Tagged: Linux Toggle Comment Threads | Keyboard Shortcuts

  • Jay Versluis 4:21 pm on April 22, 2012 Permalink | Reply
    Tags: , Linux,   

    Categories: Linux ( 99 ), MySQL ( 19 )   

    How to install MySQL on CentOS 

    This is a step-by-step guide of what you need to do in order to install and setup MySQL on a new server.

    We’ll prepare a fresh CentOS 6 system (64 bit) for use as a database server. All you need is access to an SSH client and your server root credentials.

    (More …)

    • Jeff Huckaby 2:27 pm on June 20, 2012 Permalink | Reply

      Another item I always do is update the default my.cnf. By default, a number of features, such as query caching, is not enabled.

      If you look in:

      You will find some example my.cnf files. I typically use my-large.cnf as a starting point for systems with 4GB of RAM or less. Use my-huge.cnf for systems with more than this.

      Once deployed, check out tools like http://mysqltuner.pl and http://hackmysql.com/mysqlreport to better optimize your installation.

      • Jay Versluis 10:41 pm on June 21, 2012 Permalink | Reply

        Thank you so much for sharing Jeff, much appreciated! I’ll go check it out 😉

    • wayne 12:01 pm on September 2, 2012 Permalink | Reply

      hi, i am trying to set up mysql, and i still don’t see how to get to the actual webpage to set up everything. i set everything up right as far as i know. but i still need help getting to the actual program

    • gunawan 7:20 am on October 1, 2012 Permalink | Reply

      I tried but install but after click the yum
      service ….
      is failed
      then I try
      “error 2002 …”

      what I miss here?

    • Tom 4:30 am on December 24, 2012 Permalink | Reply

      It doesn’t work with me.
      With no configuration, i think it’s impossible

      • Jay Versluis 4:12 pm on December 24, 2012 Permalink | Reply

        What’s the error message you’re getting? Is yum installed on your system?

    • booksd 9:46 am on January 11, 2013 Permalink | Reply

      Any suggestions for the following command and response?

      [root@LiunxCentos arasu]# service mysql start
      mysql: unrecognized service
      [root@LiunxCentos arasu]#

      • Jay Versluis 4:06 pm on January 11, 2013 Permalink | Reply

        Sounds like MySQL is not installed, or your system does not recognize the service command. You can also try this:

        /etc/init.d/mysqld restart

        If you get a similar error message, then MySQL is not installed.

      • Jay Versluis 4:08 pm on January 11, 2013 Permalink | Reply

        I just re-read your command – the service is called mysqld, not mysql. Try again using

        service mysqld restart

        • Yeah 9:44 pm on January 11, 2013 Permalink | Reply

          Yeah, you actually wrote ‘service mysql restart’ in the tutorial, I imagine its tripped up a few others, myself included. Only took me 30 secs on google to figure out its ‘service mysqld restart’..Good article anwyays, thanks

          • Jay Versluis 12:41 am on January 12, 2013 Permalink

            How embarrassing!! I’ll change that right away – thanks for letting me know 😉

          • Carl Partridge 10:40 am on May 3, 2013 Permalink

            Actually, don’t change it – on some installations the service is called mysqld, on some the service is called mysql

            If you install from the current packages as per your tutorial, the service is called mysql

    • Mihai Alexandru 6:51 pm on February 23, 2013 Permalink | Reply

      Go on http://softiny.com and choose the LINUX tab and there are software apps to help you do this…

    • Grover 11:38 pm on March 25, 2013 Permalink | Reply

    • Independent Software Developer 4:14 pm on March 26, 2013 Permalink | Reply

      My first time really getting into CentOS and I’m trying to setup basic hosting for my site… I now have a new found respect for system admins because I have gotten so many headaches its not even funny.

      Thanks for this tutorial!

