Blogs

How to Transfer WHM Backup to Remote Destination Through FTP?

How to Transfer WHM Backup to Remote Destination Through FTP? The backups are an inevitable part of the websites/Servers. Consider the situation if you have accidentally deleted your website file/directory it may affect your whole website. If you have a valid backup you can simply restore the website from backup so the website backup is the most important thing to protect your server against data loss. cPanel/WHM offers to create server backup in the WHM. You can configure backups daily, weekly and monthly in WHM. Please refer following KB to configure backup in WHM. WHM Backup Configuration Explained Some cases you don’t have sufficient space in your server. In this case, you can transfer the configured backup to the remote server. In this tutorial, we will discuss how to transfer the configured backup to a remote server on WHM. Working Once you have configured all things, the system will generate first cPanel account backup and transferred this back up to the remote server once the transfer has been completed system will generate next account backup and transferred to remote server. Configure the FTP destination. 1) Login to WHM as a root user. 2) Go to Home >> Backup >> Backup Configuration. 3) Go to Additional Destination >> FTP from Destination type 4) Click the button “Create New Destination”. 5) Then you will get new window likes below screenshots and enter following details of the remote server. 6) Once you enter all required details click on the button ” Save and Validate Destination”. 7) Then click “Save Configuration” once the validation has been successfully completed. 8) Now you can check the transferring is working or not by running the backup manually. Run below command to run the backup manually. /usr/local/cpanel/bin/backup  –force From there you will get a new log file and you can check the backup and transfer process from that log file.
Read more

Migrate Email Accounts from Zoho to cPanel

Migrate Email Accounts from Zoho to cPanel If you have IMAP in Zoho account, we can migrate emails via IMAP copy. To do this we need following details. IMAP server name(Zoho). Zoho username and Zoho user account password. new cPanel email address and password. We have noticed that Zoho does not provide IMAP for some accounts. In this case, we can import email via webmail. For this, first needs to take backup of the Zoho accounts. 1) Log in to the control panel as an admin user 2) Then select ” Export Mail Accounts” under Mail Administration. 3)Select the option “Entire Account” and click the button “Begin Export”. 4)Each account’s download backup link will create once the export process is completed. From there, you can download email backups of each account. Import Emails to a new email account. 1) Login to cPanel >> Emails >> Email Accounts. 2) Go to “Access Webmail”. 3) Select ” Round cube”. 4) Then click “Import Message”. 5) Then select the backup file which exported from Zoho. Now the email accounts are successfully migrated to your cPanel account
Read more

Migration from cPanel to Webmin/Virtualmin

Virtualmin can import the accounts from cPanel by taking the complete cPanel backup file including all mailboxes, databases, contents,.. etc. This kind of migration process is much faster than others but need a special attention because some of the features of Webmin is not enabled automatically when you migrate the site. The site will work after migration but need to enable special features that only specified by the Webmin with care and testing. To copy or transfer all the services from cPanel to Virtualmin, first of all we need to take the fresh backup of them. We can generate the full cPanel backup by using the following steps:   1) Login to cPanel–> Backup –> Download a Full Account Backup. Then you can create an ftp account or you can change the permission of backup to download on the server. 2) You can now download the generated backup file to your Virtualmin server via FTP or wget option. For this, login to your Webmin server via back-end access, then try to download the backups in a screen using ftp or wget option. If your backup is larger than a few megabytes, you can copy the file using a reliable transfer mechanism, like SCP. All Linux systems have scp built in, and so can easily be used to copy the file to your new Virtualmin server. 3) Once you downloaded the backup file from source server to destination server, now you can proceed with the restoration process. The restoration process on Webmin/Virtualmin some what different from the other migration like cPanel to cPanel and cPanel to Webuzo cross migrations. NOTE: Before migrating emails from cPanel to Webmin , verify if both the servers has compatible email formats? The destination server email format should match with the cPanel mail format. You can verify it by checking any of the “Maildir” directory of the email account. We can now discuss about the remaining migration process on Webmin/Virtualmin. 1) Login to your Virtualmin Dashboard. 2) Click on the option “Add servers” shown in the left side panel. 3) Then click on the “Migrate Virtual Server” option. 4) Select Source Backup File : If you upload the backup to the virtual server via any of the option we already specified like FTP or wget, then you can select the option “Local file or directory”. If you download the backup to the local PC then select “Upload to server” option. 5) Select a ‘Backup File Type’ of cPanel. 6) Select Domain name to migrate and Fill in Username for domain by switching from “Work out from backup, if possible”. And it must be any valid username , but for ease of use, you may wish to use the same name used under cPanel. 7) Choose a Password for administrator. 8) The remaining options can be left to their defaults. 9) Finally, click on the button ‘Migrate Now’.
Read more

cPanel to CentOS Web Panel Migration

Are you worried about the recent cPanel price hike? Are you looking for a new control panel which is free and have almost all features of cPanel? Then you should take a look at CentOS Web Panel. ( CWP in short. ) CentOS Web Panel is suitable for the following category of customers.1) Customers who don’t need server reselling option. But a full-featured panel to manage the server.2) Customers whos looking for a powerful, secure, open-source, and free control panel. If you are already on a cPanel server and want to know to migrate your websites to CentOS Web Panel, then keep reading. As mentioned previously, the CentOS Web Panel is an excellent free alternative for cPanel. It has almost all similar features inbuilt. We can easily integrate it with Cloud Linux and LightSpeed for better security and performance. It also provides Nginx- Apache reverse proxy and even provides a well-defined proxy set up with Nginx-Apache-Varnish for enhanced performance. CWP also has different panels for the administrator and standard user with different level of access. That is similar to cPanel and also the interface.The CentOS Web Panel comes with a cPanel migration tool which is also well built. That means the migration is not that hard as you think. We can do it with a few clicks. Please keep reading. Important Notes: – Do not create the account for the cPanel user in CentOS Web Panel. That will cause issues with the migration. So, let’s start. Here in this article, we will go through the steps to import a cPanel account to the CentOS Web Panel with all its contents and email accounts. 1) Create the cPanel account backup by following the first three steps 2) Download the backup directly to the server using rsync or scp if you are good with the Linux shell. If not, download it to your local PC. Then upload or move the backup to the server and place it under the /home folder. There is another easy method also. But you’ll need command-line knowledge. If the domain still pointing to the old cPanel account, then place the backup under the site’s document root. ( Mostly public_html ). Then login to the CWP server and execute the following command. cd /home/; wget http://domain.com/backup.tar.gz 3) Now login to the CentOS Web Panel admin interface. Then click on “cPanel Migration” option under the “User Accounts” tab. 4) If you correctly placed the backup file under /home, then it’ll show under “Account Import” tab. Select the backup that you uploaded then choose the desired package under “Associate Package” tab. Also, make sure to enter a secure password for your account.Now select the what domain data you want to restore. Check all boxes if you want a full restore. Then enter a temporary email password for your email accounts. When you are ready, click on the “Import” button. 5) That’s it! Now all you need to do is wait, and the migration tool will do the rest. The interface will show you the progress of the restoration. Once it’s all done, you will see a migration completed message on the screen. You have completed the migration. Now we need to test the working of websites. For this, you can temporarily point the domain to the new server’s IP by editing the “hosts” file. After doing that, your domain will load from the new server. If you don’t know how to point the domain to new IP using “hosts” file. Do the tests and if all good, then update the DNS for the domain name to point to the new server IP address to get it online.
Read more

