UKC

How do I use iptables to route to another port?

You can use iptables pre-routing to route from one port to another.

For example, the following command will enable mail users to use port 26 or port 25 for SMTP request. All port 26 requests will be routed to port 25.

# iptables -t nat -A PREROUTING -p tcp -d 192.168.167.2 --dport 26 -j DNAT --to 192.168.167.2:25

Now your clients can use port 26 or port 25 without any problems.

7 Easy Ways to Secure WordPress

WordPress is an excellent application used the world over. This unfortunately makes it also a target for hackers. There are some very simple steps you can take, completely non-technical, that can help secure your WordPress blog.

1. First things first. Eliminate all known vulnerabilities. Now.

Update your WordPress installation to the latest version. This is the absolute most important and most effective first step. Do it now.

2. Don’t make your WordPress blog so easy to target

Install WordPress in a folder rather than document root, this makes it slightly more difficult for large scale hackers to find your system files. There are so many root installations of WordPress to keep hackers busy that the effort returned finding sub folders is not usually worth it.

3. Do not delete the admin account. Yes, you read it correctly.

So we need to secure admin, do this by creating a new administrative user, then downgrade the admin account to subscriber. This will make it impossible for a hacker to administrate your site using admin. By not deleting the admin account the hacker is kept busy trying to guess the password and the focus is away from the ‘real’ administrator account.

4. Control failed login attempts.

Lock the account after a number of failed attempts. This will render dictionary attacks on your account pointless for the hackers. Use a plugin such as Login LockDown to control failed log in attempts.

5. Implement easy eveyday plugin security

Use some WordPress security plugins such as Stealth login, AskApache password protect and WP security scan.

6. If they get in – don’t let them take you out

Take regular backups. Should a hacker gain access at least you don’t permanently lose your site. You will be able to restore, tighten up and continue. Don’t let them take you out!

7. Honestly, this is the step that is most often ignored

Have an absolutely ridiculously difficult to guess password. Have some numbers, uppercase and lowercase letters and maybe a punctuation mark or two. They’ll never guess it – maybe not even with a quantum computer.

Security is an ongoing job, it is never complete. There are other ways using file permissions,  .htaccess with IP restrictions that can further secure your blog but these are a little more technical. So, be on the look out for part 2.
We hope you enjoyed this article and found the information useful. Happy blogging!

How to setup a PHP Cron job or scheduled task in Plesk

Re: Set up a cron job in Plesk, Plesk crontab, Create a PHP cron job in Plesk

Setting up a cron task or scheduled job within Plesk is a piece of cake – once you know how.

First, find your way in to the Plesk Control Panel and hit the “Scheduled Tasks” button, then “Schedule New Task”. The example below will show a working task executing a PHP file named cronjob.php located in /httpdocs (your document root) at 01:00 every morning of every day:

The form looks pretty straight forward however there are some points to note.

  • If you want to run every hour, put an asterisk “*” in the Hour field
  • If you want to run every day, put an asterisk “*” in the Day of Month field
  • If you want to run every month, put an asterisk “*” in the Month field
  • If you want to run everyday, put an asterisk “*” in the Day of Week field

If you have problems, check your asterisks are in the right places and that you cron PHP file is in the right location. Compare the schedule task dialogue boxes carefully and you won’t have any problems.

How to upload your site using FileZilla FTP

How to upload using FileZilla FTP Client

The process of transferring files from your personal computer to your web hosting account is referred to as “uploading” or “publishing”. We support FTP (File Transfer Protocol) for the uploading of your web site files.

If the application you used to design your site does not have an integrated FTP Client (unlike FrontPage, Dreamweaver or Serif Webplus) then you will need to download and install an FTP Client to perform the upload.

We recommend FileZilla FTP, this application is easy to use, a recognised industry standard and also completely free!

Download and Install FileZilla

If you do not already have FileZilla then it’s time to download and install it from the official FileZilla download page. Select the appropriate version for your system and install by double-clicking on the file you just downloaded and follow the instructions. The install process should take less than a minute.

FTP Hosting Settings Requirements

Before we can use FileZilla to connect to your web space, you will need to have at hand your Hosting Settings Email, this contains your FTP account settings. Please be sure you have the following information:

  1. Your FTP server also referred as the hostname. eg, server.microlite25.com
  2. Your Plesk FTP username. eg, admin67890
  3. Your FTP password. eg, abc5def
  4. The Plesk directory where you should upload your files, eg, /httpdocs

If your domain name is parked, and you have not purchased a web hosting package upgrade then you must leave this tutorial at this point and purchase a hosting package for your domain name. Parked domains do not have FTP services.

You will also need to know the directory that your web site is stored on your local computer. For the purpose of this tutorial, my site is stored in C:\My Documents\mywebsite. My site consists of “index.html” (my home page) and the directory that contains the GIF\JPG files is named “images”. We will upload both the index file and the images directory.

