How to Install mod_fcgid on cPanel’s EasyApache 4 with CloudLinux

Reading Time: 6 minutes

When it comes to PHP execution, mod_fcgid (also called FCGI) is one of the heavyweight contenders. There are a few rival handlers, like PHP-FPM or mod_lsapi, which come close to matching its execution speed, but they generally leave something to be desired when it comes to fine-tuning and resource consumption. FCGI is built for speed and includes a myriad of Apache directives that can be leveraged for resource regulation.

This article will cover installing mod_fcgid followed by basic configuration in a separate article. The article applies to any cPanel servers running the following operating systems:

The article will not cover EasyApache 3 (EA3). Due to the End-of-Fife (EOL) status of EA3, it is imperative that any systems running EA3 upgrade to EA4 as soon as possible. To avoid conflicts, upgrading to EA4 should be handled as an entirely separate procedure from installing mod_fcgid. If you need assistance with upgrading from EA3 to EA4, please feel free to contact our support team. If you’re running a Liquid Web Fully Managed cPanel server, our team will perform the entire upgrade procedure for you.

Expectations: Downtime & Performance

Downtime – Please plan ahead of time as this operation may cause downtime. While installing an Apache module and enabling a baseline configuration should only require an Apache restart, there may be unforeseen circumstances that require troubleshooting. This can lead to sites becoming unresponsive and/or slow.

Note
Always plan for more downtime than expected and always have a reversion plan. Allot extra time for troubleshooting, testing, and reverting all changes if necessary.

Performance – While FCGI provides superior PHP execution time, it is not a blanket fix for performance. For server optimization there will be an adjustment period for configuration tweaking.This period can take hours to weeks as it must account for the unique caveats with the specific server hardware, software, traffic habits, and many other unpredictable variables.

Note
Optimization is an ongoing, perceptual process. There is no one-size-fits-all optimized configuration. Traffic & resource usages continually change over time on all servers. Periodic evaluation and configuration adjustment are necessary to stay ahead of the curve.

 

Installation of mod_fcgid

The following steps should be followed as close to the examples as possible. Things will vary slightly depending on CentOS/CloudLinux versions, and a few other factors. The article will denote the differences where they are expected.

Step 1) [su_highlight background="#3ac6eb"]Liquid Web Servers Only[/su_highlight] Disable Mod_Zeus & Other EA3 Modules

Older Liquid Web cPanel servers with EasyApache 3 who upgraded to EA4 may find residual configs on the system that can cause conflicts in the Apache configuration. This step will help make sure these older configs are disabled. The following sed one-liner will take care of disabling the inclusion line for these modules. These modules are stored in the /usr/local/lp/configs/httpd/conf.d/ directory. This directory is typically mentioned in the /etc/apache2/conf.d/includes/post_virtualhost_global.conf config file. The sed code looks for and comments out the specific include statement for this file.

sed -i -e 's/[^#]+\(Include [/]usr[/]local[/]lp[/]configs[/]httpd[/]\)/#\1/g' /etc/apache2/conf.d/includes/post_virtualhost_global.conf

To confirm the change, print the contents of the post_virtualhost_global.conf file using cat:

cat /etc/apache2/conf.d/includes/post_virtualhost_global.conf

The output should be blank or have a commented out inclusion line like below:

#Include /usr/local/lp/configs/httpd/conf.d/*.conf

Step 2) Disable Litespeed

FCGI is not compatible with Litespeed, which uses its own mod_lsapi module to process PHP using lsphp. Disabling Litespeed in this way does not remove it from the server; it merely enables Apache as the default web server.