    • madhu 11:31 pm on January 25, 2014 Permalink | Reply

      hai frnds. . . ..
      iam facing problem with secure installation of mysql in centos 6.5
      while secure installation of mysql : /usr/bin/mysql_secure_installation
      am getting error as:Enter current password for root (enter for none):
      ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/var/lib/mysql/mysql.sock’ (2)
      am entered as enter button only,i got the above error

      • Jay Versluis 11:48 pm on January 25, 2014 Permalink | Reply

        Try setting a password via the mysqladmin command as described by the friendly install message. Also, check if MySQL is actually running – you can’t connect if the service is down.

  • Jay Versluis 1:11 pm on January 11, 2012 Permalink | Reply
    Tags: , Linux   

    Categories: Linux ( 99 )   

    How to prevent direct file access in your wp-content directory 

    I was working on a secure site with sensitive video material that we needed strict members access to. Even though many plugins can make sure your direct permalinks can only be seen by logged in members, direct links to files in your wp-content directory are still accessible to others. They can even be hotlinked from other sites.

    One way around this is to move the wp-content directory outside the web visible portion of your directory on the server, but even so WordPress can always link to such files. A better way is to tell your server not to give access to certain files (say ending with mp4 or mp3) and only allow access from your own domain.

    We can use Apache Mod Rewrite for this – it’s a complex language that you can utilise in your .htaccess file within the wp-content folder.

    Let me show you how to keep prying eyes out of your content.

    (More …)

    • Carl 9:11 pm on August 5, 2017 Permalink | Reply

      Hi Jay, this is just what I needed and works fine, however, web browsers are now reporting non secure content and blocking images etc. Removing the htaccess file makes it secure again! Any Idea what can be happening?

      • Jay Versluis 3:45 pm on August 6, 2017 Permalink | Reply

        Hi Carl, no actually, that’s the first I’ve heard about it. I do know however that the new generation of browsers will report a non-secure website if the URL is a plain http rather than https. Since the last line of this ruleset creates a plain http re-write, perhaps it’s the reason for the browsers reporting an insecurity.

        Provided your website supports https and a certificate is installed properly, and WordPress is setup that way, you can try and create the .htaccess re-wrote so that it does a https instead of http in the last statement. Let me know what you find!

        • Carl 6:22 pm on August 6, 2017 Permalink | Reply

          Hey Jay, well it appears to solve it! Who’d have thought one bit of code would cause that! I changed to https on the top line too, just be doubly sure!

          I quite often get a non secure report if I don’t rebuild the cache after I have changed something in WordPress, and yes when I check the address it has changed from https to http. Not sure if that is a known thing or not, or what actually “decides” to drop the “s”, I am all very new to WP and website building in general. Thanks for your help, Carl.

    • denisdoyon 2:40 pm on August 22, 2017 Permalink | Reply

      This solution worked beautifully for me, with one exception. My WordPress site sells online music lessons, which include mp3 and pdf files. I recently discovered that people could Google these files, connect directly to them, and download them. Gasp!

      Your .htaccess solution prevents people who are not logged in to the site from doing this, which is probably 99.9% of the threat. However, if someone is logged into the site (they can create a free account in a minute) they can still access these files directly, even if they haven’t purchased that music lesson.

      Is there anything I could do to prevent this?

      Important PS for others using this solution: I cut and pasted the code above into my .htaccess file, and discovered that all images on the site (photos, site logo, etc.) were blocked unless the user was logged in. Not good. I removed the jpg and png extensions from the exclusion list (along with some others) and everything went back to normal.

      • Jay Versluis 12:09 pm on August 23, 2017 Permalink | Reply

        Hi Dennis,

        That’s not something you can do with an Apache rewrite rule. The rewrite rule only tells the web server “if the requested file is requested from this domain, and if the user is logged into WordPress, then serve it. Otherwise, redirect”. It was originally designed to block sites hot linking to files on your server.

        What you need is a membership plugin. They’re usually quite complex to setup and often integrate with a shopping cart solution, making the setup even more complex. One such solution is the excellent WP eMember by Tips and Tricks HQ. I’m using it successfully over on my iOS Dev Diary. Feel free to test drive it there (I’ll give you a refund when you’re done of course).

        Alternatively, if such a solution is overkill, I’d recommend an external service such as Gumroad.com. You can upload files and sell them, and your users need to login with them to download content. It’s super simple to use and avoids the overhead of integration and configuration.

