Posts

Posted on

How To Install KernelCare on Your Linux Server

KernelCare on Your Linux Server

KernelCare is fabulous kernel update tool by CloudLinux. We started testing this kernel patch in a few servers and the result has been truly amazing, allowing us to avoid server downtime after kernel updates because of each server reboot we had to apply after the kernel was updated.

Table of Contents

Step 1. Installing Kernelcare.

 Prerequisites

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation KernelCare on your Linux server.
Install KernelCare on Your Linux Server

Step 1. Installing Kernelcare.

In order to install KernelCare on a RPM system like CentOS or RHEL, use the following commands:

rpm -i https://downloads.kernelcare.com/kernelcare-latest.x86_64.rpm

To install KernelCare on Debian based system like Debian or Ubuntu run:

wget https://downloads.kernelcare.com/kernelcare-latest.deb
dpkg -i kernelcare-latest.deb

Check the status of the live patching by running:

/usr/bin/kcarectl --info

The software will automatically check for new patches every 24 hours. To update manually, run:

/usr/bin/kcarectl --update

Note: If you haven’t previously licensed KernelCare, this will install a 30 day trial key for you.

Congratulation’s! You have successfully installed KernelCare. Thanks for using this tutorial for installing KernelCare on Linux system. For additional help or useful information, we recommend you to check the official KernelCarel web site.

Posted on

How To Install Graylog on CentOS 7

Graylog on CentOS 7

Graylog is a free and open source powerful centralized log management tool based on Elasticsearch and MongoDB. Graylog helps you to collect, index and analyze any machine logs centrally.

Table of Contents

Step 1. First let’s start by ensuring your system is up-to-date.

Step 2. Installing Java.

Step 3. Installing MongoDB.

Step 4. Installing Elasticsearch.

Step 5. Configuring Elasticsearch.

Step 6. Installing Graylog.

Step 7. Accessing Graylog.

Prerequisites

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Graylog on a CentOS 7 server.
Install Graylog on CentOS 7

Step 1. First let’s start by ensuring your system is up-to-date.

yum clean all
yum -y update

Step 2. Installing Java.

Now you will need to install JAVA, run the following command to download the RPM package using the following command:

wget --no-cookies --no-check-certificate --header "Cookie:oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u91-b14/jdk-8u91-linux-x64.rpm"

Once you have downloaded the RPM file, you can install the package using following command:

yum localinstall jdk-8u91-linux-x64.rpm

Check if it is successfully installed with the following command:

java -version

Step 3. Installing MongoDB.

MongoDB is not available in the default CentOS repository. You will need to add the MongoDB repo first:

nano /etc/yum.repos.d/mongodb.repo

Add the following contents:

[mongodb]
name=MongoDB Repository
baseurl=https://repo.mongodb.org/yum/redhat/$releasever/mongodb-org/3.2/x86_64/
gpgcheck=1
enabled=1
gpgkey=https://www.mongodb.org/static/pgp/server-3.2.asc

Install MongoDB by running the following command:

yum install mongodb-org -y

Start the MongoDB service and enable it to start on boot with the following command:

systemctl enable mongod.service
systemctl start mongod.service

Step 4. Installing Elasticsearch.

In order to install Elasticsearch using the official repository, we have to download and install the public signing key:

rpm --import https://packages.elastic.co/GPG-KEY-elasticsearch

Create and add the following in your /etc/yum.repos.d/ director:

nano /etc/yum.repos.d/elasticsearch.repo

Add the following contents:

[elasticsearch-2.x]
name=Elasticsearch repository for 2.x packages
baseurl=https://packages.elastic.co/elasticsearch/2.x/centos
gpgcheck=1
gpgkey=https://packages.elastic.co/GPG-KEY-elasticsearch
enabled=1

Now, install Elasticsearch using the follwing command:

yum install elasticsearch -y

Start the elasticsearch service and enable it to start on boot time with the following command:

systemctl enable elasticsearch.service
systemctl start elasticsearch.service

Step 5. Configuring Elasticsearch.