/usr/local/lsws/admin/misc/cp_switch_ws.sh apache

Step 3) Install mod_fcgid

The following yum command will install the necessary module:

yum install ea-apache24-mod_fcgid -y

Once completed, confirm Apache has the fcgid_module loaded:

httpd -M | grep expires\|version\|fcgid

Example output:

fcgid_module (shared)

Step 4) [su_highlight background="#3ac6eb"]CloudLinux Only[/su_highlight] Configure CageFS Map for FCGI

The following snippet will create the necessary directories needed by mod_fcgid to execute correctly. It will then add those directory entries into the /etc/cagefs/cagefs.mp file, allowing user-level access to said directories from within their caged environment. It finally forces cagefs to remount all user directories for access to the new directory on all sites.

mkdir -p /var/run/mod_fcgid /usr/share/cagefs-skeleton/var/run/mod_fcgid /run/mod_fcgid
cp -p /etc/cagefs/cagefs.mp{,.lwbak.$(date +%F_%H%M%S)}
cat <<EOF>>/etc/cagefs/cagefs.mp
/var/run/mod_fcgid
/run/mod_fcgid
/usr/local/cpanel/cgi-sys/
EOF
cagefsctl -M

Step 5) [OPTIONAL] Remove Unnecessary Writable Permission

Due to security restrictions, any website files or directories with group-writable or other-writable permissions will be denied and a 500 Internal Server Error will be displayed. The following awk one-liner uses the find command to search all DocumentRoot directories configured on the server. It is advised to run this process in a screen session as it may take an hour or more depending on the size of the file system in question. The code takes care to use nice and ionice commands to run the process as a low priority so there will be minimal impact on server load or disk I/O. All changed files and their previous permissions are recorded in the /var/log/fixperms.log file.

Step 5a) Create & Attach to a Screen Session

screen -dmS fixperms; screen -x fixperms

Step 5b) Run the One-Liner

nice -n 15 ionice -c2 -n7 awk '/DocumentRoot/{DR[$NF]=$NF}END{for (e in DR) {x="find \""e"\" \\( -type f -or -type d \\) -and -perm /g+w,o+w -printf \"%M %y %m %p\\n\" -exec chmod g-w,o-w {} +"; while(x|getline) {print $0;print strftime("%F %T %Z"),$0 >> "/var/log/fixperms.log"} close(x)}}' /etc/apache2/conf/httpd.confExit screen by holding CTRL/CMD then pressing A, then D.

 

Step 6) [OPTIONAL] Disable mod_php Directives in .htaccess Files

Another common caveat when switching to FCGI is that any existing mod_php related directives inside any .htaccess file are not compatible with mod_fcgid and will cause the site to throw a 500 Internal Server Error. So these entries need to be located and disabled or removed.  The following awk one-liner checks all configured DocumentRoot directories for .htaccess files, and if they contain a php_value or php_admin_value entry, it will disable by commentting the line out. First, an in-place backup is created of the original file. The backup is named .htaccess.bak.YYYY-MM-DD_HHMMSS. All changed files and their previous permissions are logged in the /var/log/fixhtaccess.log file.

Step 6a) Create & Attach to a Screen Session

screen -dmS fixhtaccess; screen -x fixhtaccess

Step 6b) Run the One-Liner

nice -n 15 ionice -c2 -n7 awk '/DocumentRoot/{DR[$NF]=$NF}END{for (e in DR) { x="find "e" -name .htaccess -exec grep -iEl \"^([^#]*php_(admin_)?value)\" {} +"; s="sed -i.bak.$(date +%F_%H%M%S) \047s/^\\([^#]*php_\\(admin_\\)\\?value\\)/#\\1/gi\047 2>&1";
while(x|getline) {print $0; print s,$0; print strftime("%F %T %Z"),s,$0 >> "/var/log/fixhtaccess.log"; while(s" "$0|getline y) { print y; print strftime("%F %T %Z"),y >> "/var/log/fixhtaccess.log" } close(s" "$0)} close(x)}}' /etc/apache2/conf/httpd.conf

Step 7) Rebuild Apache Config (Troubleshoot Any Errors)

The following command checks the system httpd.conf file for syntax error and if none are found, runs the cPanel httpd.conf rebuild script. Fix any syntax errors, until a clean rebuild is completed without error.

httpd -t && /scripts/rebuildhttpdconf

Step 8) [su_highlight background="#3ac6eb"]CloudLinux ONLY[/su_highlight] Setup PHP Selector

The PHP Selector feature of CloudLinux is only compatible with the inherit PHP versions in the cPanel MultiPHP Manager interface. All sites should be using the inherited version of PHP or PHP Selector will not function for that site. This only applies to CloudLinux servers.

