Updates from February, 2015 Toggle Comment Threads | Keyboard Shortcuts

  • Jay Versluis 7:23 pm on February 25, 2015 Permalink | Reply  
    Categories: Linux ( 101 ), macOS ( 37 ), Windows ( 22 )   

    How to find your CPU details from the command line 

    It’s often necessary to know what the exact type of CPU that’s installed on your system. For example, you may need to know if you’re dealing with a dual core or quad core system, or a 32/64 bit system. Only the CPU can tell you this.

    Here’s how to find out the string you need for further investigation.



    From the command line, execute the wmic command with the following parameters:

    wmic cpu get name
    Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz

    Thanks to Jonathan @ Next of Windows for this tip!

    Windows also gives you an accurate result via the GUI: open Windows Explorer and head over to Computer – Properties:

    Screen Shot 2015-02-25 at 19.04.01

    Mac OS X

    On the Mac you won’t get a very accurate result from the Apple Icon – About this Mac. It will tell you what CPU type you’re using, but not the exact model number.

    To find that out, head over to Applications – Utilities – Terminal and enter the following command:

    sysctl -n machdep.cpu.brand_string
    Intel(R) Core(TM) i7-3615QM CPU @ 2.30GHz

    There. Much better than this:

    Screen Shot 2015-02-25 at 19.15.09


    You can take a look at the /proc/cpuinfo file which holds a plethora of information about your system’s CPU. So much in fact that it’s difficult to find what you’re looking for. Filtering the output of this file for ‘model name’ gives you an exact match:

    cat /proc/cpuinfo | grep ‘model name’
    model name : Intel(R) Atom(TM) CPU N270   @ 1.60GHz


    Where can I find more information about my CPU?

    Google is of course your friend when trying to find out more information about your processor, but there are two tools provided by Intel and AMD that may also be of help. Intel’s ARK website is particularly helpful:

  • Jay Versluis 3:57 pm on February 23, 2015 Permalink | Reply
    Tags: ,   

    Categories: Linux ( 101 )   

    How to find which package provides a command in yum 

    CentOS-LogoSometimes you know you need a package, but when you try to install it with yum you’ll get a message like “No matches found”. Yet you’re sure the package exists because you’ve used it before.

    This can happen if the package in question is part of a set which installs multiple packages. The net-tools package springs to mind.

    yum has a great option called whatprovides with which you can query what package you need to install to use a command. Let’s try it out!

    Say I wanted to install mkfs.vfat which is not installed by default in CentOS. Simply trying to install it won’t work:

    yum install mkfs.vfat
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirrors.advancedhosters.com
     * extras: centos.mirrors.tds.net
     * updates: centos.mirrors.tds.net
    No package mkfs.vfat available.
    Error: Nothing to do

    Of course it won’t. But I can ask yum what provides this package:

    yum whatprovides mkfs.vfat
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
     * base: mirrors.advancedhosters.com
     * extras: ftp.usf.edu
     * updates: centos.mirrors.tds.net
    dosfstools-3.0.20-9.el7.x86_64 : Utilities for making and checking MS-DOS FAT
                                   : filesystems on Linux
    Repo        : base
    Matched from:
    Filename    : /usr/sbin/mkfs.vfat
    dosfstools-3.0.20-9.el7.x86_64 : Utilities for making and checking MS-DOS FAT
                                   : filesystems on Linux
    Repo        : @base
    Matched from:
    Filename    : /usr/sbin/mkfs.vfat

    Well fantastic! The package I’m looking for is called dosfstools. Knowing that, I can simply use yum install dosfstools, and a few moments later mkfs.vfat will work as expected.

    Thanks, yum!

  • Jay Versluis 10:17 am on February 17, 2015 Permalink | Reply
    Tags: , squid   

    Categories: Linux ( 101 )   

    How to view local websites on your iPad with Squid 

    squidI like developing and testing websites on my local network before they go live. On both Mac and PC it’s easy to tweak the /etc/hosts file so that the URL doesn’t point to a numeric IP, but instead to http://yourserver (or something equally catchy).