        Hope this helps, and all the best!

    • SQ 11:33 pm on September 4, 2017 Permalink | Reply

      Seems to work fine for all files EXCEPT xlsx?

      Works on xls files
      Works on xlsm files (added additional file type)

      But, when accessing xlsx – It is still prompting to download…

      • Chrisuwien 3:13 pm on November 27, 2017 Permalink | Reply

        You have to add appropriate MIME-type to the .htaccess-file bevor the code:
        AddType application/vnd.ms-word.document.macroEnabled.12 .docm
        AddType application/vnd.openxmlformats-officedocument.wordprocessingml.document docx
        AddType application/vnd.openxmlformats-officedocument.wordprocessingml.template dotx
        AddType application/vnd.ms-powerpoint.template.macroEnabled.12 potm
        AddType application/vnd.openxmlformats-officedocument.presentationml.template potx
        AddType application/vnd.ms-powerpoint.addin.macroEnabled.12 ppam
        AddType application/vnd.ms-powerpoint.slideshow.macroEnabled.12 ppsm
        AddType application/vnd.openxmlformats-officedocument.presentationml.slideshow ppsx
        AddType application/vnd.ms-powerpoint.presentation.macroEnabled.12 pptm
        AddType application/vnd.openxmlformats-officedocument.presentationml.presentation pptx
        AddType application/vnd.ms-excel.addin.macroEnabled.12 xlam
        AddType application/vnd.ms-excel.sheet.binary.macroEnabled.12 xlsb
        AddType application/vnd.ms-excel.sheet.macroEnabled.12 xlsm
        AddType application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx
        AddType application/vnd.ms-excel.template.macroEnabled.12 xltm
        AddType application/vnd.openxmlformats-officedocument.spreadsheetml.template xltx

        • Jay Versluis 3:17 pm on November 27, 2017 Permalink | Reply

          Thank you so much for sharing this, Chris! Great 🙂

          • Chrisuwien 3:38 pm on November 27, 2017 Permalink

            Yeah… an addition to the main article: the .htaccess-file has to be in the wp-content/uploads folder! I guess if someone use year/month folders in each on has to be this file.

    • Venkata Shyam Kumar Gundala 1:37 pm on October 6, 2017 Permalink | Reply

      Thanks a lot.. It really helped me..

    • Axel 7:39 am on October 29, 2017 Permalink | Reply

      Why is the rule based on the file extension? Should‘t it be the sub folder? I would never put a PDF if GIF in the wordpress root but rather in /downloads.

    • Admin 9:56 am on December 14, 2017 Permalink | Reply

      Awesome! I would never leave here without dropping my comments.
      It worked perfectly like MAGIC! I have tried so many of this codes, but yours seems the only one that worked on my website.

      Actually, mine was for zip files so I moderated the code as shown below:

      RewriteEngine On
      RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourwebsite\.com/ [NC]
      RewriteCond %{REQUEST_URI} !hotlink\.(zip) [NC]
      RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
      RewriteRule .*\.(zip)$ http://yourwebsite.com/ [NC]


    • Admin 10:10 am on December 14, 2017 Permalink | Reply

      But i can no longer download the zip files directly from my website as it redirects to the homepage, can you help out?

      • Jay Versluis 11:44 am on January 20, 2018 Permalink | Reply

        Remember, the script works for everybody – including you! So for you to be able to download your own files, you must either be logged in, or use a link on your own website that links to those files.

        • Admin 8:10 am on May 20, 2018 Permalink | Reply

          Thanks Though, Please how do i enable hotlink so people can download a file only from my website as when the direct download link to the files is been shared, it should redirect to the homepage of my website.

          E.g Say i have a file named file.zip located at the wp-contents/uploads, Now i created a post on my website, http://www.mydomain.com/file-download and i dropped a download link to this file there. I only want people to download the file directly from my website. If the direct link to the file (eg. http://www.mydomain.com/file-download.zip) is to be shared to someone else, it should redirect to the homepage of my website.. Hope You Understand what i mean?

          • Jay Versluis 8:16 am on May 20, 2018 Permalink

            Hi Admin! You know, that is exactly what this code does. Anyone who would click on a hotlink to yourdomain.file-download.zip will be redirected to your front page and cannot download the file.

          • Admin 4:39 pm on May 20, 2018 Permalink

            @Jay Versluis: My Website dosen’t need someone to login before they can download on the website… What can i do now?

          • Jay Versluis 11:41 pm on May 20, 2018 Permalink

            From what you told me before, it sounded like this solution could work for you. But it has its limitations. If you’re serious about your file protection, look into a membership plugin (I’ve linked to one in the Alternatives section). There’s a big difference between the two approaches: this .htaccess solution is a quick and easy trick, but not 100% secure in all circumstances. A membership plugin is 100% secure, but comes with some additional setup and maintenance overheads – which might be overkill depending on your situation. Ultimately only you can decide what you need and what is important to you.

    • stepnyon 1:46 am on April 17, 2018 Permalink | Reply

      great thanks for this article.
      Can you explain me why it doesn’t with samsung tablet default internet browser or web browser.
      The same page with your .thaccess file is ok on samsung with firefox or samsung but not with default internet browser or web browser with mp3 or mp4 : it say:
      Media error:Format not supported or source not found
      Download Filt: http://xxxxx/wp-contnet/uploads/2014//04/xxxx.mp4?_=2
      If I remove the .Htaccess file the same page with same mp4 and mp3 is readeok
      Best regards

      • Jay Versluis 9:29 am on April 17, 2018 Permalink | Reply

        Hi stepnyon, I’m afraid I have no idea why that happens.

        • stepnyon 4:44 am on April 20, 2018 Permalink | Reply

          Thanks for the reply:
          In fact the prevent hotlinking works for pdf,jpg…but not for mp3 and mp4 on some browser:
          you can test it on safari on windows..If somebody has a solution…I’m here
          best regards

  • Jay Versluis 10:52 am on February 12, 2009 Permalink | Reply
    Tags: , , , , , Linux,   

    Categories: Linux ( 99 )   

    How to setup a Cron Job in Linux and Plesk 

    Wouldn’t it be great if something could be triggered even when you’re not around? Say once an hour, once a day, once a week or whenever you like in predetermined intervals?

    Then you want to do this with what’s known as a Cron Job, or Scheduled Task.

    Unfortunately, this is a bit beyond what WordPress can do, and it means getting down to the nitty gritty of the internal workings  of your server (after all, that’s where WordPress lives). Bear with me here, I’ll try my best to explain and show solutions.

    I’m using a Cron Job with Manu Flury’s excellent Photo Q Plugin. It posts one of my pictures over at http://www.versluis.com every so many hours. But for this to work properly, both the WordPress Plugin and my (Linux) server need to be setup correctly.

    Some WordPress Plugins (like Rob Felty’s Postie or Charles Johnson’s Feed WordPress) have similar functionality built in, but they rely on a visitor coming to your site at predetermined intervals. That’s not something you can control really. In most cases it works reliable enough for these plugins to work, however many others just don’t have that functionality, or require more accurate control. That’s where your Cron Job comes in.

    So what on earth is a Cron Job?

    In a nutshell, it’s a task that’s triggered at predetermined intervals. But it’s a bit like sitting in front of a Linux Prompt on your SSH connection, and all you have at your displosal is a keyboard with a black screen and white text to type in. What’s worse, your server doesn’t speak “WordPress”, or PHP for that matter. So all you can do really is to give him Linux commands.

    In all likelyhood, you probably want to call a PHP file so that WordPress does something for you (such as check if it’s time for a new post, or maybe a database backup). And you can’t just tell Linux to go to that file, becasue it wouldn’t know what to do with it. I’ve tried this without success many times over (they nearly put me in a mental institution, seriously… I can assure you I’m much better now though).

    So you need to find a command that calls your PHP file as if it were a browser. Lucky for us, the command “wget” will do the trick.

    Wget is really designed for downloading a file to your server, but it’ll work fine for triggering a PHP file, just as a browser would do. The command for calling the Photo Q file for example looks like this:

    /usr/bin/wget -O - -q -t 1 http://www.yourdomain.com/wimpq-cronpost.php

    Confused? Don’t be! Let me explain:

    • “/usr/bin/wget” tells the server where the wget command is (it’s a path to a file if you hadn’t guessed)
    • “-O – -q -t -1” are some random parameters, let’s not concern ourselves with those right now (if you really want to find out, type in “wget –help” at your SSH prompt)
    • http://www.yourdomain.com/wimpq-cronpost.php” is the actual file you want to call, just like what you’d type into your browser

    Now that we know how to call upon a PHP file from our command prompt, we need to tell our server to do this without us being there, and at what times he needs to do this. He’ll be more than happy to oblige, after all, that’s what he was designed to do.

    How to setup a Cron Job in Plesk

    I’ll focus on how to do this in Plesk 9 here, which refers to it as Scheduled Tasks (earlier versions of Plesk call it Crontab).

    Here’s how you get there:

    • from the main menu on the left, select HOME
    • select DOMAINS
    • select the DOMAIN you want to run this task on
    • under Additional Tools, select SCHEDULED TASKS
    • choose the SYSTEM USER you would like this task to be run as
    • select SCHEDULE NEW TASK

    OK, this was complicated enough to figure out – now comes the part nobody ever really talks about. It’s hard to explain, so please bear with me if I’m not making a whole lot of sense at first. In essence, you’re telling your server WHEN to do something, followed by WHAT to do.

    • Each field requires an entry. Don’t leave them blank.
    • The first tick box is to “switch on” the task. That’s what you want, unless you want to suspend the task. Tick it for now.
    • Now tell your server WHEN your task shall be run.
    • a “*” (i.e. star or asterisk) means “every”. So a star in minute would run the task “every minute”, likewise for hours and days of the month
    • You can also create the command “*/5” if you want your task run every 5 hours, every 5 days, every 5 minutes – you get the drift
    • Alternatively, put in the specific date (i.e. “Monday” and “17” for Monday at 5pm)

    After all that, you’re left with one last line, which is the actual command or task you’d like to be run.

    Like I explained above, for a PHP file to be called, use the wget command like so:

    /usr/bin/wget -O - -q -t 1 http://www.yourdomain.com/wimpq-cronpost.php

    Obviously change the path to your file, including “http://”

    Click OK on the bottom and your task should be setup. No need to reboot anything.

    If at any time you feel you want to amend the task, you can do so by just modifying the parameters, or uncheck the “run task” tickbox to suspend the task completely.

    If you want to know even MORE about Cron Jobs, check this out:


    Good Luck, and have fun 😉

  • Jay Versluis 4:20 pm on February 9, 2009 Permalink | Reply
    Tags: , , , , , Linux, ,   

    Categories: Domains and Hosting ( 4 )   

    What is a CRON Job? 

    Although I’ve been dealing with webshoting and webdesign since 1995, it took me a whilw to figure this one out. If you’re used to shared shosting packages, it’s likely that you’ve never come in contact with this. Hence, this article is aimed at people who don’t know what it is.

    As explained in Wikipedia:

    Cron is the name of a program that enables unix users to execute commands or scripts (groups of commands) automatically at a specified time/date. It is normally used for sys admin commands, like makewhatis, which builds a search database for the man -k command, or for running a backup script, but can be used for anything. A common use for it today is connecting to the internet and downloading your email.

    So a cronjob is a scheduled action, which is executed by and on your web server. WordPress itself doesn’t do this for you. It’s like having a monkey sitting at a command prompt, typing something in every minute/hour/day – in regular intervals – you get the drift.

    In order to setup this automatic execution, you need to be in control of your own dedicated or virtual server. If you’re on shared a shared hosting plain, you can ask your provider to setup a cron job for you. Just tell them “I want (this particular file in this particular directory) executed every Thursday evening at 9”. Otherwise, use your own administrative panel (like Plesk or Webmin) to set this up.

    Want to know how? Read the following article: How to setup a Cron Job?

Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc