Welcome to the live blog! The live blog intends to dump my brain. It’s unfiltered, unedited and at times just information. It might have some knowledge or wisdom at times.
The original Live Blog is at https://wpguide.io/live-blog I will be migrating content over slowly.
Caching Facebook Query Parameters/Strings with Nginx
Introduction When someone shares a link on Facebook, the link they click includes an extra query string, like the following. https://managingwp.io/live-blog/nginx-error-setrlimitrlimit_nofile-25562325-failed-1-operation-not-permitted/?fbclid=IwY2xjawE6Cz1leHRuA2FlbQIxMQABHQtQRq0Ma2pk9bXQQfM_vyGWE_YPHCMp9VhWudfQR9N6FRv7pkKjL7ZTfQ_aem_GTXCB2GK_bezDLTO7WhktA This is problematic because common Nginx configurations will not cache URLs with a query string, and it’s even worse when a site is using WordPress, as these queries will result in a dynamic request. Configuration for Nginx FastCGI Caching on GridPane Unfortunately, this guide is specifically for GridPane, but you can read more about doing this on Easy Engine. https://community.easyengine.io/t/ignore-query-parameters-with-fastcgi-cache/4622 The variable $uri only resolves to index.php, and $request_uri includes the path and query strings. We will address this…
Nginx Error: setrlimit(RLIMIT_NOFILE, 25562325) failed (1: Operation not permitted)
Introduction You might have noticed this error in your Nginx log file at some point, especially on larger WordPress sites. 2024/08/22 00:46:09 [alert] 364292#364292: setrlimit(RLIMIT_NOFILE, 25562325) failed (1: Operation not permitted) What is setrlimit? A Linux system has limits on what resources a process (application can utilize. It’s safeguards the system from keeling over. A linux system as a number of limits, the C programming language has a function called setrlimit, which sets the maximum number of file descriptors that a process can open. A file descriptor is used to interact with an I/O resource such as a file or…
Openlitespeed or Litespeed: Error: can’t open log file!
Introduction This is going to be a quick one. If you’ve ever tried to visit a site on your server running Openlitespeed or Litespeed (not 100% confirmed, you might get the following output. Error: can’t open log file! Cause? Can’t Write to Log File It’s actually pretty straight forward, Openlitespeed and Litespeed can’t write to a log file. It’s strange that it’s returning a 200 error, when it should be returning a 500 error. But what log file? Check the main Openlitespeed / Litespeed log /usr/local/lsws/logs/error.log for errors # tail -f /usr/local/lsws/logs/error.log 2024-08-18 09:24:20.796796 [NOTICE] [1865589] [127.0.0.1:23046:HTTP2-1#domain.com] [STDERR] PHP Warning:…
Redis Cache Clearing Causes Redis Plugin Error
Introduction You might have had reports or experienced a time when a site showed a Redis Plugin error similar to the one below. Error establishing a Redis connection read error on connection to /var/run/redis/redis-server.sock WordPress is unable to establish a connection to Redis. This means that the connection information in your wp-config.php file are incorrect, or that the Redis server is not reachable. Is the correct Redis host and port set? Is the Redis server running? If you need help, please read the installation instructions. To disable Redis, delete the object-cache.php file in the /wp-content/ directory. Now this is a…
Debugging REST API admin-ajax.php (MySQL Queries and PHP functions)
Introduction When there are admin-ajax.php queries that take a substantial amount of time, there is no easy way to debug these requests. Debugging admin-ajax.php Options Query Monitor You’d think that installing the Query Monitor plugin would work, however this isn’t yet functional. WIP: Implement client side rendering by johnbillion · Pull Request #483 · johnbillion/query-monitor · GitHubThis starts us down the path of switching over Query Monitor’s output to client-side rendered React components. This has numerous benefits including: Better performance (no need to render a big pi…github.com Newrelic You can always install Newrelic, since it’s a PHP module it will…
LearnDash Slow Database Queries and Poor Database Design