    On iOS devices we can’t tweak that file unless we deal with the highly unethical practice of jailbreaking. Turns out there is an easier way to surf local websites on mobile devices, simply by using a Proxy Server such as Squid.

    A Proxy Server is often used as a caching server or to disguise where a request is coming from. For example, surfers use proxies to pretend they’re visiting from a different country, or ISPs  use proxies to speed up data delivery in local areas. In simple terms, a proxy is fetching data on our behalf. Then we talk to the proxy and get the data from him. Think of a Proxy Server as a middle man in a network transaction.

    To surf local websites on an iPad or iPhone, we can connect to our WiFi network with a proxy on a machine on which we CAN tweak the /etc/hosts file. Let me show you how this works.

    For this example I’m using a development server on my local network. It’s a simple LAMP Stack running CentOS.


    Installing and configuring Squid

    We’ll install Squid on the development server. Websites are accessible via http://localhost but also as something more swish when the /etc/hosts file is tweaked, for example http://yourserver.

    Squid is available via yum, and installation is simple:

    yum install squid
    chkconfig squid on

    The second line will start Squid on every server restart, just in case.

    Squid should work out of the box on port 3128, but if you ever need to tweak this, you can do so in /etc/squid/squid.conf.


    Configuring the iPad Connection

    When you connect your iOS device to your local WiFi network it will do this without a Proxy Server by default. We’ll change this under Settings – WiFi, then tap the little info icon next to your active connection. It goes without saying that the development server needs to be on the same network as your iPad.

    At the bottom of this page, under “http proxy”, select manual and add your development/proxy server’s numeric IP, and 3128 under Port. Leave authentication off. It should look like this:



    Now any tweaked URL that works on your development server will work on the iOS Device too: visit http://yourserver to verify this.

    Should Safari give you a problem, maybe due to its spurious caching technology, head over to Settings – Safari – Clear History and Website Data.



    Squid will cache every request you make on your iOS device as long as your WiFi connection uses the proxy setting. Chances are that your development server isn’t going to deliver results as fast as non-cahced results would come in from your router – unless you surf the same slow website over and over.

    Also, Squid will leave a record of every request that has been made in /var/log/squid/access.log. If you’re using such a setup in your office, you may need to tell users on the network that their requests will be logged.

    So if you’re concerned about any of these aspects, simply switch the proxy off in your WiFi settings.


  • Jay Versluis 6:24 pm on February 16, 2015 Permalink | Reply  
    Categories: Windows ( 22 )   

    Where is the /etc/hosts file in Windows 

    Windows IconIt’s in

    • C:\Windows\System32\drivers\etc

    You can edit it with Notepad with Administrator rights.

    Works in Windows 7 and Windows 8.1.

  • Jay Versluis 10:06 am on February 16, 2015 Permalink | Reply

    Categories: WordPress ( 145 )   

    How to block Spam Trackbacks in WordPress 

    wordpress-iconTrackbacks are a great way for other blogs to notify your blog about a link back to you. Many blogging platforms support this feature, including WordPress.

    But sometimes it’s very obvious that those trackbacks aren’t coming from a legitimate source, especially when you get several dozen of them every day from the same source.

    No one loves you that much.

    The most recent two examples are semalt.com and buttons-for-website.com, the latter can’t even properly mix a plural with a singular. But that’s not for here.

    To make sure those trackbacks don’t bother our WordPress site anymore, we can add a bit of code to your re-reite rule file. If your host is using Apache then this will be your .htaccess file, famously in use for Pretty Permalinks and some cache plugins.

    A typical .htaccess file is either empty or contains a block of code courtesy of WordPress. It’s a simple text file. If we add this little snippet to the bottom of the file, friendly trackbacks from semalt.com will no longer notify our website:

    # Block Semalt Trackbacks
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} semalt\.com
    RewriteRule ^.* - [F,L]

    This rather strange looking code is a rewrite rule. It says “if you encounter a link or a visitor from semalt.com, then forbid them access to anywhere on this site”.