Step 8a) Force All Sites to Use Inherited Version of PHP in MultiPHP Selector

The following command uses cPanel’s whmapi1 system to force all sites onto the inherited version of PHP in MultiPHP Manager.

/usr/sbin/whmapi1 php_get_vhost_versions | awk  -F'[: ]+' '$2~/vhost/{x="/usr/sbin/whmapi1 php_set_vhost_versions version=inherit vhost-0="$3;print x;system(x);close(x)}'

Step 8b) Disable MultiPHP Manager & MultiPHP INI Editor

The following uses the cPanel whmapi1 system to add MultiPHP Manager/INI Editor to the disabled features list.

/usr/sbin/whmapi1 update_featurelist featurelist=disabled multiphp=1 multiphp_ini_editor=1 ; /usr/sbin/whmapi1 update_featurelist featurelist=disabled multiphp_ini_editor=1

Step 9) Switch All PHP Handlers over to FCGI

The following will convert all installed PHP Handlers to using FCGI. These handlers are viewalbe through the Handlers tab of WHM’s MultiPHP Manager interface or by running the cPanel rebuild_phpconf script.

/usr/local/cpanel/bin/rebuild_phpconf --current | awk 'NR>1{x="/usr/local/cpanel/bin/rebuild_phpconf --"$1"=fcgi"; print x; system(x);
close(x)}'

To confirm the changes, run:

/usr/local/cpanel/bin/rebuild_phpconf --current

Example Output:

DEFAULT PHP: ea-php71
ea-php54 SAPI: fcgi
ea-php55 SAPI: fcgi
ea-php56 SAPI: fcgi
ea-php70 SAPI: fcgi
ea-php71 SAPI: fcgi
ea-php72 SAPI: fcgi

Step 10) Perform a Full Stop & Restart of Apache

The following script will stop Apache (gracefully if possible), and kill any unresponsive Apache & PHP processes before starting the Apache service again. It will also verify the Apache configuration syntax and will only perform the restart procedure if the syntax returns ok. This technique is handy as it is common for Apache processes to get stuck from time to time on busy servers.  This snippet deals with those scenarios after performing the humane stop request first.

httpd -t && (/scripts/restartsrv_apache stop; sleep 3; killall httpd php lsphp php-cgi; sleep 3; killall -9 httpd php lsphp php-cgi; /scripts/restartsrv_apache start) || echo Fix Apache Config and try again.

Note
Toss this snippet into an alias called apache_rescue which you can add to your ~/.bashrc for easy access to this code. Below is a one-liner that will create this alias for you and load the modified profile in your current session. Once this alias is installed, it will always be available on that  server by typing apache_rescue.

cat <<'EOF'>>~/.bashrc && source ~/.bashrc
alias apache_rescue='httpd -t && (/scripts/restartsrv_apache stop; sleep 3; killall httpd php lsphp php-cgi; sleep 3; killall -9 httpd php lsphp php-cgi; /scripts/restartsrv_apache start) || echo Fix Apache Config and try again.'
EOF

This concludes our ten step process for installing mod_fcgid onto your cPanel system.  It’s recommended to adjust FCGI settings from their default settings. Tune into our next tutorial where we’ll be advising on how to optimize FCGI for various environments.

Troubleshooting: Can’t Resolve Hostname

Reading Time: 2 minutes

You may find the “can’t resolve hostname” or “temporary failure in name resolution” error when using retrieval command like wget, cURL, ping or nslookup. There are many reasons why these commands can cause an error, including file corruption.  For the sake of brevity, we look towards commonalities between these commands to solve the issue.

These commands connect to the Internet using gateways to communicate and provide information.   If the connection from your local machine, in this case, a CentOS server, is disconnected you’ll likely run into issues trying to access the world wide web. In this troubleshooting tutorial, we’ll show you some common solutions to connectivity issues.

Step 1: Amongst many other configuration tasks, the resolv.conf file is used to resolve DNS requests. Manually editing the resolv.conf file to configure name resolution will only do so temporarily. The Network Manager controls this essential /etc/resolv.conf file to create permanent changes. So, we’ll first stop and disable the Network Manager:

Note
Be sure to run these commands as the root user, or a privileged user using sudo before each command.

chkconfig NetworkManager off; service NetworkManager stop

 

Step 2: The method for permanent changes is to edit the /etc/sysconfig/network-scripts/ifcfg-eth0 file instead of resolv.conf file. Open the file:

vim /etc/sysconfig/network-scripts/ifcfg-eth0

Next, we’ll set our DNS IP’s to use Google’s Public DNS (8.8.8.8 & 8.8.4.4).

DEVICE="em1"
BOOTPROTO="static"
DNS1="127.0.0.1"

DNS2="8.8.8.8"


DNS3="8.8.4.4"

GATEWAY="some_ip"
HWADDR="hwid"
IPADDR="some_ip"
IPV6INIT="yes"
NETMASK="255.255.255.0"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"

Save and quit the file using ESC and :wq.

 

Step 3: Enable and restart your network, using the commands associated with your server version.

CentOS 6, CloudLinux 6, RHEL 6:

chkconfig network on

service network start

 

CentOS 7, CloudLinux 7, RHEL 7:

systemctl enable network.service

systemctl start network.service

 

Step 4: Test the reachability of a host by using ping, curl, wget or any testing tool of your choice. In our example, we’ve successfully ping’d Google!  

ping google.com
PING google.com (172.217.4.46) 56(84) bytes of data.
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=1 ttl=57 time=6.65 ms
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=2 ttl=57 time=6.68 ms
64 bytes from lga15s46-in-f14.1e100.net (172.217.4.46): icmp_seq=3 ttl=57 time=6.68 ms

You don’t have to rack your brain over connectivity issues!  Liquid Web customers enjoy 24/7 support for our Managed products. Our knowledgable team of support techs have experience with solving errors of this nature.  Access our support team through a ticket, chat or phone call!

How to Change Your Hostname in Ubuntu 16.04

Reading Time: 5 minutes
Image result for ubuntu logo

Times are changing, and possibly your hostname is too if you are reading this article.  You may have come across a scenario within your business that requires you to change your hostname.  You might ask yourself why you would need to change your hostname? The most common scenarios would be due to a domain name change, your business has changed its course, or because you have thought of something better.

Sometimes you might forget to renew the domain names before they expire. Unfortunately, this can be a time where a domain brokers purchases you domain name.  These are agencies who take popular sites and purchase with the intent of holding the domain until their inflated price is met.  As unfortunate as this may be, sometimes it is best to purchase a new domain name for cost efficiency.

Note
When purchasing domains from Liquid Web you can always select the option to Auto Renew within our portal Domains >> My Domains

 

Benefits to using a Fully Qualified Domain Name for your Hostname

It is good practice to use your FQDN Fully Qualified Domain Name as your hostname. Following this practice creates more options for securing your hostname with an SSL.  This will allow services like email to function using a secured connection. Using a hostname with a registered domain will allow you to add a corresponding DNS entry.  This will prevent unpredictable behavior by some services that use the hostname. This would allow you to set up a reverse lookup DNS entry. It can be very important especially with services like email verfication.  For example, when an email is sent the receiving server runs a reverse lookup on the sender’s hostname. The reverse lookup allows receivers server to ensure the hostname resolves to the matching IP address. This is just one preventive measure servers now use to reduce email spoofing incidents.

By using a unique domain name, you can reduce editing time. You may have a script that calls to the servers IP, instead of the hostname, to correctly function.  Best practice is to use the hostname because future migrations may change IP addresses/ranges.  Using the hostname can save you a lot of time in the long run, depending on your infrastructure and coding.

 

Using SSH for Windows 10, 7/8, and Mac OS X

We’ll need to connect to your server.  For this article, we will be using SSH “Secure Shell” to access the server and issues commands.  SSH is a powerful tool that will allow us to establish a secure connection with your server, diagnose, and issue remote commands.  For more information on the SSH protocol, you can visit the following links.

There are a few ways to use SSH depending on your operating system. We’ve have included some examples below followed by links with more information.

Windows 10

Using SSH client in Windows 10

Note
Note: Because the OpenSSH client was introduced in the Windows 10 Fall Creators Update, you’ll need to first update to at least that version of the operating system.

Windows 7/8

Unfortunately, for older versions of Windows, it is not exactly possible to set up an SSH natively to connect to your server.  Thankfully, applications were created to assist. We like to use MobaXterm, but Putty is a safe choice as well. Both of these applications are free to use and simple to set up. We’ve included links below with more information on these applications.

Mac OS X

Newer Mac operating systems come with an excellent utility to access SSH called Terminal. To access Terminal navigate to your Applications folder >> Utilities folder >> Terminal.

In case Terminal is inefficient for your preference, there are other options available in the App store or through a quick search on Google . Putty is also available on Mac!

 

Changing the Hostname in Ubuntu 16.04

At this point, you should be able to access your server using SSH.  Once you have accessed your server, you will want to either switch to the root user or run these commands using sudo.  The files you will be accessing are owned by root. Because of this, you will need root privileges.

To start things off, we will want to edit /etc/hostname and the /etc/hosts files.  You can do so by using a text editor of your choice. We will demonstrate how to accomplish this task using the text editor called VIM.  Some of these command line text editors can seem complicated, we will include the “sed” command to make things even easier.

Switching to root user:

# su – root  

Editing the hostname and hosts file:

# vim /etc/hostname  

# vim /etc/hosts  

Once you have opened these files, you will need to change your hostname as follows:

  1. Press the i key to insert.  This will allow you to edit.  You will notice the editor says “Insert” at the bottom of the page.
  2. Use the arrow keys to navigate the cursor to your old hostname.
  3. Backspace to delete single characters
  4. Replace with the new hostname.  Be sure the syntax is correct.
  5. When done editing hit the ESC key to exit insert mode.
  6. Then hold shift andpress the : key
  7. Finally, type wq and press enter key. This will write to the file and quit the editor
  8. Repeat for /etc/hostname                                                            

As we mentioned earlier, the command line text editors can appear to be overly complicated, especially when you’re used to programs like Word and the Window’s text editor.  Because of this, we have included the command below.

Note
Change host.example.com to your old hostname. Change host.newhostname.com to your new hostname

# sed -i 's/host.example.com/host.newhostname.com/g' /etc/hosts

# sed -i 's/host.example.com/host.newhostname.com/g' /etc/hostname

After editing these files, you’ll need to reboot the server. If you wish to reboot at a later time but still want your new hostname to take immediate effect click on this sentence to skip ahead. Otherwise, you can do so by running

# reboot

Your SSH session should be terminated.  Depending on your server it can take a few minutes to boot back up.  Once the server is back online you can check your changes by running the following command:

# hostname  

If all went well, the terminal should output your new hostname.

If you wish to reboot at a later time but still want your new hostname to take immediate effect, you can use the hostname command to temporarily set the hostname until the next reboot.  From there, the changes in /etc/hosts and /etc/hostname will take permanent effect.

# hostname host.newhostname.com

There is also an alternative available.  The hostnamectl command is default for both Desktop and Server versions. They combine setting the hostname via the hostname  command, editing  /etc/hostname and setting the static hostname. Unfortunately, editing /etc/hosts  still has to be done separately.

Example:

# hostnamectl set-hostname host.newhostname.com

 

Common Issue after Hostname Update

The “Failed to start hostname.service: Unit hostname.service is masked” error can happen when there is a syntax error within the /etc/hostname, or /etc/hosts file, or when the hostname does not match between these two files.  Be sure to check both of these files for mistakes and correct them as needed. In newer versions of Ubuntu, you will also want to use the hostnamectl command mentioned earlier.  

# hostnamectl set-hostname host.newhostname.com

Once corrected, be sure to start the hostname service to see if the issue has been corrected. You can do so by running the command that we have included below. Afterward, we would recommend rebooting your server.  This is not always necessary, but in some cases, it is required.

# systemctl restart hostname  

As always, Liquid Web customer’s enjoy 24/7 technical support with changing your hostname. Reach out to our sales team to see how you can get into our lightening fast servers today!

 

What’s My DNS?

Reading Time: 3 minutes

What is DNS?

If you are new to web hosting, you may have heard the term DNS, but you might not be sure what it means or how it is essential to you. DNS is short for Domain Name System, and it is the process by which the whole Internet organizes and easier way for humans to reach websites.

Numbers or IP addresses identify all of the computers/websites connected to the Internet. While computers have no trouble identifying each other using these strings of numbers, it would be challenging for humans if we had to remember a set of numbers for every website we wanted to visit! Fortunately, DNS translates domain names like liquidweb.com to an IP address and back, so all we need to know to find a website is the name. For a more in-depth discussion of the DNS system, see Understanding the DNS Process.

You can use the DNS Tree for a quick, visual comparison of the records that exist on all of your nameservers. Making sure your records match across nameservers and that they match your server is an essential part of troubleshooting possible website issues. If you’re error messages like “This site can’t be reached” or “webpage is not available”, the DNS Tree may help you figure out where the problem exists.

 

How Do I Check My DNS?

Verifying accurate DNS records is essential for navigating traffic to the correct web server. You can use Liquid Web’s Internet Webhosting Toolkit to view your current, authoritative DNS records. Just go to the toolkit’s site, click on the DNS Tree tab, enter your domain name, and click Submit.

lw dns tree

Note
Our servers will query your domain’s nameservers for the most common DNS record types. If a domain is not registered or if no DNS records exist for the domain, you’ll receive an error message indicating that the records are not available. This may suggest that your nameservers are unavailable for some reason, especially if you are hosting those nameservers on a private server.

domain lookup error

If you have registered your domain and set DNS records our tool will display the results in an easy to see “tree” of records, organized from most general to most specific.

lw dns tree detail

In our example, we are looking up the records for liquidweb.com, so the tree begins with that domain at the far left of the screen.

lw dns tree domain

The next set of records displayed are the Authoritative Nameservers for the domain. These are the servers designated as the holders of the records for this domain. If you want to change the records for this domain, you must change them on these servers. Changing records anywhere else won’t make reflect DNS changes. Your domain can have one, two, or as many Authoritative Nameservers as you would like but most websites use at least two for redundancy and stability.

lw dns tree nameservers

 

The next set of entries in the DNS Tree show the Types of records that are available. DNS record types are unique for each kind of DNS function.

  • An “A Record” is used to identify primary IP addresses of given domains.
  • MX Records” are used for email routing and delivery.
  • TXT records” hold additional information about the domain, like SSL validations, DKIM entries, or SPF records.

For more information about DNS record types, see DNS Record Types.

lw dns tree record types

The final “column” of entries displays the actual DNS record. This is typically an IP address for an “A record”, and domain name for an “MX record”, or a string of text for a “TXT record”. Hovering the mouse over a circle will display all of the information for the record in a pop-out window, including the TTL, Type, and Data.

dns tree recordsdns tree popout

 

 

 

 

 

 

 

If you’ve made recent changes to your DNS records, the toolkit may be showing an older, or cached, version of the records. The TTL portion of the record indicates how frequently the DNS system should update its records. TTL is shown in seconds, so a typical setting of 3600 means that servers will be asked to update your records every 6 minutes.

The delay that occurs during this period is referred to as propagation. Some DNS changes, like nameserver changes, can take up to 72 hours to propagate, so if you are going to be making changes to your DNS records, you’ll want to lower your TTL values for a quick update. For more information on reducing your TTLs, see How To: Lowering Your DNS TTLs.

If you need additional help, Liquid Web customer’s can contact the Most Helpful Humans in Hosting via ticket, chat, or phone (1-800-580-4985) at any time and we’ll do our best to make sure everything is working correctly.

 

How Do I Use Liquid Web’s Hosting Toolkit?

Reading Time: 2 minutes

If there is one truth in the world of web hosting, it is that we always need more information. Information about configurations, servers, connections, delivery speeds and networking is essential in troubleshooting and optimizing our web presence. While this kind of information can be gathered from various providers and sites across the Internet, Liquid Web has developed a one stop shop toolkit to gather some of the most vital troubleshooting tools in one convenient interface designed to make your life easier.

The Liquid Web Internet Webhosting Toolkit provides you with the data you need to verify connectivity, identify DNS issues, and test web page performance. We’ll continue to develop and share new tools that will make your job easier; it’s one of the ways that we are working to be the Most Helpful Humans in Hosting. Continue reading “How Do I Use Liquid Web’s Hosting Toolkit?”

Troubleshooting: MySQL/MariaDB Error #1044 & #1045 Access Denied for User

Reading Time: < 1 minute

When using phpMyAdmin, it’s essential to have the correct user permissions to create edits/writes to the database.  Otherwise insufficent permissions can lead to  errors like the ones pictured below “#1044 – Access denied for user …[using password: YES]” and “#1045 – Access denied for user…[using password: YES]”.  In our tutorial, we’ll show you how to correct this issue using the command line terminal.  Let’s get started! Continue reading “Troubleshooting: MySQL/MariaDB Error #1044 & #1045 Access Denied for User”

Troubleshooting: Locked Out of RDP

Reading Time: 3 minutes

How Do I Get Back Into RDP?

You may be working from a local machine that has an IP that is not scoped on that RDP port, making it impossible for you to gain remote access to add the IP address to the RDP rule’s scope. Do not fret; there is a simple and quick way to add your IP to the RDP scoping (or any others entities such as MySQL or MSSQL) right through your Plesk interface in your local browser. You can watch this video, or scroll down for step-by-step directions.

For security purposes, it is always recommended that you scope off your Remote Desktop Protocol (RDP) connection on your server. Putting a scope on the RDP rule in the Windows Firewall will allow only the indicated  IP addresses to gain access to the server through Remote Desktop Protocol. The issue is that many of us do not have static IP addresses, but rather Dynamic IP addresses. This means that while at one time our IP address may be 120.32.111.01, it may change to something like 95.42.121.01 later. So if you were to add 120.32.111.01 to the RDP firewall for a customer or a system administrator, then you may need to add another rule for a different IP address.

 

Adding Your IP in Plesk

Step 1: Log in to Plesk

First, we need to make sure we know how to get to that Plesk login page. By default, the Plesk login page is https://<YourServerIP>:8443. For example https://124.0.0.1:8443

We should arrive on a page with this in the center. Go ahead and type in Admin for the username and your password for Plesk. Usually, that password is set up by our team and is the default Server Administrator Password. Sometimes the username is Administrator, depending on a few variables. But one of the two user names should be fine.

