Simple .htaccess redirection and rewriting

Here is quick code for creating redirection for your web site:

Redirecting to www:

RewriteEngine On
RewriteCond %{HTTP_HOST} !^www.example.com$ [NC]
RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]

This will redirect all request from http://example.com to http://www.example.com

Redirecting to www with https:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

This will redirect all request to https://www.example.com

Access page with multiple names/urls (SEO trick):

# The page login.php will be accessible by http://example.com/login and http://example.com/login.php
RewriteEngine On
RewriteRule ^login login.php [L]

Pass querystring (GET) values to PHP page:

# This will send id (GET) value as 1 to page checkout.php where you can get it into script via $_REQUEST[‘id’]

RewriteEngine On
RewriteRule ^checkout/id checkout.php?id=1 [L]

Above codes can be used for basic SEO and URL rewriting/redirection.

Disable Sym links on linux WHM/cPanel

Disabling SYM links is not a tough task on WHM/cPanel based servers, however you might not found proper way to do this, here is the quick code for disabling symlinks.

Why disabling symlinks is necessary for non-root users?

Gaining access to other accounts hosted on cPanel/WHM hosting servers is done by symbolic links, hackers usually create symbolic links on an hacked account to gain access to files hosted on other accounts so other accounts can be accessible through those symbolic links. To deal with this issue system administrator should disable symbolic links creation for non-root users.

  • Login to WHM/cPanel server via SSH with root access.
  • execute following commands:
  • $ wget http://layer1.rack911.com/before_apache_make -O
  • $ /scripts/before_apache_make
  • $ chmod 700 /scripts/before_apache_make
  • And then recompile apache by previous saved profile:
  • $ /scripts/easyapache

That is all, you can also check for any symbolic links already created:

  • $ find /home*/*/public_html -type l

    This will output directories and files those are sym linked.

Have fun!

WordFence a must have plugin for wordpress

Now a days hackers are just focusing on wordpress web sites as they are lack of security measurements. I was also a victim of those hackers then i saw my friend named “Aaqil” who runs his own wordpress blog (http://eye44.com) has got a plugin named “Wordfence” his blog has also got hack and he recovered it by wordfence, however i have gone through all the manual work to restore my blog. It was really a pain to restore it manually and then i came to know all the operations i have done manually could also be done by wordfence within few clicks.

Then i installed wordfence plugin which enabled me to secure my wordpress blog to 90% it includes :

  • Firewall
  • Virus scanning
  • Realtime Traffic Monitoring
  • and much more

As a web hosting provider and a blog owner i would like to recommend this plugin as “A must have plugin“.

You can install it from the web plugin section of wordpress admin area, however if you wish to install it manually here is the URL : http://wordpress.org/plugins/wordfence/

Feedback are welcome 🙂

Cron job for backing up MYSQL database from SSH

Backing up MYSQL databases became very necessary especially if you own a shopping cart or e commerce website.

Hackers are always trying to gain access to your database and sometimes they gain access and the most action they perform is to modify databases and change the information stored. In that case you cannot restore your database if you do not have backup and if you have backups mostly they are daily or weekly backups taken by cPanel or by any other control panel.

There is no feature in any hosting panel which allows you to take backup every minute or by custom time span.

The following script allows you to configure an time interval for taking backup of mysql database and it does not replace any backup stored already. This means you can restore any backup available accordingly.

Features are discussed in the comment# lines of the scripts:

Just copy and paste this script in any file like: backup.sh and upload it in any folder giving root access to it.

 

#!/bin/bash -x
#backup file location, it is the location where backup will be stored, change it to your own
backupDir=/home/USERNAME/public_html/backups/
myDate=$(date '+%Y-%m-%d'-'%I-%M-%S-%p')

#this is the backup file name, generates different names of files to avoid rewriting
dbName=backupSQL-$myDate

# This is temporary directory, change it accordingly if you have this somewhere else.
cd /tmp

# MYSQL command to take backup with valid username/password
mysqldump -u root -pPASSWORD_HERE DATABASE_NAME_HERE > $dbName

# it compresses the file into tar to save the disk space.
tar -cvf $dbName.tar $dbName

# moves the file to backup directory from temporary directory
mv $dbName.tar $backupDir

# delete backups older than 2 days, change -mtime +2 to any digit like +7 for files older than 7 days.
find $backupDir -mtime +2 | xargs rm -rf

<br/ >
Now come to a cron job, Follow the following steps to set a cron job for auto backups.
<br/ >
Login to SSH with root access.

Execute following command:

$ crontab -e

A text editor will be opened just write the following cron job line at the end of file:

*/5 * * * * /FILE-PATH/backup.sh

In above code */5 is the time interval for auto backups. Auto backup script will run every 5 minutes. You can change it accordingly.
Just save the cron job and you’re done.

Feedback are welcome 🙂