    Notice the backslash, followed by the domain extension in semalt\.com. This is necessary to escape the dot character, otherwise Apache would interpret it as an instruction. In our other example, buttons-for-website.com, we need to deal with the slashes in the domain name in the same way:

    # Block buttons-forwebsite Trackbacks
    RewriteEngine On
    RewriteCond %{HTTP_REFERER} buttons\-for\-website\.com
    RewriteRule ^.* - [F,L]

    You can stack these rules in your .htaccess file and add as many as you like for your very own Trackback Spammers. Simply replace the URL in the code with your own, escaping special characters as seen above (a special character is anything that isn’t “a to z” or “0 to 9”).

    Note that these rules do not prevent such websites from linking to you. However as soon as someone from the offending website clicks a link to your website, they will be denied access. On the other hand, when the same visitor would type in your URL, or come from a different website, they will be able so see your content without problems.

  • Jay Versluis 10:06 am on February 15, 2015 Permalink | Reply
    Tags: ,   

    Categories: Linux ( 101 )   

    How to enable automatic logins in CentOS 6 and GNOME 

    CentOS-LogoI was researching auto login options for CentOS today. I thought those would come in handy when GNOME is used as a standard desktop, so that the computer starts straight into the desktop environment without the need to provide a password.

    It’s also a handy feature to have if the machine lives in another room and needs GNOME to login to the wireless network when I issue a remote restart.

    Turns out there are two parts to the puzzle: providing auto logins and removing a pesky Keyring Dialogue that appears to come up when those are enabled. Let’s tackle both of them here.

    I’m using CentOS 6.6 with GNOME here. In principle this works in CentOS 7 too, but there’s a much easier way to accomplish the same thing. See my CentOS 7 article for details: https://wpguru.co.uk/2015/08/how-to-enable-automatic-user-logins-in-centos-7-and-gnome/

    Enabling Auto Logins in CentOS 6

    Head over to the trusty command line and edit /etc/gdm/custom.conf. The file already contains several sections, all of which are empty by default.

    In the daemon section, add the following values (replacing youruser with your actual user name):

    # GDM configuration storage
    AutomaticLoginEnable = true
    AutomaticLogin = youruser

    Thanks to Keith Wright on the CentOS Forum for this tip.

    Now when you restart your system, youruser is automatically logged in when GNOME starts.

    Disabling the Keyring Dialogue

    However, you may experience a Keyring Dialogue which will ask for your root password every time after a restart. This isn’t much better than the login screen. This may or may not happen, depending on your current configuration:

    Photo Feb 15, 8 47 34 AM

    One article I found suggested to head over to System – Preferences – Startup Applications and simply remove the Keyring Daemon from the list. Turns out this doesn’t actually make a difference, so don’t do that (although it doesn’t seem to have an adverse effect either):


    The real solution comes courtesy of Jim and iiSeymour: http://superuser.com/questions/43132/why-do-i-need-to-enter-a-password-for-the-default-keyring-to-unlock

    All we have to do is

    – head over to the Network Connections Icon at the top of the screen
    – and right-click it
    – select Edit Connections…
    – pick your current wireless connection and select Edit
    – provide the root password (only necessary this once)
    – check the tick box Available to all users

    Photo Feb 15, 8 59 55 AM

    Photo Feb 15, 9 00 10 AM

    Photo Feb 15, 9 00 30 AM

    In CentOS 7, choose the little gear icon to bring up a window. You can find the available to all users tick box in the Identity section on the left hand side.

    And that’s it! On subsequent logins, GNOME will now start with youruser already logged in and your wireless network connected.

    Wait! My system boots into the Command Line interface, even though I have GNOME installed. What gives?

    You can tell your system in which mode to start. To do this, edit your /etc/inittab file:

    // change this line 
    // to 

  • Jay Versluis 7:09 pm on February 14, 2015 Permalink | Reply
    Tags: , ,   

    Categories: Plesk ( 76 )   

    How to fix ProFTP Handshake Trouble in Plesk 

    Plesk-LogoI fixed a problem this morning which wouldn’t let the latest version of FileZilla v3.10.1.1 connect to one of my client’s servers anymore.

