Software

Category: Software

Setting up SSL on Amazon Linux Instance under EC2

Hopefully if you do it right, you too will see a positive Qualys report after you follow these steps.

Previously, the easiest way to add an SSL certificate to an EC2 instance (and still the Amazon recommended way it appears) has been to create a certificate (free) from Amazon through the certificate manager and then adding that cert to a CloudFront or ELB instance (both of which cost money).

I’ve been successful in using LetsEncrypt to provide SSL for websites running under Windows Server in EC2 using the fantastic Windows ACME Simple (WACS) (previously known as letsencrypt-win-simple (LEWS)). If this is your need, you can always grab the lastest instance on GitHub.

I never seemed to find the correct set of steps to do this on the Amazon Linux instances. However, due to the work of Lawrence McDaniel, I discovered this blog post. He walks you through step by step on how to install mod24_ssl, CertBot (from EFF) and then how to run CertBot to create and install a LetsEncrypt SSL cert on one or more sites on your Apache-served Amazon Linux instance. He also shows you how to use crontab to set up a recurring job to renew the certificates on a regular basis (a necessity since LetsEncrypt certificates expire after 90 days.

Well done Lawrence!

BTW – crontab defaults to vi as the editor. If you aren’t used to using this beast (I know, some people love it) what you really need to know is that you press the letter i on your keyboard to enter INSERT mode so you can edit the file, hit ESC to exit the INSERT mode and then enter “:wq” (without the quotes of course) to write and quite (save and exit) or just “:q” to quit without saving your changes.

First OS Contribution Goes Live

My first contribution to someone else’s open source project has been accepted and gone live! To be fair, it was my first attempt at contributing and I can assure you it won’t be my last.

The project is the WordPress plugin List Category Post. We found ourselves using this a lot on client sites but for a number of reasons, many of the articles we are generating for clients don’t use the Featured Image functionality (which is what drives the thumbnails in this tool). So, I submitted a pull request that modified the thumbnail so that if Featured Image is not found, the thumbnail would be generated from the first image found in the body of the post.

The project maintainer picandocodigo extended this even further by triggering the use of the found image only when a user adds parameter of force_thumbnail=true (or yes) is added to the shortcode or function call.

You can see the commit notes here: https://github.com/picandocodigo/List-Category-Posts/commit/464079ce456141e51a361c270f9063dcf6e498d0

lcp Commit Notes

Of course our open source project InfusionSoftDotNet is still alive…

Billboard claiming that Chrome is the fastest browser

How to Put Pep Back Into Chrome’s Step

Tired of watching Chrome get slower and slower every day? If you are like me, you fell in love with it’s clean, simple design philosophy and the ecosystem around it (Extensions, Apps, etc) but let’s be honest, it truly is about the speed! The slowness was largely limited to the Omnibox but also seemed to plague File Open dialog in Chrome which lead me down the road of thinking it was a problem with Chrome and my SSD drive.

According to Make Use Of blog, the folder %localappdata%\Google\Chrome\User Data\Default is the key to the problem. I’ve uninstalled, re-installed, turned off extenstions and apps, deleted caches; all to no avail. I was about to put a bullet in this ol’ dog until I stumbled on this article.  I gave it a shot and it fixed it, with a few caveats.

Some things to consider when deleting the files in the folder above:

  • Bookmarks – In the folder, there is a file called Bookmarks that contains, not surprisingly, all of your bookmarks. Deleting all this data ’cause my collection of bookmarks and bookmarklets to disapear. Oddly enough, even logging into Chrome didn’t return them from my profile (wonder if they were just local and I hadn’t previously been logged into Chrome) so I went digging through the trash to see if I could find the file. I closed Chrome, restored the file from the trash and then reloaded chrome and my Bookmarks are now back. (Note that it took a little while after signing in but extensions started showing up shortly so perhaps had I been more patient, this step would not have been necessary.)
  • Web Apps – Similarly, all of my Chrome Apps were gone so I went looking for a similarly named file or folder to restore. I tried Web Applications and that didn’t seem to resolve the problem. However, within 5 minutes or so of signing in the apps appeared back where they belonged

So, if you truly do want to reset your Chrome Clock back to day one, go ahead and delete the whole folder. If you want the most seamless experience when you re-open it and you haven’t previously logged into Chrome with your primary account, go ahead and do so now so that after you “nuke it from orbit”, you can restore the settings that you want.

Anyone else been frustrated to no end by Chrome over time? Let me know in the comments below.

 

Image courtesy of Elliot Brown at Flickr used under CC BY 2.0

Image of locks

Locked out of WordPress? Create new Admin Account via FTP

Have you ever found yourself locked out of your WordPress admin-level account and email recovery won’t work for you? Well, if you have FTP access, you can create a new account that will get you into the system and allow you to set things right.

By placing the following code into a plugin folder or adding it to the current theme’s functions.php file, a new user will be added to WordPress as soon as the next page is drawn on your site.

function add_admin_acct(){
$login = 'myacct1';
$passw = 'mypass1';
$email = 'myacct1@mydomain.com';

if ( !username_exists( $login ) && !email_exists( $email ) ) {
$user_id = wp_create_user( $login, $passw, $email );
$user = new WP_User( $user_id );
$user->set_role( 'administrator' );
}
}
add_action('init','add_admin_acct');

As you can imagine, this is pretty scary stuff so ensure that you remove these lines of code from your site as soon as you’ve been able to log into the site. Oh, and guard FTP access credentials to your site to ensure some bad guy doesn’t do the same thing to get access to YOUR site. That means no more FTP while on WiFi at Starbucks or other public hotspot unless you are running over a VPN to secure your connections!

Tip found on Stephanis.info.
Image © Copyright RAY JONES and licensed for reuse under this Creative Commons Licence

Custom Redirects in .htaccess Disappearing from WordPress Site?

A number of WordPress that we manage have been “losing” the custom 301 directives that we or our clients have been putting into the .htaccess file. This has been a very random and disconcerting issue.

Recently, we discovered that this was happening whenever someone saved the Permalinks Settings in WordPress.

Alternative solution? Make the file read-only until you need to edit it again. Or at least set up the permissions so that the webserver can’t overwrite the file. Problem solved…

In most cases this means setting the permissions on this file to 660 or 644 as described in this Codex article.

Tracking Session Variables in WordPress

Recently, a discussion came up about some new feature that will need to be added to a client website and it quickly became clear that we need to track the some variables in the session state. Now, I had always been told that WordPress, in trying to present a stateless solution, didn’t support tracking sessions variables without custom cookies.

Well after a little Googling (thank you Larry and Sergey) i found the following article on Session Variables in WordPress and it has a very elegant and simple solution to the problem.

Just add the following code to your theme’s function.php and you are good to go:
function THEMENAME_init_session()
{
session_start();
}
add_action('init', 'THEMENAME_init_session', 1);

This is exactly what I needed so now we’ll be able to store and access $_SESSION[] variables.