gathering css/styles-m.less sources. Successfully processed LESS and/or <span term-uuid="45f1f76d-91cd-4789-a8b5-1e3f321a6280" class="glossary-term" data-toggle="popover">Sass</span> files <span term- <br />
uuid="6c5cb4e9-9197-46f2-ba79-6147d9bfe66d" class="glossary-term" data-toggle="popover">CSS</span> deployment complete Generated classes:<br />
Magento\Sales\Api\Data\CreditmemoCommentInterfacePersistor<br />
Magento\Sales\Api\Data\CreditmemoCommentInterfaceFactory<br />
Magento\Sales\Api\Data\CreditmemoCommentSearchResultInterfaceFactory<br />
Magento\Sales\Api\Data\CreditmemoComment\Repository<br />
Magento\Sales\Api\Data\CreditmemoItemInterfacePersistor<br />
... more ...<br />
Compilation complete<br />
Disabled maintenance mode<br />
Enabled production mode.<br />
<br />
====Change to developer mode====<br />
<br />
When you change from production to developer mode, you should clear generated classes and Object Manager entities like proxies to prevent unexpected errors. After doing so, you can change modes. Use the following steps:<br />
<br />
If you’re changing from production mode to developer mode, delete the contents of the var/generation and var/di directories:<br />
<br />
rm -rf <your Magento install dir>/var/di/* <your Magento install dir>/var/generation/*<br />
Set the mode:<br />
<br />
bin/magento deploy:mode:set developer<br />
The following message displays:<br />
<br />
Switched to developer mode.<br />
<br />
===Special Note:===<br />
Once you switch from default mode you can not switch back to it, it has be production or developer</div>Brianhttps://briansnelson.com/How_To_Use_Systemctl_to_Manage_Systemd_ServicesHow To Use Systemctl to Manage Systemd Services2018-10-31T01:01:47Z<p>Brian: Created page with "==How To Use Systemctl to Manage Systemd Services== ===Systemd Intro=== Systemd is an init system and system manager that is widely becoming the new standard for Linux machi..."</p>
<hr />
<div>==How To Use Systemctl to Manage Systemd Services==<br />
<br />
===Systemd Intro===<br />
<br />
Systemd is an init system and system manager that is widely becoming the new standard for Linux machines. While there are considerable opinions about whether systemd is an improvement over the traditional SysV init systems it is replacing, the majority of distributions plan to adopt it or have already done so.<br />
<br />
Due to its heavy adoption, familiarizing yourself with systemd is well worth the trouble, as it will make administering servers considerably easier. Learning about and utilizing the tools and daemons that comprise systemd will help you better appreciate the power, flexibility, and capabilities it provides, or at least help you to do your job with minimal hassle.<br />
<br />
In this guide, we will be discussing the systemctl command, which is the central management tool for controlling the init system. We will cover how to manage services, check statuses, change system states, and work with the configuration files.<br />
<br />
Please note that although systemd has become the default init system for many Linux distributions, it isn’t implemented universally across all distros. As you go through this tutorial, if your terminal outputs the error bash: systemctl is not installed then it is likely that your machine has a different init system installed.<br />
<br />
===Systemd Management===<br />
<br />
For service management tasks, the target unit will be service units, which have unit files with a suffix of .service. However, for most service management commands, you can actually leave off the .service suffix, as systemd is smart enough to know that you probably want to operate on a service when using service management commands.<br />
<br />
====Restarting and Reloading====<br />
<br />
To restart a running service, you can use the restart command:<br />
<br />
sudo systemctl restart application.service<br />
<br />
If the application in question is able to reload its configuration files (without restarting), you can issue the reload command to initiate that process:<br />
<br />
sudo systemctl reload application.service<br />
<br />
If you are unsure whether the service has the functionality to reload its configuration, you can issue the reload-or-restart command. This will reload the configuration in-place if available. Otherwise, it will restart the service so the new configuration is picked up:<br />
<br />
sudo systemctl reload-or-restart application.service<br />
<br />
====Enabling and Disabling Services====<br />
<br />
The above commands are useful for starting or stopping commands during the current session. To tell systemd to start services automatically at boot, you must enable them.<br />
To start a service at boot, use the enable command:<br />
<br />
sudo systemctl enable application.service<br />
<br />
This will create a symbolic link from the system's copy of the service file (usually in /lib/systemd/system or /etc/systemd/system) into the location on disk where systemd looks for autostart files (usually /etc/systemd/system/some_target.target.wants. We will go over what a target is later in this guide).<br />
<br />
To disable the service from starting automatically, you can type:<br />
<br />
sudo systemctl disable application.service<br />
<br />
This will remove the symbolic link that indicated that the service should be started automatically.<br />
<br />
Keep in mind that enabling a service does not start it in the current session. If you wish to start the service and enable it at boot, you will have to issue both the start and enable commands.<br />
<br />
====Checking the Status of Services====<br />
<br />
To check the status of a service on your system, you can use the status command:<br />
<br />
systemctl status application.service<br />
<br />
This will provide you with the service state, the cgroup hierarchy, and the first few log lines.<br />
<br />
For instance, when checking the status of an Apache server, you may see output like this:<br />
<br />
● httpd.service - The Apache HTTP Server<br />
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)<br />
Drop-In: /etc/systemd/system/httpd.service.d<br />
└─limits.conf<br />
Active: active (running) since Sat 2018-10-27 07:33:18 EDT; 3 days ago<br />
Process: 23826 ExecReload=/usr/sbin/httpd $OPTIONS -k graceful (code=exited, status=0/SUCCESS)<br />
Process: 1462 ExecStartPre=/usr/sbin/httpd-fix-semaphore.sh (code=exited, status=0/SUCCESS)<br />
Main PID: 1503 (httpd)<br />
Status: "Total requests: 561930; Idle/Busy workers 100/0;Requests/sec: 1.83; Bytes served/sec: 3.9KB/sec"<br />
Memory: 381.2M<br />
CGroup: /system.slice/httpd.service<br />
├─ 1503 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─ 2483 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─ 2582 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─ 2667 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─16683 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─20849 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─20947 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─23829 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/tmpdomain-error-%Y-%m-%d.log 86400<br />
├─23830 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/error-ssl-%Y-%m-%d.log 86400<br />
├─23831 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/error-%Y-%m-%d.log 86400<br />
├─23832 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/tmpdomain-transfer-%Y-%m-%d.log 86400<br />
├─23833 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/tmpdomain-transfer-%Y-%m-%d.log 86400<br />
├─23834 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/transfer-ssl-%Y-%m-%d.log 86400<br />
├─23835 /usr/sbin/rotatelogs -l -f /home/a1b4417e/var/briansnelson.com/logs/transfer-%Y-%m-%d.log 86400<br />
├─23836 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
├─23837 /usr/sbin/fcgi- -DSSL -DFOREGROUND<br />
└─23844 /usr/sbin/httpd -DSSL -DFOREGROUND<br />
<br />
This gives you a nice overview of the current status of the application, notifying you of any problems and any actions that may be required.<br />
<br />
There are also methods for checking for specific states. For instance, to check to see if a unit is currently active (running), you can use the is-active command:<br />
<br />
systemctl is-active application.service<br />
<br />
This will return the current unit state, which is usually active or inactive. The exit code will be "0" if it is active, making the result simpler to parse programmatically.<br />
<br />
To see if the unit is enabled, you can use the is-enabled command:<br />
<br />
systemctl is-enabled application.service<br />
<br />
This will output whether the service is enabled or disabled and will again set the exit code to "0" or "1" depending on the answer to the command question.<br />
<br />
A third check is whether the unit is in a failed state. This indicates that there was a problem starting the unit in question:<br />
<br />
systemctl is-failed application.service<br />
This will return active if it is running properly or failed if an error occurred. If the unit was intentionally stopped, it may return unknown or inactive. An exit status of "0" indicates that a failure occurred and an exit status of "1" indicates any other status.<br />
<br />
To see a list of all of the active units that systemd knows about, we can use the list-units command:<br />
<br />
systemctl list-units<br />
<br />
===End===<br />
<br />
While systemctl operates mainly with the core systemd process, there are other components to the systemd ecosystem that are controlled by other utilities. Other capabilities, like log management and user sessions are handled by separate daemons and management utilities (journald/journalctl and logind/loginctl respectively). Taking time to become familiar with these other tools and daemons will make management an easier task.</div>Brianhttps://briansnelson.com/How_to_Disable_the_wp-cron.php_in_WordPressHow to Disable the wp-cron.php in WordPress2018-09-13T02:29:42Z<p>Brian: Created page with "==How to Disable the wp-cron.php in WordPress== WordPress uses a file called wp-cron.php as a virtual cron job, or scheduled task in order to automate things like publishing..."</p>
<hr />
<div>==How to Disable the wp-cron.php in WordPress==<br />
<br />
WordPress uses a file called wp-cron.php as a virtual cron job, or scheduled task in order to automate things like publishing scheduled posts, checking for plugin or theme updates, sending email notifications and more.<br />
<br />
By default WordPress is set up to call wp-cron.php every time someone visits your WordPress website when a scheduled task is present, to basically ask "is it time to do anything yet?".<br />
<br />
On low traffic sites this is perfectly fine, but when visitors roll in, checking multiple times for scheduled tasks can be very inefficient and lead to resource usage problems for your server, plus make your website load slower.<br />
<br />
===Disable default wp-cron.php behavior===<br />
<br />
We can easily tell WordPress to let us handle the execution of wp-cron.php with the wp-config.php file.<br />
<br />
Open your wp-config.php file with your favorite text editor <br />
<br />
vim /path/wordpress/install/wp-config.php<br />
<br />
Go to the bottom of the database settings in wp-config.php typically around line 37.<br />
<br />
Add the code below<br />
<br />
/** The Database Collate type. Don't change this if in doubt. */<br />
define('DB_COLLATE', '');<br />
<br />
Add the following line:<br />
<br />
define('DISABLE_WP_CRON', true);<br />
<br />
Now each visitor to your site will not invoke wp-cron.php<br />
<br />
===Setup manual cron job for wp-cron.php===<br />
<br />
Now wordpress still need to run the wp-cron.php file, so we will now need to a cron job for this.<br />
<br />
For most WordPress users having the wp-cron.php script run every 6 hours is perfectly fine. That would be just 4 executions in a day, compared to possibly hundreds, or even thousands if you had a lot of website traffic that day.<br />
<br />
crontab -e<br />
<br />
Add the following lines, remember to replace your path to the wp-cron.php file<br />
<br />
0 */6 * * * /bin/php -f /home/wodpress/install/directory/wp-cron.php > /dev/null 2>&1<br />
<br />
No longer will wp-cron.php be taxing your server due to increased traffic to your server.</div>Brianhttps://briansnelson.com/How_do_I_find_out_more_about_socket_files_in_/proc/fdHow do I find out more about socket files in /proc/fd2018-07-20T14:25:02Z<p>Brian: Created page with "==How do I find out more about socket files in /proc/fd?== When debugging connections you will sometimes see a socket is timing out or hanging causing issues. Example ===Ha..."</p>
<hr />
<div>==How do I find out more about socket files in /proc/fd?==<br />
<br />
When debugging connections you will sometimes see a socket is timing out or hanging causing issues.<br />
<br />
Example<br />
<br />
===Having a hanging php-fpm process that is causing max_children===<br />
<br />
First thing you will want to do is grab the longest running php-fpm process.<br />
<br />
ps aux --sort=start_time | grep ^(useraccount) | grep php-fpm<br />
<br />
Sample Output:<br />
nelsonweb 47029 2.1 0.8 916744 213880 ? SN 03:30 8:52 php-fpm: pool nelsonweb<br />
nelsonweb 11079 21.0 0.8 930156 214416 ? RN 10:02 3:11 php-fpm: pool nelsonweb<br />
<br />
Now you will want to get that pid and run an strace on it<br />
<br />
strace -p 47029<br />
<br />
Sample Output:<br />
Process 47029 attached<br />
restart_syscall(<... resuming interrupted call ...>) = 0 <br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout) <br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 1000) = 0 (Timeout)<br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout)<br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 1000) = 0 (Timeout)<br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout)<br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 1000) = 0 (Timeout)<br />
poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout)<br />
<br />
Now we know to look for fd13<br />