    This had not been a problem in the past.

    The connection itself worked, but FileZilla failed due to a problem with the TLS Certificate. Here’s the error:

    Status: Initializing TLS...
    Error:  Received TLS alert from the server: Handshake failed (40)
    Error:  Could not connect to server

    Turns out that FileZilla have made a few changes and deprecated the insecure RC4 algorithm in FTP over TLS. Since ProFTP didn’t know the path to the server certificates, TLS failed and hence no connection was possible.

    Thankfully there was an easy fix for this, courtesy of this Parallels Knowledge Base article: http://kb.sp.parallels.com/en/2207

    To add the default Plesk certificates to the server, all I had to do was tweak the ProFTP config file at /etc/proftpd.conf and add the following at the bottom:

        TLSEngine on
        TLSLog /var/log/tls.log
        TLSProtocol SSLv23 
        # Are clients required to use FTP over TLS?
        TLSRequired off
        # Server's certificate
        TLSRSACertificateFile /usr/local/psa/admin/conf/httpsd.pem
        TLSRSACertificateKeyFile /usr/local/psa/admin/conf/httpsd.pem
        # Authenticate clients that want to use FTP over TLS?
        TLSVerifyClient off
        # Allow SSL/TLS renegotiations when the client requests them, but
        # do not force the renegotations.  Some clients do not support
        # SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
        # clients will close the data connection, or there will be a timeout
        # on an idle data connection.
        TLSRenegotiate required off

    In this example the Server Certificate section contains the default path to Plesk’s certificates, but feel free to substitute them if yours are stored elsewhere.

    There’s no need to restart xinetd because ProFTP creates a new process for every new connection, which will then include the new configuration. NOw FileZilla can connect without a hitch, only displaying the new Server Certificate the first time it is encountered:


    Note that this issue no longer occurs with newer installations of Plesk. This particular instance of Plesk has seen many updates since version 10.4, hence the tweak was necessary.

  • Jay Versluis 5:08 pm on February 12, 2015 Permalink | Reply
    Tags: , ,   

    Categories: macOS ( 37 )   

    How to copy a CentOS ISO to USB on Mac OS X 

    CentOS-LogoWindows users have a great free tool called ISO2USB which efficiently transfers ISO images to a USB stick. Mac users don’t have such a luxury – at least I haven’t found one yet.

    Instead we can make use of a command line tool named dd which can do this for us. It needs a few parameters though, and in this article we’ll look at what those are. The following will work in both Mavericks and Yosemite, with ISOs from CentOS 6.5 and above. Our operation will result in a bootable USB stick.

    First, head over to a CentOS Mirror and download your favourite ISO image. Next, have a USB stick handy and insert it into your Mac. Now open Terminal – it’s under Applications – Utilities, or do a Spotlight search to find it.

    For this example I’m assuming that the image file is called centos.iso and that it’s in your Downloads directory. Let’s enter that directory by issuing the following command:

    cd ~/Downloads

    The second command lists all files, and your ISO image should be one of them.

    Find out what device your USB stick is

    So far so good, we’re in the right location. The dd command needs to know which file you want to copy (see above), and the device corresponding to your USB stick. It’s easy to get confused at this point. Let me explain this:

    Devices are things attached to the system, such as hard disk, memory cards and USB sticks. Each device can hold a number of partitions which is where your data is stored. Depending on how many storage devices are attached to your system, you’ll get a specific address for each device. For example, /dev/disk0 is your internal Mac hard disk in which you’ll find three partitions.