Introduction Working on a LearnDash site for a client, I noticed some long running queries within the MySQL Slow log and PHP FPM slow log. PHP Slow Log [09-Aug-2024 16:18:04] [pool domain.com80] pid 646207 script_filename = /var/www/domain.com/htdocs/wp-admin/admin-ajax.php [0x00007f78e9c13a30] mysqli_query() /var/www/domain.com/htdocs/wp-includes/class-wpdb.php:2349 [0x00007f78e9c139c0] _do_query() /var/www/domain.com/htdocs/wp-includes/class-wpdb.php:2263 [0x00007f78e9c138e0] query() /var/www/domain.com/htdocs/wp-content/plugins/query-monitor/classes/DB.php:29 [0x00007f78e9c13820] query() /var/www/domain.com/htdocs/wp-includes/class-wpdb.php:3146 [0x00007f78e9c13730] get_results() /var/www/domain.com/htdocs/wp-content/plugins/sfwd-lms/includes/ld-reports.php:1135 [0x00007f78e9c13510] learndash_reports_get_activity() /var/www/domain.com/htdocs/wp-content/plugins/learndash-propanel/includes/class-ld-propanel-progress-chart.php:234 [0x00007f78e9c133b0] get_status_breakdown() /var/www/domain.com/htdocs/wp-content/plugins/learndash-propanel/includes/class-ld-propanel-progress-chart.php:193 [0x00007f78e9c13300] get_progress_course_data_for_chart() /var/www/domain.com/htdocs/wp-includes/class-wp-hook.php:324 [0x00007f78e9c13220] apply_filters() /var/www/domain.com/htdocs/wp-includes/class-wp-hook.php:348 [0x00007f78e9c131b0] do_action() /var/www/domain.com/htdocs/wp-includes/plugin.php:517 [0x00007f78e9c130d0] do_action() /var/www/domain.com/htdocs/wp-admin/admin-ajax.php:192 MySQL Slow Log # Time: 240807 2:20:26 # User@Host: wp_db[wp_db] @ localhost [] # Thread_id: 853 Schema: wp_db QC_hit: No # Query_time: 10.803632 Lock_time: 0.000072 Rows_sent: 2142791 Rows_examined: 4385188 #…
Protecting Your Events Calendar: Combatting Scraping Bots and Resource Drains
Introduction I’ve had numerous clients contact me about their servers having memory and CPU issues. Upon further investigation, the issue seems to be bot’s scraping the Event’s Calendar pages, and following all of the links within the page. Now, this wouldn’t be a problem for a site that has caching and regular pages, as the pages would be cached and the data returned without breaking a sweat as PHP is never involved. Unfortunately with The Events Calendar, the links being scraped contain query strings and these aren’t natively cached. Furthermore, the bot’s are going through pagination and any links they…
Over 500,000 Transients from transient_wc_product_loop and transient_timeout_wc_product_loop in wp_options table
Issue It was pretty wild to see 500,000 rows in the wp_options table, so I had to take a moment to take it all in. Then I decided to dig a bit further, and that’s when I found the following transients were taking up much of the rows in the wp_options table. transient_timeout_wc_product_loop transient_wc_product_loop Resolution After a little bit of googling, I found this issue on the WooCommerce Github project. Transient Recreating [wc_product_loop] forces crashing WC · Issue #26678 · woocommerce/woocommerce · GitHubDescription of the Bug Two transients are produced everytime a filter is clicked on the product page. I…
High Memory Usage and Swap Issues When Restarting Redis
You might receive false positives from your monitor software (monit, netdata) about about redis taking up double the amount of memory it has been configured with. Or in-general you server might be dipping into swap memory. [EST Jan 9 14:25:01] warning : ‘redis-server’ total mem amount of 3.3 GB matches resource limit [total mem amount > 1.7 GB] Looking further reveals that two redis-server processes are spawned at some point. Digging further it looks like when Redis is saving to rdb it’s spawning a second process which stays alive enough for monit to complain. 311844:M 09 Jan 2023 14:25:00.019 *…
Dealing with Redirect Loop or Wrong Site Redirect with Cloudflare
Introduction From time to time, you might find yourself in a place where you have added a new site to your server, and it’s stuck in a redirect loop or redirecting to another domain on your server. Cloudflare “SSL/TLS encryption mode” setting When adding a new domain to Cloudflare, it needs to generate an SSL Certificate and set a default method for how it will reach your new site. There is a setting for how Cloudflare will connect to your site, it’s the “SSL/TLS encryption mode” setting and will usually be set to Flexiable. As shown below Here’s the definition…
Google Cloud and Hetzner Connectivity Issues (GridPane Specifics)
Attention This article was written on 03-27-2024, the issue is now resolved. Why can’t Google Cloud reach my Hetzner Server? At this time it’s unknown, it has been suggested that this is related to a Google Cloud blacklist. It hasn’t been confirmed from Google Cloud specifically. What’s the actual issue? Traffic from Google Cloud fails to some Hetzner IP addresses fails, the following has been confirmed. Not all Hetzner IP’s are affected, only a select few within their 5.161.0.0/16 netblock. The issue was confirmed using Google Cloud network range 35.224.0.0/12 Traffic leaves Google Cloud and reaches Hetzner. Traffic from Hetzner…
Question – DNS CNAME’s, CNAME Flattening, and Cloudflare How does it work?
