Database won’t start? InnoDB errors are a pain. Where was krypted for a month? Did everything finally get to me and I gave up blogging? No, the site ended up having some problems with corruption in some rows of the InnoDB tables. But, I was able to get the site back up by putting the database into recovery mode. How did I do this? It’s pretty straight forward. Open my.cnf and paste these lines in there:
Once the corruption is resolved, bring up empty databases and import your mysqldump into the new databases and link your site back up. But, the InnoDB force recovery puts the database into recovery mode, which is read only. So I wasn’t actually able to use the site, just look at it. At least the content was available, right? When MySQL isn’t writeable, you can’t log in as an admin, etc. The rest is one of the bigger pains I’ve encountered that didn’t result in an all nighter at a customer. I’ll write that up when I have time some day. In the meantime, next time someone changes my root password and breaks my backup scripts so I can’t just bring in a mysqldump, I’m breaking their arms. You’ve been warned.
krypted May 15th, 2015
Pow is a Rack server for OS X. It’s quick and easy to use and lets you skip that whole update an Apache file, then edit /etc/hosts, ethane move a file, then run an app type of process. To get started with Pow, curl it down and pipe it to a shell, then provide the password when prompted to do so:
odr:~ charlesedge$ curl get.pow.cx | sh
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 9039 100 9039 0 0 10995 0 --:--:-- --:--:-- --:--:-- 10996
*** Installing Pow 0.5.0...
*** Installing local configuration files...
*** Installing system configuration files as root...
*** Starting the Pow server...
*** Performing self-test...
For troubleshooting instructions, please see the Pow wiki:
To uninstall Pow, `curl get.pow.cx/uninstall.sh | sh`
To install an app into Pow, create a symlink to it using ln (assuming ~/.pow is your current working directory):
ln -s /path/to/myapp
Then just open the url, assuming my app is kryptedapp.com:
Pow can also use ~/Library/LaunchAgents/cx.pow.powd.plist to port proxy. This allows you to redirect different apps to different ports. When pow boots, it runs .powconfig, so there’s a lot you can do there, like export, etc. Once you’re done testing out pow, if you don’t decide it’s awesome, remove it with the following command:
curl get.pow.cx/uninstall.sh | sh
krypted February 2nd, 2015
Yesterday, I wrote an article on technical writing. Today, I’m laying out a few basic rules with regards to when to capitalize things. This is pretty straight forward but I find it can help to remember the rules to lay them out in a basic way. These things should have their first character capitalized:
Finally, it’s worth mentioning that writing such as this is a blog. While I don’t like that word, I find that such writing typically frequently allows the writer a certain amount of flexibility with regards to grammatical rules (for better or worse). This could be due to the fact that much of what’s written is done in the middle of the night. While this isn’t an excuse to use poor grammar it does tend to mean a less stringent editorial process over the grammar used. In other words, read/use the content at your own risk.
Note: At the request of my readers I’d be happy to write a follow-up article on when to capitalize assets, but I might have to bust out some of my books from Accounting 101 in college to do so!
krypted August 25th, 2013
When doing updates in WordPress, upgrading the WordPress version or the Plug-Ins causes the site to enter into Maintenance Mode. While in Maintenance Mode, a message appears that says “Briefly unavailable for scheduled maintenance. Check back in a minute.” rather than the actual site. Sometimes, especially if you’re using the automatic updating functions, an update might fail and the site may be stuck in Maintenance Mode.
WordPress looks at the root level of a directory for some hidden files that can tell a site to operate in a different manner. If there’s a file called “.maintenance” then the site will display the message above. When an update of a Plug-in fails, the .maintenance file is never deleted and the site is stuck in Maintenance Mode. To correct the error, simply ftp into the root of the site and delete the file. It’s hidden, so make sure your ftp software isn’t suppressing the ability to see a hidden file.
Whatever Plug-in or update failed likely also broke something. Usually, if it’s a Plug-in then you’ll need to re-install that plug-in, as the update process removes the old Plug-in and then adds it back. If it’s a Theme, you might need to re-install the Theme.
Programmatically, you can also enable Maintenance Mode by creating this file and then disabling Maintenance Mode by deleting (or renaming) the file again.
krypted December 27th, 2012
Comments on this site have been a pain since I enabled them about 2 1/2 years ago. I believe I enabled them due to something some judgmental person said when they couldn’t comment on an article I had written. During the first year, there was a lot of fine tuning the spam blocking to try and keep out the spammy crap. That continues to be a work in progress, but it seems to be in pretty good shape.
During those couple of years I ended up racking up a queue of about 7,000 in the spam category and another 2,000+ in the pending category (which meant I need to deal with them). I was dealing with comments every day, but I’d miss a few and it built up over the course of a couple of years. Tonight, I either addressed or cleared out all but 17. My database is much happier. The 17 remaining are thoughtful questions and require thoughtful answers, so I’ll get to them when I have time to provide such an answer.
In the meantime, note that now that it’s all cleaned up, if there are any comments, feel free to post and I should actually respond at this point… Sorry for being latent on those up ’till now.
krypted June 26th, 2012
I wasn’t very happy with how images were handled on krypted.com. Which is why I added a new plugin, http://wordpress.org/extend/plugins/wp-jquery-lightbox to provide more of a lightbox feel when you click on my images.
Many of my images are pretty large, so I make them a little smaller on the site so they fit well on the page. Now, when you click on images on the site, it greys the rest of the page and zooms in on the image. I’ve tinkered with a lot of lightbox plugins, but this one makes me happy. You just install and activate and viola, you’re done. It doesn’t get a lot easier than this and it’s a much better way than the default method for handling images in WordPress.
krypted April 17th, 2012
Posted In: WordPress
Setting up and installing WordPress is pretty straight forward. That’s not to say it’s not going to take a little work to go from 0 to 60 on a base Linux installation. But I’ll lay the work out for you so as not to be that tricky. Everything we’ll be doing will require elevated privileges, so sudo in front of each command or sudo bash before you get going.
First up, install Apache, as you’ll need a web server. I think the base apache2 config is pretty straight forward out-of-the-box:
apt-get install apache2
During installation you will be asked to type y to continue. Do that and it will finish with no major issues. Next up, install MySQL, php5, php5-mysql and phpmyadmin. We can use apt-get to knock all this out at once:
apt-get install mysql-server-5.1 php5 php5-mysql phpmyadmin
Again, you will be asked to choose whether to proceed, type y and hit enter. The next few steps will change according to versions, but for now, you’ll then be asked for a password for the MySQL root user. Provide that password and then tab to the OK button. You’ll then be asked to select which web server you are using. Assuming you did the apache2 install previously, choose Apache and then tab to the OK dialog. Then you will be asked to provide the MySQL password. This will be the password you typed earlier.
You’ll then be prompted for a phpmyadmin password, which will be a password to access phpmyadmin’s web interface. Once the installation is done, you should have a fully functional LAMP environment. I like to reboot and check syslog afterwards just to make sure that everything is in working order and not reporting any major malfunctions.
Next up, we will need to create the MySQL user and database that WordPress will use. To do so, log into phpmyadmin using a URL that begins with http:// followed by the address of your server and finally the /phpmyadmin. For example, if your server is at 192.168.210.200 then the address would be http://192.168.210.200/phpmyadmin. You will be asked to authenticate, and here you will want to use the password you provided during the phpmyadmin package installation. Once you have authenticated, click on the Privileges tab and then click on the Add a new user button.
You will then be asked to provide a username and password for the user you are creating, define what addresses that user can log in from (if you have multiple front-end servers you probably aren’t using this post to install WordPress so you might as well limit it to localhost) and most importantly you have a radio button for “Create database with same name and grant all privileges”. If you use this option then both the user and the database will be created in one step, making life pretty easy. I used wordpress as my username in the example.
Once you have all the services installed and the MySQL user and database setup, then you’re ready to install WordPress. I like to cd into /var/www and then wget the latest.zip, which always has the latest version of WordPress:
Then you want to unzip that (the unzip command is built into Ubuntu 10):
This will extract the wordpress folder into /var/www. Then make sure your admin user has permission (mine is oddly enough called cedge):
chown -R cedge:users wordpress
Now cd into the wordpress directory:
Make a copy of the main configuration template called wp-config.php:
cp wp-config-sample.php wp-config.php
And then let’s edit that new file (vi, nano, tapping directly into the Matrix, or whatever you like), looking for DB_NAME, DB_USER, DB_PASSWORD and DB_HOST. In these respective fields, put the name of the database (wordpress in this example), the username for administrative rights to the database (wordpress again in this example), the password for the database (whatever you provided in phpmyadmin’s web interface for your new user and the IP or hostname of the database server (let’s assume 127.0.0.1 if the database and web servers are the same).
Scroll down a little further until you see the Authentication Unique Keys: AUTH_KEY, SECURE_AUTH_KEY, LOGGED_IN_KEY and NONCE_KEY. You’ll want to visit the WordPress secret key generator at https://api.wordpress.org/secret-key/1.1/salt to get your keys. Then simply cut/copy/paste the whole section, commenting out the existing lines or paste the contents of each line over the line it is replacing. Once that is done save your changes to the file and exit your text editor. Now visit the address of the site followed by WordPress (ie – http://www.krypted.com/wordpress). You’ll then be able to setup WordPress for the first time.
At the first login, you will see a screen prompting you to define a title for the site (Your domain name is a pretty traditional title to use), the username you want to use to administer the site (ie – admin), the password (ie – according to the movie Hackers, god) and and administrative email address. Here, you can also choose whether you want the site to be crawled by search engines. Once you’re happy with your settings, click on the Install WordPress button down at the bottom of the page.
Now you should be able to see your first post, create posts and use WordPress. That should have been pretty painless. If it were any more painless, then I fear the dribble that people would post… Anyway, if you want the webroot (www.krypted.com instead of www.krypted.com/wordpress) to be WordPress, then you will also want to change the DocumentRoot setting in /var/www to point to the /var/www/wordpress folder in the /etc/apache2/sites-enabled/000-default file (or whichever site it is if you have multiple ones).
krypted November 30th, 2010
There are a number of ways that you can protect your WordPress site from spam bots. The first is to only allow authenticated users to post comments. Doing so can still be a bit unwieldy, but this feature is built into WordPress and so pretty straight forward to use. Some, who deal with large amounts of spam bots then choose to completely disable the commenting feature outright (Settings -> Discussion -> Uncheck Allow people to post comments on new articles), but comments can still be made on existing articles and commentary is one of the best features of WordPress for many. To stop comments on older articles, also disable commenting on older articles (same page but also choose the Automatically close comments on articles older than option as well).
No site should have to disable comments or bend to the will of a spam bot. You can also then choose (same page again) to email the administrator when a comment is made and then choose to not publish comments until the administrator approves them. But spam bots will still attack, and now you’ll just get a ton of junk email. So many will turn to plug-ins for WordPress. There are a few of those that I like a lot. One is called Invisible Defender. Invisible Defender adds a couple of fields that are suppressed using the style sheets. These invisible comment fields, because they’re not displayed to a browser should then never be filled out. Therefore, if a field is filled out, it had to have been done by a bot. Those comments are then automatically blocked.
Then there’s the ability to force captcha (shows you funny garbled letters and you type them into a verify field). Captcha for account creation means that all but the most sophisticated bots will fail. This form of forcing an additional form of verification that a visitor is a real human can then be circumvented by users of OpenID, FaceBook and other services, using plug-ins that allow those users to be authenticated through the third party (typically requires a little theme customization).
Then there are the antispambee and akismet plug-ins, which look at the actual comments and attempt to determine which ones are spam. These make a good layer of defense but should not be the only layer used. Regrettably, any time you have user generated content on a web site you are going to have automated bots attempting to do a number of things, most likely sell black market pharmaceuticals and other items of questionable origin.
There are also bots that attempt to exploit the login page of the WordPress admin (<DOMAIN>/wp-admin.php or /wp-login.php. These are defeated an entirely different way. One of the best strategies is to lock out those who have attempted a number of invalid attempts that exceeds a threshold that you define. Amongst those is Login Lockdown WordPress Security. Another layer for protecting the administrative side of the site is to add an .htaccess file to provide an additional layer of security on top of WordPress. You can also change the URLs of your login page, which I usually use a plug-in called Stealth Login for.
Finally, I like to back up WordPress in an automated fashion. There are a lot of plug-ins to do this, but I’ve always used WordPress Database Backup. Why? Because it works every time I tested it. I haven’t even bothered to test a good backup and restore for another software package because WordPress Database Backup always works, backs up data to another server I have, and it hasn’t failed me yet. I always test the restores of data that I’m backing up and I recommend that you test this (mileage may vary) if you choose to put it into production as well (false senses of security are in many cases worse than no security).
krypted September 28th, 2010
Posted In: WordPress
I just can’t help myself. Every now and then I get a bug up my butt to go messing around with Krypted.com. In this case, I was tired of looking at some broken elements from the page and the front end of the site in general (just felt like something I might have built in college). I also needed to upgrade the site to the latest and greatest WordPress and some of the plug-ins that I was using were broken in 3. And thus, the lightest version of the site that I think has ever gone up. The posts are all still there, so no change to the content, but a lot of stuff was removed and the site in general (I think) looks and navigates much better.
Hope you like, and thank you for continuing to come to the site and read my random meanderings!
krypted August 24th, 2010