Plesk login

Step 2: Tools & Settings

The first thing we need to do after we log into Plesk through the previous page is to navigate to the Firewall Rules. Go ahead and click on Tools & Settings. It will be located in the right sidebar near the bottom as shown below.

plesk tools and settings

Step 3: Firewall

Once we pull up Tools & Settings go ahead and click on our destination, Firewall. You will find that option under the Security section. It will be the second option, just under Security Policy.

firewall tools and settings

Step 4: Firewall Rules

After we are in the Firewall management, go ahead and click on Firewall Rules. This is where we will add the rule to allow a certain IP address to gain RDP access.

firewall management

Step 5: Add a Firewall Rule

Under Tools, after going into the Firewall Rules, we will see the option labeled Add Firewall Rule. Go ahead and click on that, bringing us to our next step.

firewall add rule

Step 6: Add Detail the the New Rule

This is the page that we see after clicking on Add Firewall Rule. It can seem to be complicated and intimidating for some beginner level System Administrators, but it is quite simple.

add a new firewall rule

firewall profiles

If you or your client are not sure what that IP address that needs RDP access is, Liquid Web has a great site to visit that will only display your IP address here.

Note:

Here is an example of what you will find at https://ip.liquidweb.com.

While this particular example IP will not be the one that the customer or the System Administrator will see, (when visited on the local machine) the page will display the IP address that needs to be added to the rule for this RDP session to connect. That will be the only information that will be displayed on this page. Simply copy that IP address and use it in the instructions below.
ip address

remote ip address

Once you enter the IP address into the text box under Remote addresses, you do need to click the ADD button before clicking on OK.

remote ip address example

As mentioned above, after clicking the ADD button while the IP address is entered into the Add an IP address or a network text box, it will be placed into the left text box. After that step, you will then be able to click OK to apply this rule to the firewall for the server.

Step 7: Connect to RDP

The individual at that IP address can now access the server via RDP. If you would like more information on how to use Remote Desktop Connection, you can find a help article explaining exactly how to do that here.

rdp connection login screen

Congratulations! You now know how to add an IP address to an RDP rule that will allow a user to connect if the RDP is scoped off to the public. This can be done many times. Although Plesk does not allow you to edit the rule, you will have to create a new one each time. But this shouldn’t cause any issues. Also, keep in mind that this method can be used for any port, including MySQL and MSSQL.

If you ever have any trouble with your Liquid Web server, feel free to contact us through our chats system, by submitting a ticket, or by calling 800-580-4985. We’d love to help!

Using a Cron Wrapper Script

Reading Time: 4 minutes

This tutorial is intended to do two things: to expand on the Cron Troubleshooting article; and to give an overview of a simple scripting concept that uses the creation of a file as a flag to signify something is running. This is primarily useful when you need to run something continuously, but not more than one copy at a time. You can create a file as a flag to check if a job is already running, , and in turn, check for that flag before taking further action. Continue reading “Using a Cron Wrapper Script”

Configure Nginx to Read PHP on Ubuntu 16.04

Reading Time: 4 minutes

Nginx is an open source Linux web server that accelerates content while utilizing low resources. Known for its performance and stability Nginx has many other uses such as load balancing, reverse proxy, mail proxy, and HTTP cache. Nginx, by default, does not execute PHP scripts and must be configured to do so.  In this tutorial, we will show you how to enable and test PHP capabilities with your server.

Continue reading “Configure Nginx to Read PHP on Ubuntu 16.04”

How to Use Ansible

Reading Time: 8 minutes

Ansible symbolAnsible is an easy to use automation software that can update a server, configure tasks, manage daily server functions and deploys jobs as needed on a schedule of your choosing. It is usually administered from a single location or control server and uses SSH to connect to the remote servers. Because it employs SSH to connect, it is very secure and, there is no software to install on the servers being managed. It can be run from your desktop, laptop or other platforms to assist with automating the tedious tasks which every server owner faces.

Continue reading “How to Use Ansible”