Question This question was on Facebook, and it’s needed a blog post 🙂 This is about CNAME flattening and references this Gridpane KB. https://gridpane.com/kb/dns-management-and-cnames/ This question is not GP specific so thought to try here instead of the GP forum. In the example given above, CNAME at the client DNS ultimately points to clientname.yourdomain.com. This makes sense and works. Now I want to set this up for a subdomain. To get a subdomain (ie.subdomain.clientdomain.com) to point to a GP server, is this the way to set things up? At client DNS, setup CNAME = subdomain and point it to clientname.yourdomain.com…
Get the size of a Single MySQL Database or All MySQL Database Sizes on a Server
Getting Single MySQL Database Size This is the command I use to get a single database size in MySQL: replace <DATABASE_NAME> with the database you wish to check. mysql -e “SELECT table_schema AS \”Database\”, ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS \”Size (MB)\” FROM information_schema.TABLES WHERE table_schema = \”<DATABASE_NAME>\” GROUP BY table_schema;” Getting Entire Server MySQL Database Size The following command will provide you with a list of databases and their sizes as well as a total. mysql -e ” SELECT * FROM ( SELECT table_schema AS ‘Database’, ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS ‘Size…
Stopping WordPress Comment Spam when using WP Discourse
Introduction When using the WP Discourse plugin on your WordPress site, you need to ensure that comments are enabled as the WP Discourse plugin will hook into all of the portions of the WordPress comment system. Unfortunately this causes the endpoint for comment posting wp-comments-post.php to still be active and accepting of requests, which bots will eventually use to try and post comments. Solutions 1 – WP Discourse There isn’t a solution within the WP Discourse plugin to block these requests. 2 – Code Snippet to Block wp-comments-post.php You can use the following code snippet to block the requests, I’ve…
rtCamp Nginx Helper Plugin Security Vulnerability
Introduction If you haven’t heard already, the Nginx Helper Plugin by rtCamp has an unpublished security vulnerability. Here’s the listing from patchstack. Patchstack Report WordPress Nginx Helper pluginpatchstack.com There is an issue currently on the Github repository owned by rtCamp Great Plugin! Please issue a security fix! · Issue #315 · rtCamp/nginx-helper · GitHubhttps://patchstack.com/database/vulnerability/nginx-helper/wordpress-nginx-helper-plugin-2-2-3-sensitive-data-exposure-vulnerabilitygithub.com Hopefully it get’s patched soon. Update #1 After talking with Oliver Sid, he had the following to say. During this time the report had been taken down. It looks like it was disputed by rtCamp and therefore a decision was made to remove it. It was…
Using Cloudflare Proxied SSL Certificates without using the GridPane Cloudflare Integration and Generating Self Signed Certificates
Introduction This article tackles using Cloudflare Proxied SSL Certificates with GridPane when not using the GridPane Cloudflare integration for automatically generating SSL Certificates using Lets Encrypt. If you’re having issues with SSL the using the Why No Padlock website is super helpful. Why No Padlock?Why No Padlock? – Why is my SSL web page insecure? Find the culprit!whynopadlock.com Understanding SSL Certificates and Server Configurations What are Self-Signed SSL Certificates and are they Secure? Self-signed SSL certificates and those issued by a trusted Certificate Authority (CA) are technically similar in terms of their creation and function. The key difference lies in…
Cyberpanel Security Issue – Default Password During Setup
Introduction There was a post on Facebook that was brought to my attention. The user was seeing a high cpu load on his server from a process that wasn’t a normal process name, it was concluded that their server had been hacked and was now either attack other websites or mining crypto. The user had installed Cyberpanel and choose the default password method during the setup, and most likely an automated scan found their Cyberpanel instance on port 7080 and was able to login using the default login. Why are default passwords a problem? Well, CISA says that hardware and…
Monitoring CPU Steal using Monit
Why is monitoring CPU Steal important? What is CPU Steal? CPU steal time refers to the proportion of time that a virtual CPU on a cloud server is forced to wait for a physical CPU to become available for processing. This metric is significant in understanding the performance of virtual environments. There are two instances where CPU Steal will occur, when there is an unbalanced overcommit ratio and when a noisy neighbours instance occurs. What is an overcommit ratio? The “overcommit ratio” is a concept that refers to the practice of allocating more virtual resources than the actual physical resources…
Using Visual Studio Code Remote SSH with GridPane’s Chroot SSH System User
Introduction When using GridPane, you have the option of using sftp or SSH with your websites system user. A system user can hold one or multiple websites including staging sites. Once ssh enabled, you’re put into what is called a chrooted shell, with limited access to the system and commands. This becomes problematic if you want to use Visual Studio code and Remote SSH This live blog will go through the process of trying to get it to work, fingers crossed. Install some Packages cd /home/systemuser cp /usr/bin/{date,uname,flock,sleep,scp} .
Updating WordPress Page Error “Updating Failed. The response is not a Valid JSON Response”
WordPress Error “Not a Valid JSON Response” The “Updating Failed. The response is not a Valid JSON Response” error from within the WordPress Guttenberg Editor could be the result of a number of issues. If you do some googling, there’s lots of information and ideas on how to rectify the error. PHP Composer and Wrong PHP Version In the case I had, the issue was related to a custom WordPress theme using composer and requiring PHP 8.x but the site infact operating on PHP 7.4 Simple fix, change the PHP version to PHP 8.x on the sites hosting control panel.