Author Archives: admin

How to solve WordPress login hack attempts

Today I will show you how one way how to stop wordpress login hack attempts without using a plugin.

This is my second post about WordPress ive decided to publish (you can see the first one here). Is not strictly about wordpress though and can be adapted for a variety of situations where you want to stop multiple unwanted requests to your web server.

If you are like me and do not want to add another plugin to bloat your wordpress installation even more then this is one method you can use to block (or redirect) persistent ips from trying to log in.

Firstly you obviously know that this is happening probably from your apache or nginx access logs. I will focus on apache for this tutorial. In the access logs you will see something like this –

1.2.3.4 date time "POST /wp-login.php HTTP/1.1" 200 3813 etc etc

In the example above the 1.2.3.4 is the ip address of the user attempting to login. So you now want to get a list of ALL ip addresses doing it –

grep "POST /wp-login.php" | awk '{print $1}' | sort | uniq

the awk prints the first column which contains the ip address. sort and uniq is a simple way to remove duplicate ip addresses from your output.

the .htaccess file is the key to blocking these ip addresses, or what I have decided to do on one of my domains is to redirect them to a paying url through shorte.st which might earn me a few $ who knows. To add the redirect into .htaccess you need this –

For each line you then need to generate something like this for each record –

RewriteCond %{REMOTE_ADDR} ^1\.2\.3\.4 [OR] RewriteCond %{REMOTE_ADDR} ^2\.3\.4\.5 [OR] RewriteCond %{REMOTE_ADDR} ^3\.4\.5\.6

Notice the last one does not have the OR on the end.

Heres a quick hack script based on the previous grep to make the total list (in BOLD I have added an exclusion grep for you to add your own ip address and anyone else you DO want to let have access) –

grep "POST /wp-login.php" | awk '{print $1}' | sort | uniq | grep -v -E "ENTER YOUR IP ADDRESS AND ANY OTHERS YOU WANT TO EXCLUDE FROM THIS RULE | SEPERATED" | while read LINE ; do echo "RewriteCond %{REMOTE_ADDR} ^${LINE} [OR]" done | sed "s/\./\\\./g"

Now you can edit your website .htaccess and paste in the rows the script above has produced (remember to ignore the OR on the last record) –

RewriteEngine on --enter all your records here RewriteRule wp-login\.php http://sh.st/TI9m1 [R,L]

for testing it is probably a good idea to add your own IP address in the .htaccess file so you can prove it works as you want, and then remove it after you are happy.

This is just 1 solution out of probably many, and may not suit everyone, but hope it helps someone !

Have fun blocking those hackers (and maybe making some cash when they go through your redirect link as well) !!

How to embed a tweet in a wordpress post

This post has a very simple aim.. to show you how to embed a tweet in a wordpress post. This helps make your wordpress blog posts more interactive and useful for your visitors who use the popular social networking platform Twitter.

Although this may not seem a particularly relevant post for my website, in previous posts I have shown you how to post to twitter from a bash script, as well as my method for getting tags from wordpress posts that you can then use as hashtags on Twitter, therefore this post is simply an extension of the reverse of PRODUCING a tweet, by displaying it on your blog.

Many people say that Twitter is a beautiful thing, and any specific tweet has its own charm. WordPress has embraced that and made it very simple (if you know how..) to embed a tweet into your blog.

So how to do it then….

First you are looking at your twitter stream like the picture below (just for fun showing Justin Bieber posts…) –

Tweet in a wordpress post – Justin Bieber in my twitter stream

So what WordPress needs is simply the twitter url. To get that simply click on the boc around the post and it appears in a new popup like this –

Justin Bieber related tweet

Ive circled the url you need at the top of the pic above.

All you have to do is paste that url into your blog post on a NEW LINE and the tweet will appear in all its glory in your post. So there you go, thats how to put a tweet in a wordpress post.

An example –

How to solve WordPress login hack attempts – https://t.co/YPhDglgQOc via @bashworkz #bash #bashtips #wordpress #tutorial #bashscript

— bashworkz (@bashworkz) March 28, 2016

If you find this post useful then check out some more from my site !! There are plenty more technical tips for Unix Administrators including bash scripts, useful tools, for a variety of uses. And if you feel inclined follow us on Twitter HERE

MySQL get list of WordPress tags for a specific post

SQL get list of WordPress tags for a specific post

MySQL get list of WordPress tags for a specific post

In this tutorial I will show you how to get a list of tags for a specified post ID from your MySQL (or other) database.

WordPress can be quite complex at times, and personally I found this one quite a challenge, so ended up searching Google to find the answer.

So anyway here is the SQL you need to do the job –

SELECT slug FROM wp_terms INNER JOIN wp_term_taxonomy ON wp_term_taxonomy.term_id = wp_terms.term_id INNER JOIN wp_term_relationships ON wp_term_relationships.term_taxonomy_id = wp_term_taxonomy.term_taxonomy_id WHERE taxonomy = "post_tag" AND object_id = XX;

Obviously you replace the XX on the last line with the post id you want to get a list of tags for.

Another useful bit of SQL to get post id and post title from your database is this –

select ID,post_title from wp_posts;
From this you can work out which post you need the ID for and paste it into the code above to get the tags.

My personal use for this was some integration with one of my previous posts ‘How to post to Twitter using bash script‘. It occurred to me that the tags from a post are probably suitable to use as hashtags in a tweet to Twitter.

One possible issue you could run into if you have many tags on your post is the twitter limit on tweet size. One method to remove that in your bash script is to count characters in your string before posting it using something like ‘wc -c‘. Another less accurate method could be when you are parsing the output list of tags from the SQL to limit it to a specific number of terms.

Hope that helps you in your quest to post tweets with related hashtags based on your wordpress database. You can check out more of my bash script tips and code snippets here –

Full credit for the SQL should go to this website which told me the answer – http://gabrielharper.com/blog/2012/07/sql-to-get-post-tags-in-wordpress/

Upgrade Plex Media Server (Centos, Ubuntu, Fedora)

How to Guide – Upgrade Plex Media Server on Linux

Upgrade Plex Media Server on Linux (Centos, Ubuntu, Fedora)

Plex Media Server is a pretty cool product for storing and watching your videos, movies, or listening to music on any device mobile or desktop. If you have read or used my other article for Installing Plex Media Server then at some point in the Plex Browser or application you will come across the notification saying that Plex Media Server has an upgrade available.

Unfortunately if your Plex Media Server is on Linux this is not possible to do using the application, so it needs a teeny bit of command line code to make it happen. So here is my simple step by step guide for how to do upgrade Plex Media Server.

1) First you need to download the new version of Plex Media Server. You can get that from https://plex.tv/downloads.

How to Guide – Download new version of Plex Media Server and upgrade

If you are unsure whether your server is 32 bit or 64 bit you can find out by typing this in on the command prompt. Log into your server as root and do this –

uname -a Linux vs3 2.6.32-042stab102.9 #1 SMP Fri Dec 19 20:34:40 MSK 2014 x86_64 x86_64 x86_64 GNU/Linux

From the above you can see that my server is 64 bit (x86_64). Now you are logged in you can download the package from there as well. Right click on the 64 bit version for your appropriate distribution (mine is CentOS) and copy link address. Then download the package like this –

cd /tmp wget https://downloads.plex.tv/plex-media-server/0.9.15.6.1714-7be11e1/plexmediaserver-0.9.15.6.1714-7be11e1.x86_64.rpm

Obviously the above url will change with each release so just paste what you copied from the website in.

2) Now you need to stop Plex Media Server. On CentOS this is done like this –

service plexmediaserver stop

If that doesnt work for you then have a check in /etc/init.d there is normally an init script there you can use to stop and start the service.

3) Time to Upgrade Plex Media Server

CentOS –
yum localupdate plexmediaserver-0.9.15.6.1714-7be11e1.x86_64.rpm

An error I have seen regularly when updating Plex is this –

semodule: SELinux policy is not managed or store cannot be accessed. warning: %post(plexmediaserver-0.9.15.6.1714-7be11e1.x86_64) scriptlet failed, exit status 1 Non-fatal POSTIN scriptlet failure in rpm package plexmediaserver-0.9.15.6.1714-7be11e1.x86_64

Do not worry, on my server I have selinux disabled so think it is related to that. It really doesnt matter and doesnt affect the running of Plex Media Server.

Debian/Ubuntu –
dpkg -i plexmediaserver-0.9.15.6.1714-7be11e1.x86_64.deb

4) Start back up the Plex Media Server after the upgrade. Basically the reverse of how you stopped it in step 2, so on CentOS like this –

service plexmediaserver start

You should then be able to log back in on your browser and the update message for Plex should have gone.

Bash remove duplicate lines without sorting

Bash remove duplicate records without sorting

Bash remove duplicate lines without sorting

One of the most frequent requirements I face when bash scripting, is to extract a column of data from an input file, find each unique value from within a number of rows, and then do something with that output. The standard way I achieve that is something like this –

cat file1.txt | sort | uniq > file2.txt

What the above does is to first sort the input file, and then (the limitation of uniq) is that it will only unique on ADJACENT lines of a file, that is the reason why you need to sort it first.

That works perfectly well in 99% of cases, but on that rare occasion the step following that ‘unique’ phase might need the output to be in the same order as the input file was.

There are 2 ways to achieve this and I will demonstrate both below. First as an example here is my input file –

aaa bbb rrr fff aaa iii yyy fff

As you can see there are 2 x aaa records, and also 2 x fff records in the file.

So here we go with..

Method 1 which I will call RECORD LEVEL INDEXING

Here is the full command (i will explain each part below) –

cat -n file1.txt | sort -uk2 | sort -nk1 | cut -f2-

OK, an explanation what that is doing… A great command for numbering records is ‘cat -n’

cat -n file1.txt

1 aaa 2 bbb 3 rrr 4 fff 5 aaa 6 iii 7 yyy 8 fff
so now you have numbered output. So now what you want to do is sort it on unique values in column 2 –

cat -n file1.txt | sort -uk2

-u means unique
-k2 meand key 2 or column 2

That outputs this –

1 aaa 2 bbb 4 fff 6 iii 3 rrr 7 yyy

as you see the values you are interested in are now unique, BUT they are in not in the original sequence. Therefore now you want to re-sort the file based on the FIRST column which is the index / record number –

cat -n file1.txt | sort -uk2 | sort -nk1

-n means numeric sort
-k1 says to use key/column 1

1 aaa 2 bbb 3 rrr 4 fff 6 iii 7 yyy

Your file is now in both unique, and in the correct order. But you are not interested in the index number now, so lets strip that out –

cat -n file1.txt | sort -uk2 | sort -nk1 | cut -f2-

aaa bbb rrr fff iii yyy
Job done!

Method 2 I will call AWK ARRAY MAGIC

cat file1.txt | awk '!x[$0]++'

Perfectly clear what that is doing yeah….?? So $0 has the entire contents of the line and the [ ] put that into an array element. the element is incremented (++) and the ! states that it will be printed if the element was not already set.

Bash Remove Duplicate records – Performance of each method

Quick reminder of both methods –

1) cat -n file1.txt | sort -uk2 | sort -nk1 | cut -f2-
2) cat file1.txt | awk '!x[$0]++'

The time command gives the best output for performance of a command. It is always best to run the command 2 or 3 times to get an average.

The best for Method 1 –

real 0m0.004s user 0m0.001s sys 0m0.003s

The best for method 2 –

real 0m0.003s user 0m0.000s sys 0m0.002s

Therefore on this TINY file you can clearly see that method 2 performs best. How this reacts on say a file with 1000 or 10000 or 1 million rows you can test yourself.

Have fun!

Troubleshoot Site to Site VPN on Sonicwall Routers

How to Install, Configure and Troubleshoot Site to Site VPN on Sonicwall

Site to Site VPN between 2 Sonicwall routers is fairly easy to configure using the wizards on both routers. There are 100 guides out there how to do this but I found this one from the Dell site the most useful – HERE

BUT if you are inexperienced in configuring them then there is 1 big issue that might leave you tearing your hair out. I will explain below the issues (and SOLUTION) when I configured my Site to Site VPN on 2 Sonicwall routers.

Example Situation (I faced myself)

Site to Site VPN Sonicwall – Install, Configure, Troubleshooting

Situation is you have configured the VPN and you see the GREEN status on both routers.

Everything looks good, you go to the diagnostic menu on Site A router (192.168.1.1) and ping the router at Site B (192.168.2.1) and it replies it is Alive!

You do the same test on the router at Site B (192.168.2.1) and ping the router at Site A (192.168.1.1) and it is Alive!

Everything seems as simple as the 100 step by step guides say it should be, until…..

You are on Site A router (192.168.1.1) and you try to ping the server on Site B (192.168.2.101)…. ping fails… what the hell…

Now you think there must be a firewall rule blocking the ping on one of your routers (Site A or Site B). Checking them all it looks fine..

OK so how about a local ping… From Site B router (192.168.2.1) you ping the Site B Server (192.168.2.101) and it works!

You then ping locally from the Server at Site B (192.168.2.101) to the router at Site B (192.168.2.1) and it works!

Locally at Site B therefore everything looks fine.

You do the same tests on Site A between Server and router both ways and all works.

So your issue only happens when you pass through the Site to Site VPN tunnel.

Head hurting yet?? Dont worry the solution is simple.

What we didnt say much earlier, was that Site A Server (192.168.1.101) has 2 interfaces in it (eth0 local, eth1 public)

When we want to talk through the VPN from Site A to Site B we are trying to speak from 192.168.1.0 network to 192.168.2.0 network.

Site A Server has no idea where 192.168.2.0 network is, it knows about its public external ip from eth1, it also knows about its local network 192.168.1.0 from eth0, so we have to tell it how to get to 192.168.2.0.

To get to Site B we want to tell the server to use our local network (192.168.1.0) and push requests to our Site A router (192.168.1.1)

Create the following file /etc/sysconfig/network-scripts/route-eth0 and put in the following –

ADDRESS0=192.168.2.0 NETMASK0=255.255.255.0 GATEWAY0=192.168.1.1

That says for all traffic trying to get to 192.168.2.0 then send it to 192.168.1.1 (our local Site A router) then the VPN will work its magic and get to the remote end

After creating the file you need to restart the network –

service network restart

The key to this whole problem and solution was multiple network interfaces. It will not happen on a standard pc with only 1 interface as ALL traffic has no choice but to use the single interface. But on a multi-interface system then you need to tell it how to get there.

We can add 1 other element to the overall situation (should be becoming clearer now anyway), and that is you have multiple Site to Site VPNs.

If you had a Site C with router, server, pc the same just using 192.168.3.0 network, then in /etc/sysconfig/network-scripts/route-eth0 you would simply add another route to the file like this –

ADDRESS0=192.168.2.0 NETMASK0=255.255.255.0 GATEWAY0=192.168.1.1 ADDRESS1=192.168.3.0 NETMASK1=255.255.255.0 GATEWAY1=192.168.1.1

And restart your network to pick up the new route –

service network restart

How to Install and Configure DHCP Server on Centos 6

Install and configure DHCP Server on Centos 6 – #ilovebash

How to Install and Configure DHCP Server on Centos 6

DHCP Server – DHCP (Dynamic Host Configuration Protocol) is the protocol used to assign IP addresses (and gateway and DNS servers) to new clients on a specific local network.

Installation of DHCP Server on Centos 6

As a first step you should ensure that your operating system software is up to date using yum –

yum update

Step 2 – Install DHCP Server and client

yum install dhcp

Step 3 – Configuring DHCP interface

You need to ensure that your server has an IPADDR on the network you want to act as a DHCP Server for. Check your interface files in /etc/sysconfig/network-scripts as below –

[root]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 HWADDR=00:25:90:DE:44:17 TYPE=Ethernet ONBOOT=yes BOOTPROTO=none IPADDR=192.168.2.123 NETMASK=255.255.255.0 GATEWAY=192.168.2.1

You can see from the above that your interface you want to use is eth0, and that it can provide ip addresses for the 192.168.2.0 network.

Step 4 – Configure DHCP Server to use eth0 as the interface for ip address allocation

Edit the file /etc/sysconfig/dhcpd and set the line as below –

DHCPDARGS=eth0

Step 5 – Configure your DHCP Server network, ip range, and gateway

Next file to edit is /etc/dhcp/dhcpd.conf and set the following –

option domain-name "yourdomain.com"; option domain-name-servers 8.8.8.8, 8.8.4.4; default-lease-time 600; max-lease-time 7200; log-facility local7;

subnet 192.168.2.0 netmask 255.255.255.0 { range 192.168.2.200 192.168.2.254; option broadcast-address 192.168.2.255; option routers 192.168.2.1; }

As you can see the parameters above are pretty self explanatory. In the above example I have specified Google Public DNS servers (8.8.8.8 and 8.8.4.4) for convenience, you can just as well specify your own local DNS Servers.

The above example also allocates the ip range from 192.168.2.200 – 192.168.2.254 for the DHCP Server to use to allocate to client connections.

And I have set the option routers 192.168.2.1 to the default route needed (copied from my ifcfg-eth0 file)

One mistake it is easy to make is to forget to put the semi-colon on the end of each line (it will be obvious to you if it fails to start on the next step)

Step 6 – Start the DHCP Server Service

service dhcpd start

Step 7 – And configure DHCP to auto start after a server reboot

chkconfig dhcpd on

Thats it. You can see debug messages as new clients use your DHCP Server in the system messages file /var/log/messages as well as any error messages it encounters.

Download Facebook video CentOS (Linux), Windows, Mac

Download Facebook Video – How to download video from Facebook

Download Facebook video CentOS (Linux), Windows, Mac

Todays post shows you how you can download Facebook video using Linux (and Windows and Mac). It is really an update to one of my other posts you can see HERE which gives you installation and usage details for how to download videos from Youtube.

With billions of users around the world, Facebook is THE BIGGEST and MOST POPULAR social network in the world. Every day there are 500,000 videos uploaded to the platform which are shared to all of those users. Videos and Pictures are integral to the appeal of the platform, enabling users to share their experiences with their friends and the world. Popular brands also use videos and pictures to enhance their social appeal (if a picture speaks a 1000 words, then a video speaks a million words!!)

youtube-dl is not just capable of downloading videos from Youtube, but it has a list of 100s of sites you can use it with. Check out the full list HERE

Installation of youtube-dl to download Facebook video

Full instructions can be found HERE as suggested above.

Download Facebook Video – Usage

The steps are very simple. First you need the url of the Facebook video you want to download. See the picture below as an example –

Download Facebook Video – How to download facebook video

As shown in the pic above right click on where it says VIDEO, and click on ‘save link as’ in your browser.

Now you have the url you need in your clipboard. Back on your linux server you just paste the url into youtube-dl like this –

youtube-dl ""

As said in my other post there are a LOAD of options to youtube-dl to extract title, determine output file name etc etc so check out the youtube-dl help page –

youtube-dl -h

Have fun !!

Background Bash Script – Push bash script to background

ilovebash

Background Bash Script – Push a running bash script to continue in the background

Background Bash Script – Running a bash script in the background is a simple task using nohup, but what is less known is how to force an already running script to continue in the background freeing up your terminal for other tasks.

We have all had the situation with a chunky bash script running and you need to reboot your pc, or pop out of the office and dont want to leave the script running visible on your monitor. Whatever the reason, its something that is a useful took to have as and when you need it.

Just to cover the nohup option to START a script in the background you can do this –

nohup &

Ok so now for the main topic of this post which covers you if your script is ALREADY running, and you do not want to kill it, but force it to run in the background.

How to force your script to run in the background

Background Bash Script – There are 2 steps to achieve this –

1) First you need to ‘pause’ the running script. To do this press and z keys. This will stop the script from continuing but does NOT kill it.

2) Force the script to continue running in the background. To do this type in bg . The script will then continue as normal. You can even log out if you want and the script will still continue.

The other task you might then want to do is to bring the background job to the foreground. To do this just type fg and it will continue on your current session.

Hope you found this post useful! Check out my other Bash tips HERE or Centos / Linux tutorials HERE

.გე domain – Georgian Mkhedruli Alphabet

.გე domain – Georgian Mkhedruli Alphabet International Domain Name

გე domain - url showing in latin translation in chrome - georgian mkhedruli translation of url in address bar

გე domain – Georgian mkhedruli alphabet international domain name

Launched on 20th January 2016 to the Georgian media, .გე domain is the mkhedruli alphabet international domain name for the Republic of Georgia.

Registrations can be made (according to the schedule) at http://რეგისტრაცია.გე

Hints and Tips –

How to make your browser display Georgian Mkhedruli alphabet addresses correctly – Click Here

Follow the გე tag on Facebook – Click Here and facebook page – https://www.facebook.com/mkhedrulige/

Back in 2012 Georgia (and the company I work for ITDC) started the process with the Georgian Government and ICANN to establish the Georgian Mkhedruli. There were many things to consider including –

Which physical string to use for the transliteration
Preparation of the infrastructure to ensure availability and resilience of the domain
Completing the relevant ICANN documentation in order to satisfy them that we had made all appropriate steps and preparation for the delegation of the გე TLD

We (and the Georgian government) hit issues regarding all of the above including which string we were to use. There were multiple options including გე, გეო, მკ, სა and probably more as well. Whichever was chosen would have pros and cons attached to it, and after a lot of time it was decided that the mkhedruli alphabet of the current .ge domain was going to be the easiest for a Georgian to remember.

Following approval from both ICANN and the Georgian National Communications Commission in January 2015, we launched the TLD to the Georgian media on 20th January 2016 at the Tbilisi Marriot Hotel.

Following the delegation of the გე domain the next steps for implementation include advance registration for copyright holders, allocation of relevant domains for use by the Georgian Government, followed by General Sale to the Georgian public. These steps should be completed during 2016.