<br />
ll /proc/47029/fd | grep 13<br />
lrwx------ 1 root root 64 Jul 20 10:20 13 -> socket:[1820320299]<br />
<br />
Now we need to find out what socket that is (lsof it!!)<br />
<br />
lsof -i -a -p 47029 | grep 1820320299<br />
<br />
Sample output:<br />
php-fpm 47029 nelsonweb 13u IPv4 1820320299 0t0 TCP briansnelson.com:37253->255.255.255.255-static.hfc.comcastbusiness.net:7057 (ESTABLISHED)<br />
<br />
Now you know where the connection is timing out, this also works for finding out if its mysql/memcache/redis sockets.</div>Brianhttps://briansnelson.com/Deny_access_to_my_site_with_an_.htaccess_fileDeny access to my site with an .htaccess file2018-06-20T12:17:27Z<p>Brian: Created page with "==How to Deny Access to my Site with an .htaccess file== ===Deny access to files=== Denying access to specific file extensions The following code forces any file ending in .i..."</p>
<hr />
<div>==How to Deny Access to my Site with an .htaccess file==<br />
<br />
===Deny access to files===<br />
Denying access to specific file extensions<br />
The following code forces any file ending in .inc to throw a 404 Forbidden error when visited:<br />
<br />
<Files ~ "\.inc$"> <br />
Order Allow,Deny<br />
Deny from All<br />
</Files><br />
<br />
===Denying access to "hidden" files===<br />
File names beginning with a dot are considered "hidden" by UNIX. Usually, you don't want to serve them to visitors.<br />
<br />
RedirectMatch 403 /\..*$<br />
Deny access to folders<br />
<br />
===Denying access to a directory listing===<br />
If you don't have an index file in your directory, all of your files are listed in a directory list for anyone to view. The following code forces this directory listing to throw a 404 Forbidden error instead when visited:<br />
<br />
Options -Indexes<br />
<br />
===Denying access during a specific hour of the day===<br />
If you wish to block access to files in a directory during a specific time of day, then you can do so by adding the following code to an .htaccess file:<br />
<br />
RewriteEngine On<br />
# If the hour is 16 (4 PM) <br />
RewriteCond %{TIME_HOUR} ^16$<br />
# Then deny all access<br />
RewriteRule ^.*$ - [F,L]<br />
<br />
If someone visits the directory anytime between 4:00 – 4:59 pm, a 500 Internal Server error is thrown. You can also specify multiple hours as well:<br />
<br />
RewriteEngine On<br />
# Multiple hour blocks<br />
# If the hour is 4 PM or 5 PM or 8 AM<br />
RewriteCond %{TIME_HOUR} ^16|17|08$<br />
# Then deny all access<br />
RewriteRule ^.*$ - [F,L]<br />
<br />
===Denying access to a directory===<br />
If you have a directory named 'blah' that you want to block, but it can occur anywhere in your directory tree, use the following:<br />
<br />
RewriteEngine On<br />
RewriteRule (^|/)topsecret(/|$) - [F]<br />
<br />
===Denying access from specific IP addresses===<br />
<br />
If you have problems with certain visitors to your website, you can easily ban them. There are two different ways to ban visitors:<br />
<br />
Using their IP address, or the domain name from which they are visiting.<br />
<br />
Here's an example that denies a user by their IP address:<br />
<br />
deny from 192.236.241.100<br />
<br />
When the user tries to connect to your site from that specific IP, they see a 403 Forbidden page instead. If you want to block an entire block of IPs, just leave the last octet off. For example:<br />
<br />
deny from 192.236.241.<br />
<br />
This denies access from anyone using an IP in the range from 192.236.241.0 all the way up to 129.236.241.255.<br />
<br />
===Allowing access from a specific IP===<br />
If you need to deny access to your site to everyone while still allowing yourself or another specific IP address to visit it, you can use something like this:<br />
<br />
order deny,allow<br />
deny from all<br />
allow from <YOUR_IP_ADDRESS><br />
<br />
===Denying access from a specific domain===<br />
This denies access from anyone connecting to your site from www.example.com. If someone clicks on a link at example.com that redirects to your site, they then see a 403 Forbidden error:<br />
<br />
SetEnvIfNoCase Referer "example.com" bad_referer<br />
Order Allow,Deny<br />
Allow from ALL<br />
Deny from env=bad_referer<br />
<br />
This example throws a 500 Internal Server Error for anyone linking from example.com:<br />
<br />
RewriteEngine on<br />
RewriteCond %{HTTP_REFERER} example\.com [NC,OR]<br />
RewriteRule .* - [F]<br />
<br />
The following example redirects any visitor connecting from example.com to google.com:<br />
<br />
RewriteEngine On<br />
RewriteCond %{HTTP_REFERER} ^http://example.com/<br />
RewriteRule /* http://www.google.com [R,L]</div>Brian