Tag: SSH

Getting an A+ SSL Rating on Nginx Apache Server
Saturday 8 August 15:18
Getting A+ SSL Rating on Apache

Getting an A+ SSL Rating on Lightsail is just a 5-minute task,

It’s only turning off old versions of SSL from your configuration file.

Getting a free SSL is well documented by the lightsail team here, in a 9 Step Tutorial, if you have not got an SSL please get one,

SSL improves your SEO, maintains trust for the visitor and is a must for any website in 2020.

After reading this post from Qualys, searching some more articles

I could make out that getting A+ SSL rating and not allowing the previous versions of SSL on a website or a blog is both good for your SEO Strategy and Security part.

So, here it is Get your site checked here on the Qualys Tool For SSL it’s Free!

Here is a screenshot of a test when I just started this blog and was continuously improving on its security, SEO, and everything I could do for achieving a simple, secure and a pro website.

Getting the same as an A+ was just a 5 minutes task, from start to finish on a lightsail hosted website, using apache server, with bitnami image of wordpress.

Here’s how I got this from B to A+

Just head over to your SSH Window and start with :

sudo nano /opt/bitnami/apache2/conf/bitnami/bitnami.conf

Soon you are into editing the bitnami.conf file, so we have to just turn off the old versions of SSL

Find this line with “CTRL+W”, or whatever that line reads near SSL Protocol

SSLProtocol all -SSLv2 -SSLv3

Change the same to

SSLProtocol TLSv1.2

CTRL+O to write out and CTRL+X to Exit

Restart the Apache

sudo /opt/bitnami/ctlscript.sh restart

Getting A+ SSL Rating Nginx Server

sudo nano /etc/nginx/nginx.conf

Change the lines that start with #SSL Settings to Exactly the code below this would also add the session timeout and Strict Security Header :
```
    ##

    ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ##
```
Once done just restart your server with :

sudo service nginx reload && sudo service nginx restart

This gives A+ SSL Rating.

SSL is a must if you use AMP on your WordPress Blog. , Also here’s a collection of some website testing tools that I keep on updating.

HSTS Preload on NGINX Server
```
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always;
```
This gives you a HSTS Header on your site, if you use Nginx Server, Enrolling to HSTS list is good for your sites security, this enables browsers to understand that your site is only served on a secured connection.

You can enrol here for HSTS, First, you need to test on the same link then Enroll the domain.

HSTS Preload on APACHE Server

Mod Headers Looks Like :

First, enable mod headers in your httpd.conf file,

you can find in the /etc/apache2/httpd.conf :
```
LoadModule headers_module modules/mod_headers.so
```
then simply add the below line in your virtual host’s file.
```
<VirtualHost *:443>
...
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
...
</VirtualHost>
```
August 8, 2020
WordPress SSL on MacOs Step By Step
WordPress SSL on MacOS: Step-by-Step Guide to Secure Your Localhost

Securing your WordPress site with SSL on MacOS is essential, even when working on a localhost. SSL (Secure Sockets Layer) encrypts data between your browser and server, ensuring a secure connection. In this guide, we’ll walk you through the steps to install WordPress SSL on MacOS for your localhost environment. By the end, you’ll have a fully secure WordPress setup ready for development or testing.

Why Install SSL on WordPress Localhost?

Even though your localhost isn’t publicly accessible, adding SSL on MacOS offers several benefits:
- Secure Testing: Simulate a live environment with HTTPS for testing plugins, themes, and features.
- Avoid Mixed Content Warnings: Prevent issues when migrating your site to a live server.
- Prepare for Production: Ensure your site is production-ready with SSL configured from the start.
Step 1: Set Up Localhost on MacOS

Before installing SSL, ensure your localhost environment is set up. If you haven’t done this yet, follow our detailed guide on setting up localhost on MacOS Catalina. This guide covers installing tools like MAMP or Local by Flywheel, which are essential for running WordPress locally.

Step 2: Generate SSL Certificates

To enable SSL on MacOS, you’ll need SSL certificates. Here’s how to generate them:

Using MAMP Pro
1. Open MAMP Pro and select your WordPress site.
2. Go to the Hosts tab and click SSL.
3. Check the box for Enable SSL and generate a self-signed certificate.
Using Local by Flywheel
1. Open Local by Flywheel and select your WordPress site.
2. Click on SSL in the left-hand menu.
3. Toggle the switch to enable SSL. Local will automatically generate and install the certificates.
Step 3: Configure WordPress to Use SSL

Once SSL certificates are generated, configure WordPress to use HTTPS:
1. Open your WordPress site in a browser.
2. Log in to the WordPress admin dashboard.
3. Go to Settings > General.
4. Update the WordPress Address (URL) and Site Address (URL) to use https:// instead of http://.
5. Save the changes.
Step 4: Fix Mixed Content Issues

After enabling SSL, you may encounter mixed content warnings (HTTP resources on an HTTPS page). Here’s how to fix them:
1. Install the Really Simple SSL plugin.
2. Activate the plugin, and it will automatically detect your SSL certificate and fix mixed content issues.
3. Verify your site by visiting it in a browser. The padlock icon should appear in the address bar.
Step 5: Test Your SSL Configuration

To ensure your WordPress SSL on MacOS is working correctly:
1. Visit your site using https://.
2. Check for the padlock icon in the browser’s address bar.
3. Use tools like SSL Labs’ SSL Test (opens in new tab) to validate your SSL configuration.
Best Practices for SSL on Localhost
- Use Trusted Tools: Tools like MAMP Pro and Local by Flywheel simplify SSL setup.
- Regularly Update Certificates: Self-signed certificates may expire. Regenerate them periodically.
- Test Thoroughly: Ensure all plugins and themes work correctly with HTTPS.
Final Thoughts

Installing WordPress SSL on MacOS for your localhost environment is a straightforward process that enhances security and prepares your site for production. By following the steps above, you can ensure a seamless transition to HTTPS and avoid common pitfalls.

For more detailed instructions on setting up localhost, check out our guide on localhost setup for MacOS Catalina.

Key Takeaways
- SSL is essential for secure testing and preparing your WordPress site for production.
- Tools like MAMP Pro and Local by Flywheel simplify SSL setup on MacOS.
- Use plugins like Really Simple SSL to fix mixed content issues.
- Regularly test and update your SSL configuration to ensure security.
Have you set up WordPress SSL on MacOS? Share your experience or ask questions in the comments below! For more WordPress tips and tutorials, visit Netnaps.

For more details on setting up localhost, check out our guide on localhost
August 4, 2020
Easy Steps to Install WordPress on Localhost Using macOS: A Beginner’s Guide
Installing WordPress on your localhost is a fantastic way to build, test, and experiment with websites without needing a live server. Whether you’re learning WordPress, developing a new theme, or testing plugins, running WordPress locally on your macOS is simple and efficient. This step-by-step guide will walk you through the process, even if you’re not a techie. By the end, you’ll have a fully functional WordPress site running on your Mac!

Why Install WordPress on Localhost?
1. Offline Development: Work on your website without an internet connection.
2. Safe Testing: Experiment with themes, plugins, and code without affecting a live site.
3. Faster Workflow: No need to upload files to a remote server, saving time.
4. Cost-Effective: No hosting fees required.
Tools You’ll Need

To install WordPress on macOS, you’ll need:
1. MAMP (Mac, Apache, MySQL, PHP): A free tool to set up a local server environment.
2. WordPress: The latest version of WordPress from wordpress.org.
Step-by-Step Guide to Install WordPress on macOS

Follow these easy steps to set up WordPress on your localhost:

Step 1: Download and Install MAMP
1. Go to the MAMP website.
2. Download the free version of MAMP for macOS.
3. Open the downloaded .pkg file and follow the installation instructions.
4. Once installed, launch MAMP from your Applications folder.
Step 2: Start the MAMP Server
1. Open MAMP and click Start Servers.
- This will start Apache (web server) and MySQL (database server).
1. Open your browser and go to:
```
   http://localhost:8888
```
You should see the MAMP welcome page, confirming the server is running.

Step 3: Create a Database for WordPress
1. In MAMP, click Open WebStart page or go to:
```
   http://localhost:8888/phpMyAdmin
```
1. Log in to phpMyAdmin (username: root, password: root).
2. Click Databases at the top.
3. Enter a name for your database (e.g., wordpress_local) and click Create.
Step 4: Download and Set Up WordPress
1. Download the latest version of WordPress from wordpress.org.
2. Extract the downloaded .zip file.
3. Rename the extracted folder to your project name (e.g., mywordpresssite).
4. Move the folder to the MAMP htdocs directory:
```
   /Applications/MAMP/htdocs/
```
Step 5: Configure WordPress
1. Open your browser and go to:
```
   http://localhost:8888/mywordpresssite
```
Replace mywordpresssite with the name of your folder.
1. Select your language and click Continue.
2. On the next screen, click Let’s go.
3. Enter the following database details:
- Database Name: The name you created earlier (e.g., wordpress_local).
- Username: root
- Password: root
- Database Host: localhost
- Table Prefix: Leave as wp_ (or change it if needed).
1. Click Submit.
2. If the connection is successful, click Run the installation.
Step 6: Complete the WordPress Installation
1. Enter the following details:
- Site Title: Name of your website (e.g., My Local Site).
- Username: Choose a username for your WordPress admin.
- Password: Set a strong password.
- Your Email: Enter your email address.
1. Click Install WordPress.
2. Once the installation is complete, click Log In.
3. Log in with your username and password.
Step 7: Access Your Local WordPress Site
1. Your WordPress site is now live on localhost! You can access it at:
```
   http://localhost:8888/mywordpresssite
```
1. To access the admin dashboard, go to:
```
   http://localhost:8888/mywordpresssite/wp-admin
```
Additional Tips for Running WordPress Locally
1. Organize Your Projects: Create separate folders in htdocs for each WordPress site.
2. Use a Code Editor: Use tools like Visual Studio Code or Sublime Text to edit your WordPress files.
3. Install Themes and Plugins: Experiment with free or premium themes and plugins to customize your site.
4. Backup Your Site: Use plugins like Duplicator to back up your local site before making major changes.
Troubleshooting Common Issues
1. Port Conflict: If port 8888 is already in use, change the port in MAMP settings:
- Go to Preferences > Ports and set Apache to a different port (e.g., 8080).
1. Database Connection Error: Double-check your database name, username, and password in wp-config.php.
2. White Screen of Death: This usually happens due to a plugin or theme conflict. Disable plugins or switch to a default theme.
Conclusion

Installing WordPress on localhost using macOS is a straightforward process that opens up endless possibilities for learning and development. With tools like MAMP, you can create a fully functional WordPress site in just a few steps. Whether you’re a beginner or an experienced developer, running WordPress locally is a valuable skill that can save you time and effort.

Have you set up WordPress on localhost before? Share your experience or ask questions in the comments below!
August 3, 2020
SSH Command Collection for WordPress on Amazon Lightsail
SSH Command Collection for WordPress on Amazon Lightsail: A Beginner’s Guide

Managing a WordPress site on Amazon Lightsail requires more than just a basic understanding of the platform. SSH (Secure Shell) is a powerful tool that allows you to interact with your server directly, perform maintenance tasks, upgrade software, and troubleshoot issues. Whether you’re a beginner or an experienced user, having a handy collection of SSH commands can save you time and effort. In this article, we’ll cover essential SSH commands for WordPress users, including maintenance, upgrades, SSL configuration, and more.

Why SSH is Crucial for WordPress on Amazon Lightsail

SSH is a secure protocol that lets you access your server’s command line interface (CLI). For WordPress users on Amazon Lightsail, SSH is invaluable for:
- Performing server maintenance.
- Upgrading WordPress core, plugins, and themes.
- Configuring SSL certificates.
- Debugging and troubleshooting issues.
- Managing files and databases.
How to Connect to Amazon Lightsail via SSH

Before diving into the commands, you need to connect to your Lightsail instance:
1. Download your private key from the Lightsail console.
2. Open your terminal (on macOS/Linux) or use an SSH client like PuTTY (on Windows).
3. Run the following command:
```
   ssh -i /path/to/your/private-key.pem bitnami@your-server-ip
```
Replace /path/to/your/private-key.pem with the path to your private key and your-server-ip with your server’s public IP address.

Essential SSH Commands for WordPress on Amazon Lightsail

Here’s a comprehensive list of SSH commands categorized for easy reference:

1. Basic Navigation and File Management
- pwd
  Explanation: Print the current working directory.
  Use Case: Find out where you are in the file system.
- ls
  Explanation: List files and directories in the current folder.
  Use Case: View the contents of a directory.
- cd /path/to/directory
  Explanation: Change the current directory.
  Use Case: Navigate to a specific folder.
- touch filename.txt
  Explanation: Create an empty file.
  Use Case: Quickly create a new file.
- mkdir foldername
  Explanation: Create a new directory.
  Use Case: Organize files into folders.
- rm filename.txt
  Explanation: Delete a file.
  Use Case: Remove unnecessary files.
- rm -r foldername
  Explanation: Delete a directory and its contents.
  Use Case: Remove an entire folder.
- cp file1.txt file2.txt
  Explanation: Copy a file.
  Use Case: Duplicate files for backup or editing.
- mv file1.txt /new/location/file1.txt
  Explanation: Move or rename a file.
  Use Case: Reorganize files or change their names.
2. File Editing and Permissions
- nano filename.txt
  Explanation: Open a file in the Nano text editor.
  Use Case: Edit configuration files or scripts.
- cat filename.txt
  Explanation: Display the contents of a file.
  Use Case: Quickly view file content.
- chmod 644 filename.txt
  Explanation: Change file permissions.
  Use Case: Set read/write permissions for files.
- chown user:group filename.txt
  Explanation: Change file ownership.
  Use Case: Assign ownership to specific users or groups.
3. WordPress-Specific Commands
- wp --info
  Explanation: Check if WP-CLI is installed and view its details.
  Use Case: Verify WP-CLI availability.
- wp core update
  Explanation: Update WordPress core.
  Use Case: Keep your WordPress installation up to date.
- wp plugin update --all
  Explanation: Update all installed plugins.
  Use Case: Ensure plugins are running the latest versions.
- wp theme update --all
  Explanation: Update all installed themes.
  Use Case: Keep themes updated for security and performance.
- wp db export backup.sql
  Explanation: Export the WordPress database.
  Use Case: Create a database backup.
- wp db import backup.sql
  Explanation: Import a database backup.
  Use Case: Restore your database.
4. Server Maintenance
- sudo apt update
  Explanation: Update the package list.
  Use Case: Ensure your server has the latest package information.
- sudo apt upgrade
  Explanation: Upgrade installed packages.
  Use Case: Keep your server software up to date.
- sudo service apache2 restart
  Explanation: Restart the Apache web server.
  Use Case: Apply changes to server configurations.
- sudo service mysql restart
  Explanation: Restart the MySQL database server.
  Use Case: Refresh the database service.
- df -h
  Explanation: Display disk space usage.
  Use Case: Monitor server storage.
- top
  Explanation: View real-time system processes.
  Use Case: Identify resource-heavy processes.
5. SSL Configuration
- sudo certbot --apache
  Explanation: Install an SSL certificate using Certbot.
  Use Case: Secure your site with HTTPS.
- sudo certbot renew --dry-run
  Explanation: Test SSL certificate renewal.
  Use Case: Ensure your SSL certificates renew automatically.
6. Debugging and Logs
- tail -f /var/log/apache2/error.log
  Explanation: View the Apache error log in real-time.
  Use Case: Debug server errors.
- tail -f /opt/bitnami/wordpress/wp-content/debug.log
  Explanation: View the WordPress debug log.
  Use Case: Troubleshoot WordPress-specific issues.
Tips for Using SSH Commands Safely
1. Backup Before Making Changes: Always back up your site and database before running commands that modify files or settings.
2. Use Sudo Wisely: The sudo command grants administrative privileges. Use it carefully to avoid accidental changes.
3. Test Commands: Test commands on a staging site before applying them to your live site.
4. Keep Learning: Explore advanced commands and scripting to automate tasks.
Conclusion

SSH is an indispensable tool for managing your WordPress site on Amazon Lightsail. With this collection of essential SSH commands, you can handle everything from basic file management to advanced server maintenance, upgrades, and SSL configuration. Whether you’re a beginner or an experienced user, these commands will help you take control of your server and optimize your website’s performance.

Have you used any of these commands before? Share your experience or ask questions in the comments below!
August 1, 2020