First, open up the Elasticsearch configuration file:

nano /etc/elasticsearch/elasticsearch.yml

Change the file as shown below:

cluster.name: graylog

Let’s prevent possible remote code executions. Add the following lines:

script.inline: false
script.indexed: false
script.file: false

Restart the elasticsearch service:

systemctl restart elasticsearch.service

Check the health of the Elasticsearch with the following command:

curl -XGET 'http://localhost:9200/_cluster/health?pretty=true'

Step 6. Installing Graylog.

We need to download and install the Graylog repository using the following command:

rpm -Uvh https://packages.graylog2.org/repo/packages/graylog-2.2-repository_latest.rpm

Install Graylog server using yum:

yum install graylog-server -y

After you have installed the Graylog Server, you have to generate secret key for Graylog using the following command:

### pwgen -N 1 -s 96 
MTtPFSMZxAvoLsUiXXauggyJ761hwkGn1ZTN2ovb8wN2tO1LzyeNbaatOrpLukp96p0MxwHQosmMGPbmw46ojnnSORVvr2

Now create a hash password for the root user that can be used to log in to the Graylog web server using the following command:

### echo -n Password | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8bmwe46b1026878e4e19398b23bd38ec221a
1
2
	
### echo -n Password | sha256sum
e7cf3ef4f17c3999a94f2c6f612e8bmwe46b1026878e4e19398b23bd38ec221a

Edit the server.conf file:

nano /etc/graylog/server/server.conf

Make changes to the file as shown below:

password_secret= MTtPFSMZxAvoLsUiXXauggyJ761hwkGn1ZTN2ovb8wN2tO1LzyeNbaatOrpLukp96p0MxwHQosmMGPborm1YRojnnSORVvr2
root_password_sha2= e7cf3ef4f17c3999a94f2c6f612e8a888e5b10268bmwe4619398b23bd38ec221a
[email protected]
root_timezone=UTC
elasticsearch_discovery_zen_ping_unicast_hosts = ipaddress:9300
elasticsearch_shards=1
script.inline: false
script.indexed: false
script.file: false

To enable the Graylog web interface, make changes to the file as shown below:

rest_listen_uri = http://your-server-ip:12900/
web_listen_uri = http://your-server-ip:9000/

After you have modified the configuration file, you can start Graylog Service using the following commands:

systemctl enable graylog-server.service
systemctl start graylog-server.service

Step 7. Accessing Graylog.

Graylog will be available on HTTP port 8080 by default. Open your favorite browser and navigate to http://yourdomain.com:9000 or http://server-ip:9000 and complete the required the steps to finish the installation.
Installing-Graylog-LoginScreen
Congratulation’s! You have successfully installed Graylog. Thanks for using this tutorial for installing Graylog in CentOS 7 system. For additional help or useful information, we recommend you to check the official Graylog web site.

Posted on

Change the Default Search URL Slug in WordPress – Easy Guide

Change the Default Search URL Slug

WordPress search URLs are not user friendly. In this article, we will show you how to easily change the default search url slug in WordPress and make it more SEO and user friendly.

Why Change Default Search URL Slug in WordPress

WordPress uses SEO friendly URL structure for all pages on your website. Typical SEO friendly WordPress URLs look like this:

http://example.com/some-page/
http://example.com/2018/03/some-article/
http://example.com/category/some-category/

As you can see, these URLs are quite easy to understand for users as well as search engines.

However, WordPress still uses non-friendly URL for search results page. A typical search URL in WordPress looks like this:

http://example.com/?s=search-term

This URL structure doesn’t match the rest of your website URLs. While some WordPress search plugins improve the search results, most don’t do anything about the search URL itself.

What if you can make your search URL look like:

http://example.com/search/your-search-term/

Let’s take a look at how to make the WordPress search page URL slug more SEO friendly.

Changing Search Page URL Slug in WordPress

For this tutorial you will need to edit your WordPress theme files. If you haven’t done this before, then please take a look at our guide on how to copy and paste code in WordPress.

Method 1. Change WordPress Search URL Slug via Functions File

This method is easier and recommended for most users.