cPanel to Webuzo Migration

If you are one of our VPS or Dedicated customer, then you probably already know about the Webuzo/Breadbasket control panel. If you haven’t, then it is a free control panel that we are offering with our server products. It’s an alternative for cPanel, Plesk or other paid control panels. Yes, you will get almost all the features of those control panels with Webuzo, and you don’t have to pay anything! This tutorial is for customers with an existing cPanel server ( with us or external ) and planning to migrate the accounts to one of our Webuzo servers. Please keep reading, and we’ll show you how to do it. Webuzo is easy to use control panel with a lot of inbuilt features to make your server management more effortless. It has tools like one-click application installer, and with that, you can install applications like WordPress, Joomla, and Drupal and many other applications with a simple click. No system admin level knowledge is required to do any of these tasks. It’s very user-friendly, secure, and powerful at the same time. If you want to know more about Webuzo and the features. There you can see the full list of applications, tools and all other details about Webuzo. So, I hope you have done your research and ready to move your cPanel accounts to Webuzo. Let’s start the Webuzo migration then. Important Notes: 1) The server must be a freshly installed one. Webuzo username and cPanel username must be same for the account that we are trying to migrate. 2) This utility will overwrite all the current user data. 3) Put the full backup of the cPanel account under /home/username/ folder. 4) This tool will migrate your domains, databases, and other data. But it won’t import the email accounts. If you want to migrate the email accounts, then you will need to do it using email migration tools such as “imapsync” or “IMAPcopy.” Please follow the tutorial given below. ( After completing the migration. ) cPanel to Webuzo Migration: 1) Create the cPanel account backup by following the first three steps as shown in this tutorial. 2) Login to the Webuzo control panel, add click on “Import From cPanel” icon under the “Server Utilities” tab. 3) Here in this step, there are two ways to import a cPanel backup. First is “Remote Import” and second is “Local Import.” Let’s check and discuss both options, and you can choose how you want to proceed. Remote Import: Fill out the form with the cPanel server hostname or IP address, username, and password and then hit the “Submit” button and that’ll start the process. ( This is the easy method but will take bit more time than the “Local Import.” You should choose this if you don’t want to spend time uploading backup to other server and other steps. ) Local Import: In this case, upload the backup to the server under -/home/username/ folder first. ( You can use FTP, scp, rsysnc on any method that you prefer. ) Then fill out the form with cPanel hostname or IP address, username. Enter the backup name when the system asks you, “Do you have a backup saved on the local server?”. Hit the “Submit” button, and that’ll start the import. That is all! Now you wait, and you will receive an email upon completion of the import process. If any issues with the import process or if you want to monitor the process, then the log file is available under: /usr/local/webuzo/includes/cli/cpanel_migration.log. You have completed the migration. Now we need to test the working of websites. For this, you can temporarily point the domain to the new server’s IP by editing the “hosts” file. After doing that, your domain will load from the new server. If you don’t know how to point the domain to new IP using “hosts” file Do the tests and if all good, then update the DNS for the domain name to point to the new server IP address to get it online. I hope you now understand how easy is cPanel to Webuzo migration. That is the end of this tutorial. We hope that this article helped you migrate cPanel accounts to Webuzo control panel.
Read more

Migrate Accounts from cPanel to DirectAdmin

cPanel is one of the most common and widely used control panels. But cPanel has recently announced a massive increase in their pricing scheme. This increase in the price schema has impacted so many customers and businesses. So, customers are now migrating their cPanel sites to other control panels, and some of them are migrating their cPanel sites to DirectAdmin. DirectAdmin provides three levels of access, such as admin, user, and reseller, and is a web hosting control panel. DirectAdmin also offers both graphical and web-based interfaces. You can control an unlimited number of websites and email accounts using a DirectAdmin panel. The DirectAdmin panel does not provide all the features as same as that of cPanel, but it does provide equal user satisfaction as that of cPanel.  You can purchase the DirectAdmin license from the YiSolutions. DirectAdmin offers many administrator features, such as DNS Administration, IP Manager, Create/Modify Admins and Resellers, Mail Queue Administration, and more. To install the DirectAdmin control panel on your server, follow the steps and tips on the tutorial topic “DirectAdmin Installation”. In this tutorial, you learn the steps to migrate your website accounts from cPanel to DirectAdmin. Please note that you should have a DirectAdmin version 1.57.3 or higher to migrate the cPanel accounts to DirectAdmin. Migrate Accounts from cPanel to DirectAdmin To migrate the cPanel accounts to DirectAdmin, follow the below steps: First, log in to your cPanel account as a root user via SSH. Then, run the following script to generate a full cPanel account password. Please note that the generated backup should be in the ‘cpmove-user.tar.gz’ format. The /scripts/pkgacct script packages all the accounts in a cPanel. Replace the <username> flag with the username of the cPanel account. # /scripts/pkgacct <username> /home/user_backups; After generating a backup, Log in to the DirectAdmin server as a root user. Run the following command to sync the cPanel backup to the DirectAdmin server. # rsync -avt /home/user_backups/ root@<your_directadmin_server>.com:/home/admin/converted_user_backup/ Check the DirectAdmin version by running the following command. # /usr/local/directadmin/directadmin c | grep -i 'version=' Go to the ‘custombuild’ directory by running the following command. # cd /usr/local/directadmin/custombuild Next, update the build script by using the following command. # ./build update Then, install the cpanel_to_da plugin using the build script. # ./build cpanel_to_da Change the user and group ownership of the user backup file to admin by running the following command. # chown -R admin. /home/admin/converted_user_backup If your cPanel account username has a name length more than 8, then run the following command to increase the name length on the DirectAdmin server also by running the following command. In the following command, the value ‘16’ represents that the name length should set to 16 on the DirectAdmin server. # /usr/local/directadmin/directadmin set max_username_length 16 restart Now, log in to the DirectAdmin front-end by hitting the following URL in any of the browsers. https://<Server_IP_Address>:2222 or https://<Server_domain_name>:2222 Go to the ‘Admin Tools’ tab and select the ‘Admin Backup/Transfer’ option, as shown in the following screenshot. You get redirected to the Admin Backups page, and from there to restore the backup in your server, click the ‘RESTORE’ button. Next, change the path in the ‘Restore Backup’ page from undefined to the path of the backup in the server (/home/admin/converted_user_backup). Then only the backup gets displayed, and after that, click the ‘NEXT STEP’ button. Replace the IP address with the server IP and click the ‘NEXT STEP’ button. In the Next Step, you can select the cPanel backup that needs to get restored from the list of cPanel backups. Select the files that need to be restored and click the ‘RESTORE’ button. Now, the backup restoration gets initiated. This process of backup restoration gets added to the queue. After the restoration completes, it displays a message with the subject ‘Your User files have been restored’ in the ‘My messages’ page. Fix Common Migration Related Errors. After the migration completes, some customers may face some issues due to migration. Some of the common migration-related errors are: Version Compatibility Issue Incorrect Permission and Ownership To fix these common migration-related issues, do the following: 1) VERSION COMPATIBILITY ISSUE: To smoothly migrate the accounts, the version of all the software running in both source and destination server should match. If there is any software version compatibility, then the website or account won’t work as the same as that of the source server. For example, sometimes, a user can get a blank page for their website after the migration. In this case, the chance is that the PHP version of the destination is not compatible with the website content, or there is a mismatch in the extensions or software version. So, we can check the version of the software or extension in the source server and replace the destination software or extension version as same as that of the source server. This process can fix the version compatibility issue after the migration. 2) INCORRECT PERMISSION AND OWNERSHIP After the migration, the website may throw some error due to incorrect permissions and ownership of the files/directories in the destination. So, after migrating the site, we should make sure that the files and directory permission are 644 and 755, respectively. During the migration, we change the ownership of all the files to admin, but even after the migration, if there is any mismatch, then we can change the files or directory ownership to fix that error.
Read more

How to Fix WordPress Keeps Logging Out Error

WordPress is the most popular CMS that are is used for creating websites. WordPress is used for creating any style of the website from a simple blog to a full-featured business website. If you are facing issues that the WordPress keeps login out, then the steps provided in this tutorial provide you the best fixes for the login issue you were encounter. Main causes: The main cause is the browser cache when you try to login to your WordPress. It set a browser cookie which authenticates your login session. If there are any errors on those cookies, then you are unable to authenticate and it keeps you logging out. To resolve such issues, please follow the below steps: 1) If you are continually logged out from your WordPress dashboard, then the most common reason is conflict in your URL settings. WordPress is always authenticate logged in users through browser cookies. If the WordPress URL and Site address are different, then it will be unable to authenticate your credentials and you will be logged out. Login to your WordPress dashboard and make sure that you have set the WordPress Address (URL) and Site Address (URL) are exactly the same. You can check it from your WordPress Dashboard >> Settings >> General. If there any differences, this could be the reason for this error. For example, if one the URL is beginning with “https://” and the other uses “http://”, or one has WWW in front and the other doesn’t, then you would need to correct it, Both the URLs should be exactly same. If you are unable to access the WordPress dashboard, then you can edit the WordPress Address (URL) and Site Address (URL) from the file wp-config.php You can use FTP to the server and edit the mentioned file there. define(‘WP_HOME’,’http://yoursite.com); define(‘WP_SITEURL’,’http://yoursite.com);   2) Clearing the browser cache and cookies is another way to resolve this issue. Most of the log out issues are related to the browser cookies that are stored on your browser. You would need to clear the browser cache as well as the browser cookies to resolve this issue. 3) If the issue still persists, then try to deactivate the plugins on the WordPress website. You can manually deactivate all the plugins on your website using FTP client. After logging into FTP server, navigate to the public_html directory and then to the wp-content directory. Disable all plugins on the website. After deactivating the plugins, you’ll have to activate them one at a time to identify the culprit plugin. 4) Ensure that your WordPress site is permitted to save cookies on your browser.  In some cases, your web server is disabled to accept cookies. When this happens, WordPress will be unable to save the cookies, which means you will be logged out again and again. To fix this, you would need to enable ‘Allow Site to Save and Read Cookie Data ‘on your web browser. 5) If the issue is still reoccurring after changing all the above settings, then you would need to restore the website from any of the working back-ups or contact us(your hosting provider) for restoration and everything should be working then.
Read more