Site Manager – Setting up your FTP connection

  1. Click on “File” followed by “Site Manager”, a dialogue box will appear.
  2. Click on “New Site”, this will create a new site profile named “New Site”. You can rename this profile to something more meaningful at any time, I will call this FTP profile “examplesite”.
  3. Under the “General” tab, click on the “Host” input box and enter your FTP server, eg.server.microlite25.com
  4. The default “Port” is 21. You can optionally enter this value into the “Port” input box, otherwise 21 is assumed.
  5. The “Servertype” should be set to “FTP – File Transfer Protocol” by default.
  6. Click on the “Logontype” list box and select “Normal”.
  7. Click on the “User” input box and enter your FTP username, eg. admin67890
  8. Click on the “Password” input box and enter your FTP password, eg. abc5def

Important: It is easy to make a mistake here. Be careful when entering your FTP password as you cannot see the characters you are typing as they are masked by FileZilla. Make sure there are at least the same number of masked characters as there are in your password, a common error here is to copy+paste the password from the Hosting Settings email together with invisible whitespace characters – this makes it impossible to connect until you fix the password.

Site Manager – Advanced Settings

  1. Click on the “Advanced” tab, new settings appear in the Site Manager dialogue box.
  2. For “Servertype”, leave as “Default (Autodetect). The “Bypass proxy” box should be left empty.
  3. Under “Default local directory”, hit the “Browse..” button and select the directory on your personal computer that contains your web site homepage file, usually named “index.html”.
  4. Click on the “Default remote directory” input box and enter your remote folder which is /httpdocs
  5. The “Use synchronized browsing” box should be left empty.
  6. There is no need to make any changes to “Adjust server timezone offset”.

Site Manager – Transfer Settings

  1. All of our servers support “Passive” FTP transfers. To increase FTP performance, select “Passive” Transfer Mode.
  2. Enter a tick in “Limit number of simultaneous connections” and set the “Maximum number of connections” to 2.

Connect and Upload

  • Click the “Connect” button. FileZilla will now connect to your FTP server. If successful, a directory listing of your FTP web space will appear in the window on the right. The window on the left shows your web site files as stored on your personal computer.
  • To upload, select the file (or files as you can multi select) and drag them from the left window to the right window. FileZilla will now proceed to upload your files and directories as selected.
  • When the upload has completed, you can disconnect by clicking “Server”, then “Disconnect”.

Congratulations! You have successfully setup your FileZilla profile and uploaded your website!

 

Common Problems and How to Solve them

Ok, so there was a problem. Here we will address the most common problems.

Error: 530 Login Incorrect

The most common problem of all is concerning an incorrect username or password. To correct the error your must ensure that your username and password are correct. The connection log might show something like this:

Response: 220 ProFTPD FTP Server ready.
Command: USER admin67890
Response: 331 Password required for admin67890
Command: PASS ******
Response: 530 Login incorrect.
Error: Critical error
Error: Could not connect to server

Error: Could not connect to server

This error indicates that your FTP hostname, eg. server.microlite24.com is incorrect. This is almost always due to a typing error although sometimes a local DNS error (on your PC or at your ISP) can cause this problem:

Status: Resolving address of server.microle24.com
Status: Connection attempt failed with “EAI_NONAME – Neither nodename nor servname provided, or not known”.
Error: Could not connect to server
Status: Waiting to retry…

Website Not Updating

This problem does not have an error message. In fact, your site appears to upload fine but yet when you try to view your site through the browser, you still get the default “holding page”. This problem can be cause by several rasons:

  1. You have not set your “Default remote directory” in the “advanced” settings tab to /httpdocs
  2. Your homepage has not overwritten the default “index.html” page. Simply delete the unwanted “index.html” page.
  3. You homepage has some uppercase letters in the name, eg. Index.html. Ensure your filenames are lowercase.

All other problems….

For all other problems you will need to contact the Helpdesk and submit a ticket. To assist the technical support team, copy+paste the FTP error log into your ticket, this will enable them to resolve your problem in the shortest time.

Plesk – Unable to stat entry ‘/usr/local/psa/handlers/info/’

Re: Mail being bounced even though Mailbox exists, bounce message

Hi. This is the qmail-send program at server.mailserver.com.
I’m afraid I wasn’t able to deliver your message to the following addresses.
This is a permanent error; I’ve given up. Sorry it didn’t work out.”

Take a look in the mail log file:

tail -1500 /usr/local/psa/var/log/maillog

You see errors such as this:

Unable to stat entry '/usr/local/psa/handlers/info'

To resolve you need to remove and rebuil all mail handlers as follows:

1. Stop the mail service

    # /usr/local/psa/admin/sbin/mailmng --stop-service

    OR

    # service qmail stop

2. Backup old handlers in a temporary directory

    # mkdir /usr/local/temp

    # cp -a /usr/local/psa/handlers/before-* /usr/local/temp/

    # cp -a /usr/local/psa/handlers/info /usr/local/temp/

3. Remove the handlers

    # rm -rf /usr/local/psa/handlers/before-*/*

    # rm -rf /usr/local/psa/handlers/info/*

4. Recreate handlers using mchk utility

    # /usr/local/psa/admin/sbin/mchk --with-spam

5. Start mail service:

    # /usr/local/psa/admin/sbin/mailmng --start-service

    OR 

    service qmail start

This may take a little time however it will resolve all errors.