    Since our ISO image will overwrite all partitions on the USB stick, we need to know what the system knows our USB stick as. Type the following to get a list of what’s attached where:

    diskutil list
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *1.0 TB     disk0
       1:                        EFI EFI                     209.7 MB   disk0s1
       2:                  Apple_HFS Macintosh HD            999.3 GB   disk0s2
       3:                 Apple_Boot Recovery HD             650.0 MB   disk0s3
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *512.1 GB   disk1
       1:                        EFI EFI                     209.7 MB   disk1s1
       2:                  Apple_HFS Macintosh SSD           511.3 GB   disk1s2
       3:                 Apple_Boot Recovery HD             650.0 MB   disk1s3
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:     FDisk_partition_scheme                        *1.0 TB     disk2
       1:                  Apple_HFS VM Drive               1.0 TB     disk2s1
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:      GUID_partition_scheme                        *1.5 TB     disk3
       1:                        EFI EFI                     209.7 MB   disk3s1
       2:                  Apple_HFS Black Time Machine      1.5 TB     disk3s2
       #:                       TYPE NAME                    SIZE       IDENTIFIER
       0:     FDisk_partition_scheme                        *4.0 GB     disk4
       1:                 DOS_FAT_32 C64

    Looks like I’ve got 5 storage devices on my system. The one at the bottom is my USB stick, an old 4GB model currently formatted with FAT32. Your layout will be different, so keep an eye on the SIZE parameter. If your currently formatted stick is named you can identify it that way too (mine is called C64).

    The device I want to use here is /dev/disk4. Note that when we get to work, everything on your USB stick will be erased when we copy the ISO over. The dd command will not warn you before this happens.

    Unmount your USB stick

    Before we can continue we need to make sure your USB stick isn’t mounted to OS X. If it was formatted with a filesystem that your Mac can read, then you’ll see your stick as an orange icon on the desktop. But since the dd command will do a low level format with a different filesystem, OS X needs to let go of our stick. If we don’t do this, you’ll get a “Resource busy” message in the next step.

    To unmount your stick, type the following:

    diskutil unmountDisk /dev/disk4
    Unmount of all volumes on disk4 was successful

    That orange icon should disappear from the desktop, and you will no longer see your USB stick in the Finder either. Leave it attached though – do not eject it.

    Copy the ISO image over

    Now let’s give the dd command something to do. Since we’re in the correct directory already, type the following (you will be prompted for your password):

    sudo dd if=centos.iso of=/dev/disk4
    // time passes...
    694272+0 records in
    694272+0 records out
    355467264 bytes transferred in 249.100402 secs (1427004 bytes/sec)

    Amend /dev/disk4 with your own device. Feel free to specify the direct path to your image file in place of centos.iso (no wildcards I’m afraid).

    This step can take a long time, during which you won’t get any feedback whatsoever. That’s normal, even though it looks like your session hangs. It’s all good. As long as you leave the Terminal window open, feel free to do other things with your Mac and leave it running.

    In the above example I was copying a 190MB image and it took just over four minutes. I had an abysmally slow USB stick mind you – something to keep in mind when you want to transfer a large “everything ISO” image onto a stick from 10 years ago: you’re not doing yourself a favour, it’ll take hours to copy, and just as long to boot from later.

    Should you want to terminate your dd session during this time (and use a faster USB stick for example), simply hit CTRL+C and you’ll be returned to the command line.

    If all went well you’ll receive a summary message at the end. Now you’re ready to boot from your stick into the wonderful world of CentOS.

    • Jonathan S 10:19 pm on November 7, 2015 Permalink | Reply

      Use a larger block size with dd to significantly increase your transfer rate.

      Even older, slow USB devices have a much higher supported transfer rate than the default dd block size 1byte. Reading and writing 1byte at a time has enormous OS overhead. change the block size to something around 1 megabyte and you’ll get the same task accomplished much more quickly.

      In your example:

      sudo dd bs=1m if=centos.iso of=/dev/disk4

    • Jay Versluis 4:38 pm on November 8, 2015 Permalink | Reply

      Thanks Jonathan, very good call!