How to Configure WordPress with External Database

WordPress, the content management system that does not require any introduction. But here is the fact, There are 313,050 million sites built on WordPress. And it has a 59.7% of market share in content management. With WordPress, you can host files and database on different servers/machines very quickly as it uses MySQL as a database management system. In this guide, we will configure WordPress with an external database in Ubuntu 16.04 servers. First of all, What do we mean when we say WordPress with external database? It means that we are going to host WordPress files on one server(Application server). And we are going to host our WordPress database on another server(Database server). Our goal is to execute MySQL queries on database-server and process and display data on application-server. There are many advantages of hosting application and a database on separate servers. Especially if your WordPress application is growing at a reasonable rate. Here are some benefits you get with this setup. Let’s say your application-server requires more computing power than your database-server. In this case, you can only upgrade your application-server and keep your database-server the same. This way, you can upgrade and downgrade servers based on the computing power they need. In the case of downtime, you can quickly know if it’s an issue on a database server or an application server. If you want high availability set up for your database, Follow this guide to create a master-slave replication in MySQL. With replication, you can keep your site up and running even if the main MySQL server is down. In case of monitoring, you can monitor the load and memory on the application server. While you can monitor queries per second, slow queries, read/write queries, and much more on the database server. I just have mentioned three advantages here, but there are many more that you will experience. So, Let’s get started with the tutorial. Configure WordPress with external database What will you need to follow this guide? Well, you will need two Ubuntu 16.04 servers. Both the servers must be clean with only the operating system installed. And a root access to both the servers as we will install packages and update configuration files. Here are the IP addresses and hostnames we will use in this guide. Application server: application-server (1.2.3.4) Database server: database-server (4.5.6.7) First of all, we will configure our application server. It is not going to be a typical LAMP server setup, because we do not have to configure MySQL on our application server. So, let’s get started. CONFIGURE APPLICATION SERVER On the application server, we will install Apache to serve the HTTP requests and PHP to interpret PHP code requested by Apache. And we are going to use the MySQL database hosted on the database server, so we do not have to install MySQL on this server. Execute the following commands on the application server. root@application-server:~# apt-get updateroot@application-server:~# apt-get upgrade -yroot@application-server:~# apt-get install apache2 -yroot@application-server:~# apt-get install php7.0 php7.0-curl php7.0-mysql php7.0-mbstring php7.0-dom php7.0-gd -yroot@application-server:~# apt-get install libapache2-mod-php7.0root@application-server:~# apt-get install mysql-client -y The first four commands will update repositories, upgrade packages, install Apache, and install PHP7.0 along with the PHP libraries required for WordPress. And the last one will install MySQL client that we can use to test the remote connection with our database server. To verify if Apache and PHP are installed and configured correctly, execute the following commands and then access the public IP address of the application server in the browser. root@application-server:~# rm /var/www/html/index.htmlroot@application-server:~# echo “<?php phpinfo(); ?>” >> /var/www/html/index.php On the browser, you should see a page with PHP configuration information just like the following image. If you can see this page on the public IP address of your application server, you have successfully configured the application server. Now, we can move on to the configuration of our database server. CONFIGURE DATABASE SERVER Database server configuration is also easy. It is because we have to install MySQL and update the MySQL configuration file to allow remote access. Execute the following command to install MySQL on your database server. root@database-server:~# apt-get updateroot@database-server:~# apt-get upgrade -yroot@database-server:~# apt-get install mysql-server mysql-client -yroot@database-server:~# mysql_secure_installation While executing the third command, you have to enter the MySQL root password. And while running the fourth command, You have to answer a few questions. Answer it like this. Enable Validate Password Plugin? No Change the password for root? No Remove anonymous users? Yes Disallow root login remotely? Yes Remove test database and access to it? Yes Reload privilege table now? Yes Once done, try to log in to your MySQL server using the following command. root@database-server:~# mysql -uroot -p If you can log into your MySQL server, you have successfully installed MySQL on the server. Now, it is time to update the MySQL configuration file to allow remote connections. Execute the following command to open the MySQL configuration file in edit mode. root@database-server:~# nano /etc/mysql/mysql.conf.d/mysqld.cnf In the file, find a line containing bind-address. You have to uncomment this line and replace the default value with the IP address of your database server. The updated line should look like the following. bind-address = 4.5.6.7 Do not forget to replace the example IP address with yours. Once done, press CTRL+X followed by Y followed by Enter to save the file. Now, restart the MySQL server using the following command to apply the new configuration. root@database-server:~# service mysql restart All the hard work is now over. Now, we can create a database for our WordPress application on the database server. CREATE DATABASE FOR WORDPRESS ON DATABASE SERVER First of all, log in to your MySQL server using the following command. root@database-server:~# mysql -uroot -p; Enter the password you have set while installing the MySQL server. Once you are in, run the following queries in MySQL to create a database and a user having access from our application server. mysql> CREATE DATABASE wordpress;mysql> CREATE USER ‘wordpressUser‘@’1.2.3.4‘ IDENTIFIED BY ‘qawsedrf123‘;mysql> GRANT ALL PRIVILEGES ON wordpress.* TO ‘wordpressUser‘@’1.2.3.4‘;mysql> FLUSH PRIVILEGES; Now, if you want to test if the user and database are successfully created, login to your application server and execute the following command
Read more

How to Change WordPress Site URLs (Best Methods)!

