Renewing (an expired?) Let’s Encrypt SSL certificate with Easy Engine

The routine is expected to be as follows:

Right? Well, yes, if your environment is up-to-date.  Result of the last command should be like:

Renewing SSl cert for
Reload : nginx [OK]
SUCCESS: Certificate was successfully renewed For
Your cert will expire within 89 days.
Expiration DATE: Tue Sep 12 08:23:00 UTC 2017

You might come up to this problem, though:

Renewing SSl cert for
ERROR : Cannot RENEW SSL cert !
Your current cert already EXPIRED !
Check logs for reason tail /var/log/ee/ee.log & Try Again!!!

Let’s have a look at the logs then! Do you find there a line, stating like setuptools pkg_resources pip wheel failed with error code 1 ?

If so, then here is what you have to try:

  1. Check if this solved the issues. Some people were happy to find it as a sole solution of the problem:
  2. If that didn’t help, maybe this:
  3. Here comes the long shot (which helped me personally):

Running the command for renewing the certificate should work just fine this time.

Activating Let’s Encrypt SSL certificate on a site run by Easy Engine

Say we have a site on Easy Engine v3.7.4 setup that is not encrypted. We want to get it running under HTTPS protocol, right?

Let’s Encrypt seems to be the fastest, easiest and cheapest way to go. So here we go, the command is rather simple:

Well, that’s cool, but we might get a error, stating that:

It would sometimes help to see the logs:

If we don’t quite have a clue what’s going on there, there are several things we should try fixing or doing:

  1. Create an CNAME for a www subdomain of your domain, looking in the same direction. If you can’t access your site on the same server both with and without www, then Easy Engine won’t install Let’s Encrypt at all.
  2. Install Let’s Encrypt. Yes, seriously, it might be the case that Easy Engine didn’t install it. Here is the command for this:
  3. Get your locales straight. I didn’t believe this could be yet another reason for blocking Easy Engine’s command from finishing correctly, but it actually was:

Doing all of these should higher your chances for a successful installation of Let’s Encrypt for the website. This might not be the end of your sufferings, though. Restart your web server and have a look at your site:

If Chrome is giving you a  ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY on https and on http you are missing all local resources, apart from the html and probably some remote scripts or images from a CDN, or you are getting more or less the same behaviour from Firefox with this error NS_ERROR_NET_INADEQUATE_SECURITY, then you need to do one more thing. Add some funny-looking lines to your ssl.conf file:

There would be several lines of stuff there. Something like this:

Well, this is obviously not enough, is it now? Let’s add this:

This should do the trick and you should have a smoothly running website under Let’s Encrypt’s protection.

Solution for cPanel and WHM being stuck on updates

It happens, although pretty rarely, for updates of WHM and cPanel to fail. Then you can access any of their pages and you are prompted to reload the page as if this would fix it.

Solution for me was just to run the following command as root in a SSH session on the server:

My output looked like this:

[2017-04-15 22:22:07 +0300]
[2017-04-15 22:22:07 +0300] Problems were detected with cPanel-provided files which are RPM controlled.
[2017-04-15 22:22:07 +0300] If you did not make these changes intentionally, you can correct them by running:
[2017-04-15 22:22:07 +0300]
[2017-04-15 22:22:07 +0300] > /usr/local/cpanel/scripts/check_cpanel_rpms –fix
[2017-04-15 22:22:07 +0300] The following RPMs are missing from your system:
[2017-04-15 22:22:07 +0300] cpanel-perl-524-Cpanel-Optimizer-0.2-1.cp1162
orepair fix_duplicate_cpanel_rpmsel/scripts/check_cpanel_rpms –fix /scripts/aut
[2017-04-15 22:27:38 +0300]
[2017-04-15 22:27:38 +0300] Problems were detected with cPanel-provided files which are RPM controlled.
[2017-04-15 22:27:38 +0300] If you did not make these changes intentionally, you can correct them by running:
[2017-04-15 22:27:38 +0300]
[2017-04-15 22:27:38 +0300] > /usr/local/cpanel/scripts/check_cpanel_rpms –fix
[2017-04-15 22:27:38 +0300] The following RPMs are missing from your system:
[2017-04-15 22:27:38 +0300] cpanel-perl-524-Cpanel-Optimizer-0.2-1.cp1162
[2017-04-15 22:34:11 +0300] Removing 0 broken rpms:
[2017-04-15 22:34:11 +0300] rpm: no packages given for erase
[2017-04-15 22:34:18 +0300] Downloading
[2017-04-15 22:34:19 +0300] Successfully verified signature for cpanel (key types: release).
[2017-04-15 22:34:19 +0300] Downloading
[2017-04-15 22:34:20 +0300] Disabling service monitoring.
[2017-04-15 22:34:42 +0300] Hooks system enabled.
[2017-04-15 22:34:42 +0300] Checking for and running RPM::Versions ‘pre’ hooks for any RPMs about to be installed
[2017-04-15 22:34:42 +0300] All required ‘pre’ hooks have been run
[2017-04-15 22:34:43 +0300] No RPMS need to be uninstalled
[2017-04-15 22:34:43 +0300] Installing new rpms: cpanel-perl-524-Cpanel-Optimizer-0.2-1.cp1162.x86_64.rpm
[2017-04-15 22:34:44 +0300] Preparing packages for installation…
[2017-04-15 22:34:44 +0300] cpanel-perl-524-Cpanel-Optimizer-0.2-1.cp1162
[2017-04-15 22:34:45 +0300] Hooks system enabled.
[2017-04-15 22:34:45 +0300] Checking for and running RPM::Versions ‘post’ hooks for any RPMs about to be installed
[2017-04-15 22:34:45 +0300] All required ‘post’ hooks have been run
[2017-04-15 22:34:45 +0300] Restoring service monitoring.

Obviously, you’ll have to wait some time before the process ends, so don’t be too hasty at calling it hanging.

If this doesn’t help, you should have a look at this support thread.

Recursively replacing or removing a string from text files in a directory

I had a client with 3 WordPress sites hacked, having injected a dirty ad redirect in every possible javascript file of these sites. Around 1500 files were infected with one and the same script, so the best solution for curing them would be to remove that specific line that was causing all the trouble. Following set of bash commands did the trick, replacing all occurrences of OLD_STRING with NEW_STRING, in my case OLD being the beginning of the bad line of code and NEW being just //. As the rest of the malicious line was too complex to cover with a simple expression in the code below, I just opted for commenting the code instead of removing it totally.


Scanning and cleaning a Linux machine (server or desktop) with ClamAV antivirus

A client of mine got some infected emails in their mail server, leading to infected Thunderbird on Windows, crashing the whole operating system. In order to clean up the mess, I had to scan the mail server and remove the emails that were spreading the virus. ClamAV turns out to be a pretty good option for scanning and cleaning Linux for known infections.

Installation command is as simple as this:

On Debian based distros (Ubuntu, Mint and others):

On CentOS and Fedora is:

First thing after installation is to update the definitions:

Here comes the good part – scanning with moving infected files to another directory, logging the whole process and running it in the background:

Some explanation would be helpful, although it might seem obvious to most. -r is for recursive scanning under the current directory. -i logs only infected files, otherwise you’ll have your terminal flooded with ‘filename – OK’ lines. –move=/some/directory/address would be the place you’ll have all infected files moved and –remove would be the flag for extermination of the infected files. Needless to say, you won’t be able to restore them easily after removing them. /some/place/bad/ is the location that you’ll be scanning. If you don’t want to see any output from the command, use > /address/and/name/of-a-file.log . Furthermore, adding at the end will let the process run in the background.

If you want to monitor the process at some point, you can always run this:

Stop it by Ctrl + C, when you see the summary of the scan or you get fed up of almost useless info.

The image is distributed under Creative Commons Attribution-NoDerivs 2.5 Generic (CC BY-ND 2.5)

Transliterate cyrillic permalinks

Everyone living in a country that’s using a cyrillic script knows the pain of having to work with a cyrillic URL in Firefox, having to switch layouts when typing an address, all the SEO implications and just how plain ugly it is to have mixed scripts in your “pretty” permalinks.

One solution to this is to edit your permalinks to something sane while creating the post.

Ain’t nobody got time for that.

There are 3 plugins I’ve used in the last couple of years with varying levels of success.

  1. Cyr3Lat(Cyr to Lat enhanced) – Works great for the most part, goes through all your previous posts and transliterates any cyrillic characters. Unfortunately it doesn’t like WPML and the end result is completely messed up URLs. Not irreversible but still kind of annoying. The last update(as of the time of writing this – January 2017 ) was more than two years ago. Looks like there is no activity from the author in the support forums either.
  2. Bulglish permalinks – targeted specifically for bulgarian, the transliteration for other cyrillic languages will probably be close enough but probably not 100% accurate. This one changes the permalinks only for posts, published after its installation. In other words – it doesn’t scan and fix your old posts’ slugs. Also, it appears to have an issue with multisite installs, although I’ve tested it only on one site(didn’t work at all), so it *may* have been a site issue. I doubt it though. The author is active(as of Jan 2017) and seems to respond to support threads. It’s a great, really simple and light plugin to activate on new installs and forget about.
  3. WP Translitera – Found this one recently when both of the above refused to cooperate on a site I was working on. The author responded to my request for bg_BG locale within a couple of days and the plugin seems to get updates regularly. Also, unlike both of the above, this plugin has a very simple settings page, containing a section for converting the slugs of your previous content(post, pages etc.) and a couple of settings(checkboxes) which honestly I haven’t used or tested yet with the exception of the ‘Use forces transliteration for title’. I’m not sure what forces it uses but this setting fixes the WPML issue(that same one I mentioned for cyr3lat).




UpiCRM – Leads are everything!

About Leads

Everything revolves around leads. Which is not necessarily a bad thing. As WordPress developers, though, we avoid this one, as it doesn’t use custom post types but rather defines its own tables and has an interface for additional fields within it’s settings. Again, none of these are bad things, but we want to customize this code to our liking and make it useful for our cases.

What is UpiCRM

UpiCRM has a nice dashboard with loads of useful boxes with stats on the state of leads, their statuses, sources and so on. Further more, it provides some user role management, so that you can control who does what in your CRM. Data-tables are sortable, which makes them easier to use in case of bigger load of data.

The plugin provides infrastructure for building hierarchical network of CRM instances on separate WordPress installations by defining a master and slave nodes. I didn’t look into this, but sure looks nice in the eyes of people from bigger organizations.

Download UpiCRM

UpiCRM – Free WordPress CRM and Lead Management