First, you need to copy and paste the following code in your theme’s functions.php file or a site-specific plugin:

function wpb_change_search_url() {
    if ( is_search() && ! empty( $_GET['s'] ) ) {
        wp_redirect( home_url( "/search/" ) . urlencode( get_query_var( 's' ) ) );
        exit();
    }   
}
add_action( 'template_redirect', 'wpb_change_search_url' );

Don’t forget to save your changes.

You can now go to your website and try using the search feature. You will notice that the search URL looks like this:

http://example.com/search/your-search-query/

Method 2. Change Search URL Slug via htaccess File

The .htaccess file is often used to set up redirects and other website configuration tasks. You can also use it to change the default search URL slug in WordPress.

Your .htaccess file is located in your website’s root folder, and you will need to use FTP or File Manager app in cPanel to edit it. Refer to this guide, if you can’t find the .htaccess file.

In your .htaccess file, you need to paste the following code at the bottom:

# Change WordPress search URL
RewriteCond %{QUERY_STRING} \\?s=([^&]+) [NC]
RewriteRule ^$ /search/%1/? [NC,R,L]

Don’t forget to save your changes and upload the .htaccess file back to the server.

You can now go to your website and use the search feature. You will notice the search URL will now look like this:

http://example.com/search/your-search-query/

We hope this tutorial helped you change the default search URL slug in WordPress.

 

Posted on

Easy Guide to Restore the Get Shortlink Button in WordPress

In this tutorial, we will share how to restore the get shortlink button in WordPress.

What is the Get Shortlink Button in WordPress?

Get Shortlink button is a WordPress feature that allows you to easily get a short link of your WordPress blog post or page. It used to be located right next to the permalink area in the post edit screen.

However if you recently started your blog, then you will not see this feature on your WordPress site because it was removed after WordPress version 4.4.

Let’s take a look at how to bring back the get shortlink button back in WordPress.

Method 1: Using WP Bitly plugin to Add Get Shortlink Button

This method is easier and recommended for most users. This method also allows you to create custom branded short URLs for your website.

Step 1: First thing you need to do is install and activate the WP Bitly plugin. For more details, see our step by step guide on how to install a plugin in WordPress.

Step 2: Upon activation, this plugin will automatically add the Get Shortlink button on your post edit screen.

Step 3: Once you click on this button, it will show you the shortlink for your WordPress posts and pages. This shortlink can be shared in your emails and messages, so your audience can reach directly to the page.

You can also use the WP Bitly plugin to create custom branded shortlinks for your blog posts like we do on WPCademy. See our step by step guide on how to create your own customized short url in WordPress.

Method 2: Manually Adding Get Shortlink Button

This method requires you to add code to your WordPress files. If you haven’t done this before, then please take a look at our guide on how to copy and paste code in WordPress.

Step 1: You will need to add the following code to your WordPress theme’s functions.php file or a site-specific plugin:

add_filter( 'get_shortlink', function( $shortlink ) {return $shortlink;} );

Step 2: This code will add the shortlink filter to display the Get Shortlink button in your WordPress pages and posts.

Step 3: You can click on this button to get the shortlink for your post or page.

We hope this tutorial helped you bring back the Get Shortlink button in WordPress website.

Posted on

How to Scan & Detect Malware in WordPress Themes – Easy Guide

scan and detect malware in wordpress theme

WordPress Themes are ready-made layouts created for WordPress — one of the most popular content management systems used for blogging, news websites and e-commerce projects. These templates are custom solutions for building an online resource from scratch or easily revamping an existing one.

Need To Make Sure That WordPress Theme Is Free From Malware? In this blog, we will help you scan your WordPress website theme for hidden malware or malicious code along-with best plugins you can use to scan your WordPress theme for potentially malicious code.

What is A Nulled WordPress Theme?

Nulled means Cracked or Hacked Version of a WordPress Theme. Basically,its a Premium WordPress Theme which is available for free (or illegally). These themes mostly come up with the back door hack for entering your website which loosens the website security and makes it prone to hacking.

Why WordPress Themes Are infected By Malware?

WordPress is featuring premium themes in its latest versions which are highly secure and malware insusceptible. Unfortunately when it comes to free themes, they are the most easily targeted preys for web attackers. The reason behind is that downloading a free theme from an unknown source or pirated websites may affect the security of your websites.

Such themes are poorly coded and lead to create unauthorized access to websites through loopholes. An unknown source of theme may be created by a hacker who tweaks it for their own profits. There are several reasons behind the exploitation of such themes.

Some of the common reasons are:

  • ​To get a back link from the blog posts on your websites
  • For redirecting your website to spam links
  • To add adverts.
  • To create a backdoor to your website

Look For Presence Of Malicious Code in WordPress Themes

Before discussing the steps to How to Detect Malicious Code or Malware on WordPress Themes, let us hammer out the locations where the malicious code is generally inserted by the hackers. The two common locations on target of smart hackers are the footer.php file and the style.css file.

Apart from this, you should manually check all the files within the theme. The WordPress themes might include some basic files for its functioning. But, if you find additional files that are called without the .php function then your themes are injected with serious malware.

Signs that suspect your WordPress themes are infected with malicious content:

  1. Google Warning Messages: Your website will be displayed with a malware warning message with either an entirely blocked website or partially blocked website.
  2. WordPress White Screen of Death: When your website suddenly starts showing white screen of death, it means that your site is probably exploited with malware infection.
  1. .htaccess pirate: If your .htaccess file is corrupted, it keep redirecting your website to other spam links which you can’t understand.
  2. Popups: When there are several popup ads running on your website start redirecting towards malicious links or other popups if you tend to close, this means your website is a victim of malware exploitation.

Detect Malicious code in  WordPress Themes?

Performing a Google search is a good way to check if there’s a malicious code in a particular WordPress theme. If someone out there has found a malicious code in a theme they got from the same location, such a person must have sounded out a warning to others.

Initial step in discovering hidden malware or malicious code in your WordPress theme is to check if the files contained in the theme are all required

  • Scan WordPress Theme before Installation

The most frequent technique to detect malware on your installed themes is to scan your entire website. This will scan all the files on your website. You can do so in several ways:

  • Ask Google:

Google Safe Browsing is a tool that alerts the webmasters when their websites are compromised with unsafe content or malicious files.  You can use this tool to diagnose your website for surreptitious malware and resolve it.

https://www.google.com/safebrowsing/diagnostic?site=

Insert your website url in the above mentioned link and press ENTER. For example –

https://www.google.com/safebrowsing/diagnostic?site=example.com

When you press ENTER, it will provide you the Safe Browsing status of the website with the unsafe content found on your website.

  • Search Files

Make a cross file search for eval. If you find this one then the author (or someone who ripped it) has something to hide. Read more about eval(base64_decode hack.

 

  • Tools & Scanners to Detect Malware and Malicious in WordPress Themes

You can also use free malware scanners for scanning your website. A short overview of such scanners:

  • PCRisk: It is a free online tool that can be utilized to can any website for malicious codes, vulnerability exploits, infected files and other suspicious activities.
  • SiteGuarding.Com: Another popular online tool to check your website for malware and security issues.
  • After downloading the plugin or theme, The first thing you should do is to check for virus, trojans and other worms using Virus Total.

scan wp theme with virus total

  • WP Hacked Help: A free online wordpress malware scanner tool. You can scan your website for potential malware with this tool.

 

WordPress Theme Checker Plugins To Detect Malicious Code

Sometimes people download free themes from anywhere other the author’s page. The themes installed this way are poorly coded which makes it easier for hackers to insert back links to their websites.

Another effective way to deal with malicious code disguised in your free WordPress themes is to install best plugins that are designed for this purpose only.

 

​1. Theme Authenticity Checker (TAC)

tac plugin for wp theme check

TAC scans the source files of all the WordPress themes installed on your website. It takes you to the particular theme, the line number and a small piece of the distrusted code​ where the suspected malware is found. You can analyze the code and hence, easily​ remove the malware. To download this plugin, click here.

2. Quttera Web Malware Scanner​

quttera web malware scanner for wordpress

This plugin is specialised in detecting hidden malware, viruses malicious codes, spam links, blacklisting status and much more. So, you can use this tool to scan your website for free by installing this plugin. Quttera​ offers different malware cleanup plans for websites. To check these plans, you can visit the website.

​3. BulletProof Security:

BulletProof Security is one of the best wordpress security plugins of 2018, it comes with a number of salient features for WordPress security protection. This plugin has MS Malware scanner to scan each and every file present on your WordPress website. It also offers .htaccess Website Security Protection (Firewalls). Other features are login security. database backups, anti-spam and regular monitoring of website for website protection.

4. Anti-Malware​:

gotmls plugin for wp theme

Anti Malware is one of he popular plugins used to scan and detect malware from WordPress websites. Free version of WordPress offers detection of malware whereas you can also choose premium version for additional features. A premium Anti Malware plugin checks the website for brute-force attacks and DDos Attacks. You can get it here for free.

Best Tips To Make Sure That WordPress Theme is Safe.

  • Never download any free theme from other than author’s website. It can make your website vulnerable.
  • Scan your website regularly with reputable WP scanner.  It checks your website for WordPress infections like Malicious Redirects, Malware Injections, Backdoors, Google Blacklisting. We start cleaning up your website once your request is submitted.
  • Use Tools to Check Your Themes such as Themecheck.infoTheme Check & Exploit Scanner
  • Keep backup of your website at hand.
  • Make sure you have a highly secure hosting service.
  • Always use the latest version of WordPress.
  • Keep the plugins and themes up-to-date with the latest versions.
Posted on

WordPress Editor Keyboard Shortcuts

In the WordPress visual editor you can use a combination of keys to do things that normally need a mouse, trackpad or other input device. Rather than reaching for your mouse to click on the toolbar, you can use the following keyboard shortcuts:

Windows and Linux use “Ctrl + letter”, Mac uses “Command (⌘) + letter”.

Contents

1 Editor Shortcuts
1.1 Ctrl + key
1.2 Alt + Shift + key
1.3 Formatting Shortcuts
2 Keyboard Shortcuts for Comments
2.1 Activating Keyboard Shortcuts
2.2 The Meaning of Selected
2.3 Using Keyboard Shortcuts to Navigate Comments
2.4 Using Keyboard Shortcuts to Perform Actions on Comments
2.5 Bulk Actions

Ctrl + key

Letter Action
c Copy
v Paste
a Select all
x Cut
z Undo
y Redo
b Bold
i Italic
u Underline
k Insert/edit link

Alt + Shift + key

The following shortcuts use a different key combination: Windows/Linux: “Alt + Shift (⇧) + letter”. Mac: “Ctrl + Option (alt ⌥) + letter”. (Macs running any WordPress version below 4.2 use “Alt + Shift (⇧) + letter”).

Letter Action
n Check Spelling (This requires a plugin.)
l Align Left
j Justify Text
c Align Center
d Strikethrough
r Align Right
u • List
a Insert link
o 1. List
s Remove link
q Quote
m Insert Image
w Distraction Free Writing mode
t Insert More Tag
p Insert Page Break tag
h Help
x Add/remove code tag
1 Heading 1
2 Heading 2
3 Heading 3
4 Heading 4
5 Heading 5
6 Heading 6
9 Address

Formatting Shortcuts

Formatting Shortcuts while using visual editor (Since Version 4.3)

Letter Action
* Start an unordered list
Start an unordered list
1. Start an ordered list
1) Start an ordered list
## H2
### H3
#### H4
##### H5
###### H6
> transform text into blockquote
horizontal line
`..` transform text into code block

Keyboard Shortcuts for Comments

Beginning with WordPress Version 2.7, the ability to use keyboard shortcuts to browse and moderate comments was introduced. These keyboard shortcuts are designed to save time by allowing you to rapidly navigate and perform actions on comments. If your blog gets a large number of comments, you will find these shortcuts especially useful.

Activating Keyboard Shortcuts

Keyboard shortcuts are enabled on a per-user setting, and can be turned on by visiting the Profile panel in Administration > Users > Your Profile. Check the Keyboard Shortcuts checkbox to enable keyboard shortcuts for comment moderation.

Please note, the keyboard shortcuts are designed to use both hands, simultaneously, on a QWERTY style keyboard layout.

The Meaning of Selected

The keyboard shortcuts are used for navigation and for actions. For any action to affect a comment, that comment must be first selected. The comment that is considered selected is indicated with a light-blue background. By default, no comment is selected, so, you will need to press either the letter j key, or letter k key, to start navigating.

Using Keyboard Shortcuts to Navigate Comments

Navigating comments is accomplished with the j and k keys. When you first visit the Comments page, no comments is selected, so, first press the letter j, or the letter k, to select the first comment. After that, just press the letter j to move the select to the next comment.

  • Pressing j moves the current selection (light-blue background) down.
  • Pressing k moves the current selection (light-blue background) up.

Note that if you come to the bottom of a page of comments and press j again, you will be taken to the next page and the first comment of that next page will be selected. Likewise, pressing k at the top of a comment page will zoom you to the previous page, selecting the comment at the bottom of that previous page. This makes it very easy to navigate through a long list of comments to perform the necessary actions.

Using Keyboard Shortcuts to Perform Actions on Comments

For one of these actions to affect a comment, make sure the comment is first selected (see above).

  • Pressing a approves the currently selected comment.
  • Pressing s marks the current comment as spam.
  • Pressing d moves the comment to the trash (WordPress 2.9) or deletes the current comment.
  • Pressing z restores the current comment from the trash or activates the Undo when that row is selected.
  • Pressing u unapproves the currently selected comment, placing it back into moderation.
  • Pressing r initiates an inline reply to the current comment (you can press Esc to cancel the reply).
  • Pressing q activates “Quick Edit” which allows for rapid inline editing of the current comment.
  • Pressing e navigates to the edit screen for the current comment.

Bulk Actions

You can also perform an action on multiple comments at once. First, you’ll need to select the comments for the bulk action, using the x key to check the checkbox for the currently selected comment. Shift-x can be used to toggle the checkboxes, inverting their state. Once you have some comments checked:

  • Pressing Shift-a approves the checked comments.
  • Pressing Shift-s marks the checked comments as spam.
  • Pressing Shift-d deletes the checked comments.
  • Pressing Shift-u unapproves the checked comments.
  • Pressing Shift-t moves the checked comments to the Trash.
  • Pressing Shift-z restores the checked comments from the Trash.
Posted on

How To Install Foxit Reader on CentOS 7

Foxit Reader on CentOS 7

Foxit PDF Reader can be used to view, create, edit, organize, sign, scan, and OCR. It can easily export PDF files to office, PDF/A/E/X, and more. Users can collaborate, share, sign, protect, and secure documents using Foxit Reader.

Table of Contents

Step 1. First let’s start by ensuring your system is up-to-date.

Step 2. Installing Foxit PDF Reader.

Prerequisites

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation Foxit Reader on a CentOS 7 server.
Install Foxit Reader on CentOS 7

Step 1. First let’s start by ensuring your system is up-to-date.

yum clean all
yum -y update

Step 2. Installing Foxit PDF Reader.

First download the installer file according to your system requirement. Use below link to download Foxit installer:

wget http://cdn01.foxitsoftware.com/pub/foxit/reader/desktop/linux/1.x/1.1/en_us/FoxitReader1.10.0225_Server_x64_enu_Setup.run.tar.gz

Unpack the Foxit PDF Reader archive to the document root directory on your server:

tar -xvf FoxitReader1.10.0225_Server_x64_enu_Setup.run.tar.gz

Next run the following command to start the setup process of Foxit Reader:

./FoxitReader.enu.setup.1.1.0.0225(r205262).x64.run

The installation wizard is completed and to start running the application, type the FoxitReader command in the terminal and hit enter:

FoxitReader

Congratulation’s! You have successfully installed Foxit Reader. Thanks for using this tutorial for installing Foxit Reader on your CentOS 7 system. For additional help or useful information, we recommend you to check the official Foxit Reader web site.