WordPress is a content management system that does not require any introduction. Millions of blogs and websites and stores are powered by WordPress. It is so huge that there are thousands of different cases that might require changes in the configuration of the website. One such case is the change in the domain name of the website. In this short guide, I will show you different methods to change WordPress site URLs. By site URLs, I mean the WordPress address and the Site address. Both of them are same in the majority of the cases. Both of them are the base URLs of your WordPress site. So, In this guide, I will show you three different methods to update the URLs of your WordPress websites. The three methods are: Change WordPress URLs from the Admin section Update URLs from wp-config.php Change WordPress URLs using WP-CLI Let’s start our guide with the first and the easiest method to change WordPress site URLs. Change WordPress Site URLs from the Admin section This is the easiest method to change WordPress URLs. The first thing you have to do is to log in to the Admin section of your WordPress site. Once you are logged in, click on the Settings section from the left sidebar. On the General Settings page, you will see a bunch of fields for a bunch of information. In that form, you will find two fields with (URL) in the label. Just like the following image. Enter the new URLs in both of these fields and click on the Save Changes button given at the bottom of the settings page. Once done, you will be able to access your site on the new WordPress URLs. Change URLs with wp-config.php If you don’t want to change URLs from admin section or cannot change URLs from the admin section, don’t worry! You can actually set the URLs from wp-config.php file. So, Open up the file manager or FTP client and navigate to the WordPress installation directory. Once you are there, Edit the wp-config.php file and add the following lines at the end of the file. define('WP_HOME', 'https://newexample.com'); define('WP_SITEURL', 'https://newexample.com'); Now, Save the file and you will be able to access your WordPress site using the new URLs. Note that the values set in the wp-config.php file will override the URLs provided in the General settings page of WordPress. Now, Let’s move on to the last method to change WordPress site URLs. Change WordPress URLs using WP-CLI WP-CLI is an awesome tool to manage all your WordPress instances using the command line interface. It is very easy to manage WordPress settings using WP-CLI. You can also set the site URLs using the WP-CLI tool. It just takes two commands to update the URLs using this method. But to execute these commands, you have to connect to your server via SSH. If you are using Linux based operating system or Mac OS, open up the terminal and connect with your server via SSH directly. If you are using Windows, use Putty or Bitvise to connect with your server via SSH. Once you are in, Execute the following commands to update the URLs of your WordPress site. wp option update home 'https://newexample.com' wp option update siteurl 'https://newexample.com' So, that’s all it takes to update Site URLs using WP-CLI. If you want to install WP-CLI on Linux, you can follow our guide too!   Conclusion: There is one more method to update the WordPress site URLs. In that method, you will basically log in to the PHPMyAdmin and update the site URLs directly into the database. It is a little bit hard if you are facing this for the first time. But the above-given methods are the easiest and the best! Let us know in the comment section if you are facing any issue changing WordPress site URLs, we will respond back with the solution as soon as possible.
Read more