    • Steve Mc 4:10 pm on November 9, 2015 Permalink | Reply

      This is not working for me to create a bootable Centos 6.7 to install on a new Dell R730xd. I get a “boot failure : make sure you have a compatible media device installed” .. when I insert the USB Stick and choose it as the boot device. Going nuts here! 🙁

      • Jay Versluis 4:28 pm on November 9, 2015 Permalink | Reply

        Hi Steve, if it would be easy, everybody would be running CentOS 🙂

        I never had that problem myself. Here’s what I can suggest:

        • Did you try a different stick?
        • Did you try booting from the stick on different hardware (that’s safe, just make sure you don’t go through with the full installation of course…).
        • Last resort: if you have access to a Windows machine you can use ISO2USB: http://iso2usb.sourceforge.net
        • Steve Mc 4:30 pm on November 9, 2015 Permalink | Reply

          I have tried 3 different sticks — same issue. No other Dell type H/W available.

          However, I just made a break through — if I change the BIOS from “UEFI” to “BIOS” — it DOES boot .. but I need UEFI because I have 12TB of disk. So not sure what that means.. or what to do

          • Jay Versluis 4:41 pm on November 9, 2015 Permalink

            That’s a huge disk! I’d probably leave the BIOS value at BIOS and see how CentOS likes the disk. As long as it’s formatted as EXT4, it should be able to deal with it.


    • Dave 9:46 am on January 14, 2016 Permalink | Reply

      This is a really well written, and very helpful tutorial. Thank you.

    • Sam 9:43 am on June 22, 2016 Permalink | Reply

      One quick tip, and thank you for the article, when the Terminal screen is open and running the dd process, press control-t to se progress. That will show you the current byte-level progress of the transfer of the ISO.

      • Jay Versluis 5:54 pm on June 25, 2016 Permalink | Reply

        Thank you Sam – that’s a great tip!

    • Casey 9:07 pm on May 3, 2017 Permalink | Reply

      CTL+T shows progress of dd. Just something that I found as helpful!

      • Jay Versluis 9:08 pm on May 3, 2017 Permalink | Reply

        Thanks for the tip!

    • Matt 3:40 am on June 19, 2017 Permalink | Reply

      I hit ctrl + t, it says the disk I inserted could not be read and asked if I wanted to eject and now ctrl + t isn’t working do i need to restart

      • Jay Versluis 8:34 am on June 19, 2017 Permalink | Reply

        Where do you get that message, in the terminal window or from your Mac Desktop? The desktop may show you this message if the stick was previously formatted with a Linux partition. But since you’re unmounting the drive anyway, Eject will do that for you. To find out which device the drive was attached to, I’d use a stick your Mac can read, show the diskutil list and remember the slot. Then put the unreadable stick back in, let it eject (but don’t take it out), and proceed to copy the ISO image.

        If CTRL+T isn’t working, try CTRL+C. This should interrupt whatever Terminal is doing.

  • Jay Versluis 10:54 pm on February 10, 2015 Permalink | Reply
    Tags: , firewalld,   

    Categories: Linux ( 101 )   

    How to set firewall rules from a GUI in CentOS 

    CentOS-LogoSick and tired of countless command line statements to set your firewall rules? Me too. No matter what I try, I never get the results quite right. There’s always some switch I forget and ultimately something isn’t working.

    For years I was thinking, “there has to be an easier way, like there is in Plesk”?

    And today I found that there is: a rather un-obvious tool called system-config-firewall. It’s a godsend and works in CentOS 6 with iptables, and in CentOS 7 with firewalld.


    To make use of it, install the following two packages:

    yum install system-config-firewall system-config-firewall-tui

    The first one is a version that runs under Gnome and KDE, and second one works on the command line.

    The Command Line Version

    You can invoke the command line version by running

    sudo system-config-firewall-tui

    and it will present you with the following interface. You may need to switch the firewall off temporarily, but the tool will tell you if that’s necessary:

    Screen Shot 2015-02-10 at 22.33.26

    Here’s how to use the interface:

    • use the cursor keys to move up and down
    • use the SPACE bar to select items
    • use TAB to choose the next option
    • and once selected, hit RETURN

    Screen Shot 2015-02-10 at 22.33.52


    system-config-firewall has several built-in presets, such as DNS, FTP, Mail, standard and secure http ports and many others. If you need to open a specific port, hit Add on the “other” screen and define both the port and the protocol. In this example I’m opening port 3306 for incoming MySQL traffic:

    Screen Shot 2015-02-10 at 22.39.30

    Step forward through all available options, or select Close to move back to the first screen. Make sure the Firewall Enabled option is ticked, then hit OK and all your rules will be saved.