Prevent Brute Force Attacks in WordPress

A brute force attack is a trial-and-error method in which the hackers aim to gain access to a website by trying different combinations of usernames and passwords until they get in. These attacks focus on websites having weak security links. For example, these attacks mainly happen to a website using a weak username and passwords like ‘admin’ and ‘12345’. Brute Force attack can run out of the server memory as the number of HTTP requests becomes high. Furthermore, this can lead to a performance issue on the website. The number of HTTP requests is the number of times someone visits our website. How to Prevent Brute Force Attacks These hackers hammer the ‘wp-login.php’ file over and over again until the website is accessible or the server dies. We can prevent brute force attacks using the following measures: 1) ALWAYS USE UNUSUAL USERNAME In the early version of WordPress, the username ‘admin’ was a default, so the hackers assume that most of the people are using the same now. It is always advisable to change the username using the “Change Username” plugin. Try not to keep an easy username like “admin” or “administrator” or “boss”. Make sure it is unusual so that no one can guess your username. 2) CREATE COMPLEX AND STRONG PASSWORD It is always recommended to have a secure password, which prevents others from guessing your password and can avoid a brute force attack. There are many ‘automatic password generators’ available which can be used to generate a secure password. The WordPress password strength meter feature ensures the password strength is adequate while changing the same. The ‘Force Strong Password’ plugin can help users to set strong passwords. Some of the things which need to be kept in mind while choosing a password are: Avoid using any permutation of your name, username, company name, or name of your website. Don’t use any word from a dictionary, in any language. Avoid using Short Passwords. Always try to use alpha-numeric passwords. It is always recommended to enable “Two-Step Authentication” on your website for more security. 3) USE SECURITY PLUGINS There are many plugins available for WordPress to limit the number of login attempts made to the website like Limit Login Attempts, IP Geo Block, etc. Also, you can completely block someone from accessing wp-admin by using different plugins like Loginizer, WP Custom Admin Interface, Admin Menu Editor, etc. 4) PASSWORD PROTECT WP-LOGIN.PHP FILE The password protection of your ‘wp-login.php’ file can add an extra layer of security to your site. For the same, you can create a ‘.htpasswd’ file. This file can be created under your public folder or in the same folder of .htaccess, but if you are adding it under the same folder as that of .htaccess, then you need to add some extra security to the .htaccess file. After uploading the .htpasswd file to the server, you have to include it in the.htaccess file in order to protect some routes on your website. For instance, if you have uploaded the htpasswd file in the home directory containing asecretuser the user, add the following code to your htaccess file. # stop Apache from serving .ht* files <Files ~ “^\.ht”> Order allow, deny Deny from all </Files> # Protect wp-login.php <Files wp-login.php> AuthUserFile ~/.htpasswd AuthName “Private access” AuthType Basic require user asecretuser </Files> The “AuthUserFile” location depends on your server, and also the “require user” details changes based on what username you pick. By using the ‘HttpAuthBasicModule’, we can protect the wp-login.php file in Nginx by adding the following block inside your server block. Location /wp-login.php { auth_basic “Administrator Login”; auth_basic_user_file .htpasswd; } The .htpasswd filename path is related to the ‘nginx.conf’ file and the files should be in the following format: user:pass user2:pass2 user3:pass3 The passwords must encode by function crypt(3), so you can use the ‘htpasswd generator’ to encrypt your password. 5) LIMIT ACCESS TO WP-LOGIN.PHP BY IP If you have a fixed IP address to log in to your Admin area, then you can deny wp-login.php access to others using ‘.htaccess’ or ‘web.config file’. This process is known as IP whitelist. To allow only one IP address (e.g., 203.0.113.15) to access the admin area, you can create a file with the name .htaccess and add the following code: # Block access to wp-login.php <Files wp-login.php> order deny,allow allow from 100.00.00.01 deny from all </Files> If you want to add pre than one allowed IP address, we can edit the .htaccess file as below. # Block access to wp-login.php <Files wp-login.php> order deny,allow allow from 100.00.00.01 allow from 100.00.00.02 allow from 100.00.00.03 deny from all </Files> If you are using Apache 2.4 and Apache module, then the syntax is different: # Block access to wp-login.php <Files wp-login.php> Require ip 100.00.00.01 </Files> To access the admin using multiple IP addresses in Apache 2.4, you can add: # Block access to wp-login.php <Files wp-login.php> Require ip 100.00.00.01 100.00.00.02 100.00.00.03 # or for the entire network: # Require ip 100.00.00.0/255.255.255.0 </Files> 6) DENY ACCESS TO NO REFERRER REQUESTS The Spam login attack can be prevented by adding the following block into the ‘.htaccess’ file. # Stop spam attack logins and comments <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{REQUEST_METHOD} POST RewriteCond %{REQUEST_URI} .(wp-comments-post|wp-login)\.php* RewriteCond %{HTTP_REFERER} !.example.com.* [OR] RewriteCond %{HTTP_USER_AGENT} ^$ RewriteRule (.*) http://%{REMOTE_ADDR}/$1 [R=301,L] </ifModule> 7) BLOCKLISTS As per the study, most of the brute force attacks are from hosts from Russia, Kazakhstan, and Ukraine. So, we can block the IP-addresses that originate from these countries. We can download blocklists from the internet, and then we can load block rules with iptables using some shell scripting. Blocking an entire countries IP address cannot be done if your website is global; that time, you can add the well-known spammer’s IP-addresses to the iptables. This table needs to be updated regularly. 8) CLOUD/PROXY SERVICES Some services like Cloudflare and Sucuri CloudProxy can help to reduce these attacks by blocking the IPs before they reach the server.   Conclusion: There is no actual way to make your site 100% hack-proof. It is
Read more
Cart

No products in the cart.