    The Desktop Version

    If you have Gnome or KDE installed, you can invoke the Desktop Version from the command line like this:

    sudo system-firewall-config

    In addition, there should also be a handy menu item under System – Administration – Firewall which will start the same thing.

    Screen Shot 2015-02-10 at 22.48.05

    The options are much the same, perhaps a little easier on the eye and easier to select. In addition you have a Wizard which will let you start your firewall rules with a clean slate (great if you’ve been previously poking around on the command line, potentially messing things up).

    Screen Shot 2015-02-10 at 22.48.53

    Thousand thanks to all the developers who have written this tool: Thomas Woerner, Chris Lumens, Florian Festi, Brent Fox and many others.

    • paulm 5:25 pm on June 11, 2016 Permalink | Reply

      you can also try a SAAS solution for managing iptables -> https://www.efw.io/Forum it can do AWS cloud integration if needed.

      • Craig Crawford 1:33 pm on November 26, 2016 Permalink | Reply

        That is a seriously dumb service. Managing the firewall of any Linux OS is incredibly easy enough to not need such a service.

    • Lem 9:30 pm on June 6, 2017 Permalink | Reply

      After a seemingly successful install on centOS7
      Just get bash: system-firewall-config-tui:: command not found

      Anything else I should know?

      • Jay Versluis 11:12 pm on June 6, 2017 Permalink | Reply

        Hi Lem,

        d’oh, that was a stupid typo I snuck in there… the CORRECT command is actually system-config-firewall-tui (see what I did there…?) I’ll update the article now. Thanks for bringing this to my attention!

        Happy Firewalling!

  • Jay Versluis 10:10 pm on February 10, 2015 Permalink | Reply
    Tags: , ,   

    Categories: WordPress ( 145 )   

    FIXED: WordPress refuses to send you a Password Reset Link 

    Screen Shot 2015-02-10 at 21.33.07

    I ran into an interesting problem today: on a CentOS 6 server a colleague of mine wanted to reset her WordPress password via the handy link provided in the login dialogue. But rather than sending an email, WordPress got back to her with the following error message:

    The e-mail could not be sent.
    Possible reason: your host may have disabled the mail() function.

    Intrigued I had a look at the server. To my surprise sendmail was installed, and emails could be sent from the command line as well as from PHP scripts. But not from WordPress. What was going on?

    Examining the logs I came across the following error message:

    sendmail: fatal: chdir /var/spool/postfix: Permission denied

    followed by a Web Server 500 error caused by the password reset link. Interesting.

    Turns out it was an old acquaintance of mine, someone who has been spoiling the broth on many occasions: SELinux.

    SELinux can prevent Apache from sending mail when enabled, but lucky for us there’s a quick way to fix this, courtesy of manyon over at the Simple Machines Forum.

    To test if SELinux is preventing mail from being sent, try this test from the command line:

    /usr/sbin/getsebool httpd_can_sendmail

    It will return with httpd_can_sendmail –> on or off, and if your server is set to the latter then mail can’t be sent.

    To change this, execute the following, switching this bool to on:

    sudo setsebool -P httpd_can_sendmail 1

    Note that this can take a minute or two (literally) because the entire SELinux policy needs to be recompiled. Be patient, your server isn’t hanging.

    Once changed, make sure to restart Apache:

    service httpd restart

    Now WordPress can send the password reset link. #result

    • Luke 6:47 pm on October 24, 2017 Permalink | Reply

      Hi, thank you for sharing your experience. We have experienced this error as well, WordPress won’t send any email at all, like the subscription or the contact form submission, etc.
      But I don’t really understand what is the SELinux, how do I know if we have the same issue?
      How to input the commend line to test it?

      Many thanks


Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc