Enable Plesk Webp PHP 7.4 GD Support

Today i want to add on my website the support for webp images, and so i have found a plugin for wordpress that is free WebP Converter for Media

But for this plugin we must to active the support webp on the php module GD.
On My VPS i have installed PHP 7.4 on Plesk, the simple way is to change the modulo gd of plesk php version with a custom module in witch the webp support is enabled.

I have find this useful guide that i rewrite with php 7.4 that i have used on my VPS. 

Install the necessary package

# yum install make gcc plesk-php74-devel libjpeg-turbo-devel libpng-devel libXpm-devel freetype-devel libwebp-devel

Download PHP source. Note! Version of PHP source should be the same as your Plesk PHP version! For example, for PHP 7.4.4

# wget http://be2.php.net/get/php-7.4.4.tar.gz/from/this/mirror
# tar -xzf mirror
# cd php-7.4.4/ext/gd

Compile gd.so module

# /opt/plesk/php/7.4/bin/phpize
# ./configure --with-php-config=/opt/plesk/php/7.4/bin/php-config --with-webp --with-freetype --with-jpeg --with-xpm
# make

Replace original Plesk PHP gd.so module with compiled

# mv /opt/plesk/php/7.4/lib64/php/modules/gd.so /opt/plesk/php/7.4/lib64/php/modules/gd.so_orig
# cp modules/gd.so /opt/plesk/php/7.4/lib64/php/modules/
# plesk bin php_handler --reread

Check that all is OK

# /opt/plesk/php/7.4/bin/php -m | grep gd
gd

Do not forget to to make fake removal of original plesk-php74-gd package! Otherwise, your custom gd.so will be overwritten with next update.

# rpm -e --justdb plesk-php74-gd

 

At last remember that you must to go on
Plesk -> Tool & Setting -> PHP Settings
Choose your PHP Verison in this case PHP 7.4.4 and

  • Remove GD module and save
  • Add GD module and save

So Plesk rebuild php for the domains.

Plesk Nginx WP Super Cache Expert Mode Settings

Have you got a wordpress site and you want to optimize it?
The simple way to take fast your website is:

  • Install WPSuper Cache Plugin
  • Setting Server side Nginx

Install WP Super Cache Plugin

The installation of WPSuper Cache is easy, just download the plugin and then upload it on our wordpress website.

Setting WP Super Cache

Now i show to you how to set wp super cache in “Expert mode”, remember that this mode require the change on the server for nginx configuration.

Enable Caching ON

Then we must to set the Expert Mode, and then suggest some setting:

Settings Server side Nginx

Now we need to set the configuration of nginx on our server, in this case i configure a Plesk Server.
We must go in the Domain Setting -> Apache & nginx Settings
In the bottom we find “Additional nginx directives

We must to enable:

  • GZIP compression for the page that we serve on the client
  • Header Cache Control to declase a cache browser for the js, css, image etc..
  • Location to find wpsupercache generated file
  • Security setting 
### WP Super Cache Below ###
set $cache_uri $request_uri;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
	set $cache_uri 'null cache';
}

# GZIP Compression
gzip on;
gzip_disable "MSIE [1-6]\\.(?!.*SV1)";
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_proxied any;
gzip_comp_level 9;
gzip_types text/plain text/css application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon image/bmp image/svg+xml;
gzip_vary on;

# NGINX Caching
location ~* \.(?:ico|css|js|gif|jpe?g|png|svg|woff)$ {
	expires 14d;
	add_header Cache-Control "public, no-transform";
	log_not_found off;
}

location ~* \.(jpg|jpeg|gif|png)$ {
	expires 14d;
	add_header Cache-Control "public, no-transform";
	log_not_found off;
}

location ~* \.(pdf|css|html|js|swf)$ {
	expires 14d;
	add_header Cache-Control "public, no-transform";
	log_not_found off;
}

location ~ \.css {
	add_header  Content-Type    text/css;
}
location ~ \.js {
	add_header  Content-Type    application/x-javascript;
}

if ($query_string != "") {
	set $cache_uri 'null cache';
}

# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
	set $cache_uri 'null cache';
}

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") {
	set $cache_uri 'null cache';
}

# Use cached or actual file if they exists, otherwise pass request to WordPress
location ~ / {
	try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php ;
}

# WORDPRESS PERMALINKS
if (!-e $request_filename) {
	rewrite ^(.+)$ /index.php?q=$1 last;
}

# SECURITY
location ~* wp-config.php { deny all; }
location ~* "^/wp-content/(?!plugins/).*\.php" { deny all; }

Now you can test your site on pagespeed and see the difference!
If you want much performance you can use Autoptimize WordPress plugin to minify js, css and html.

Yii 2 Framework Configure on Plesk 17 – Nginx

Hi,
today i want to explain how to configure a app with framework Yii 2 on your hosting Plesk.
In my case i have Plesk 17.8, the problem is how to configure the subdirectory and so how to convert the htaccess of Yii 2 app.

On Plesk 17 you must to configure the site, on run PHP-FPM un on nginx.
So go in the Hosting Setting of the domain:

Hosting Setting

So go in the Hosting Setting of the domain:

Apache & nginx Settings

You must to disable Proxy mode

Than we must to configure the Additional nginx directives
So go in the Apache & nginx Settings of the domain
Than into Additional nginx directives copy this code (change YOURDOMAIN with the domain that you want to configure):

set $base_root /var/www/vhosts/YOURDOMAIN/httpdocs;

charset UTF-8;
index index.php index.html;

location / {
	root $base_root/frontend/web;
	try_files $uri $uri/ /frontend/web/index.php$is_args$args;

	location ~ ^/assets/.+\.php(/|$) {
		deny all;
	}
}

location /admin {
	alias $base_root/backend/web/;

	# prevent the directory redirect to the URL with a trailing slash
	location = /admin {
		# if your location is "/backend", try use "/backend/backend/web/index.php$is_args$args"
		# bug ticket: https://trac.nginx.org/nginx/ticket/97
		try_files $uri /backend/web/index.php$is_args$args;
	}

	try_files $uri $uri/ /backend/web/index.php$is_args$args;

	location ~ ^/admin/assets/.+\.php(/|$) {
		deny all;
	}
}

location ~ ^/.+\.php(/|$) {
	rewrite (?!^/((frontend|backend)/web|admin))^ /frontend/web$uri break;
	rewrite (?!^/backend/web)^/admin(/.+)$ /backend/web$1 break;

	fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
	fastcgi_param PATH_INFO $fastcgi_path_info;
	fastcgi_pass "unix:///var/www/vhosts/system/YOURDOMAIN/php-fpm.sock";
	include /etc/nginx/fastcgi.conf;
}

location ~ /\. {
	deny all;
}

If you want you can enable nginx caching

Press “OK” and enjoy

[CVE-2017-1000253] Linux kernel security bug fixed

How to report on zdnet on their article there is a serious bug with linux kernel identified as CVE-2017-1000253:

§ Centos6 con Kernel < 2.6.32-696.10.3
§ Centos7 con Kernel 7.4 kernels < 3.10.0-693

The bug how report zdnet:

This is a problem with how the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader could allow part of that application’s data segment to map over the memory area reserved for its stack. This could cause memory corruption. Then, an otherwise unprivileged local user with access to a Set owner User ID (SUID) or otherwise privileged flawed PIE binary, could gain higher-level user privileges.

The bug was fixed so you must to upgrade your kernel.

I used the guide on the site tecmint.com. It was very helpful and easy, consist to install a new kernel and then switch the boot on the new kernel. Suggest to take a snapshot or a backup of your machine / virtual machine.

 

 

How to reset mysql root password

Pratical and best guide that i have tried from many others that founded on web about how to reset mysql root password on linux server.

When you have this error, on you Ubuntu or Centos server (I have tried on Centos, and the user in the original post tried on Ubuntu):

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

This is the guide to reset your mysql password:

$ sudo -s

# /etc/init.d/mysql stop

# mysqld_safe --skip-grant-tables &

# mysql -u root

 

After logged as user root, reset the password:

mysql> use mysql;

mysql> update user set password=PASSWORD(’__NEW__PASSWORD__’) where User=’root’;

mysql> flush privileges;

mysql> \q

# /etc/init.d/mysql start

 

And then, remember take a backup of your file!!

mysqldump -u root -p --all-databases > alldb.sql

Thank you to http://forum.ubuntu-it.org/viewtopic.php?t=293129

How to import big sql on Plesk 11 / 12

Do you need to import a big sql on your plesk and don’t know how to do?
It’s simple and very fast.
Connect throw ssh on your server and access to mysql console:

mysql -uadmin -p`cat /etc/psa/.psa.shadow`

Then is simple, just select the database and execute our sql file.
We must to upload on the server the .sql file that we want to import, if we can optimize the upload process we can upload a zipped sql so then on the server just execute:
unzip ourfile.sql.zip

Now select the database:
use name_database;

Execute the sql file:
source path_to_file.sql

In a few second the big sql is uploaded!

Plesk 12 Centos 6 install OpenDKIM

Today i fought with Plesk 12 and Centos 6 to install OpenDKIM with DOMAIN KEY and SPF.

For domain key and spf is simple, just for each domain on plesk directly active it in the setting mail.

OpenDKIM is a service that must be installed on centos directly.
Let’s start!

Install opendkim and opendkim tools:

yum update
wget -P /tmp http://mirror.pnl.gov/epel/6/i386/epel-release-6-8.noarch.rpm
rpm -Uvh /tmp/epel-release-6-8.noarch.rpm
rm -f /tmp/epel-release-6-8.noarch.rpm
yum install opendkim opendkim-tools

Now we must to create the directory that can be used than with opendkim for keys generation

mkdir -pv /etc/opendkim/keys
chown -Rv opendkim:opendkim /etc/opendkim
chmod go-rwx /etc/opendkim/*

touch /etc/opendkim/KeyTable
touch /etc/opendkim/SigningTable
touch /etc/opendkim/TrustedHosts

Then to simple generate the key and assign the domain to trusted host and signing table, create a simple script.

Create the file:

/opt/generatedkim.sh

and put in it:


#!/bin/bash
# /opt/generatedkim.sh
die () {
echo >&2 "$@"
exit 1
}

[ “$#” -eq 1 ] || die “1 argument required, $# provided, domain required, ex: ./script example.com”

cwd=`pwd`
opendkim=”/etc/opendkim”
location=”$opendkim/keys/$1″
[ -d “$location” ] && die “There is already a directory in the folder, delete folder if you want to create a new one”

mkdir -p “$location”
cd “$location”
opendkim-genkey -d $1 -s mail
chown opendkim:opendkim *
chown opendkim:opendkim “$location”
chmod u=rw,go-rwx *
echo “$1 $1:mail:$location/mail.private” >> “$opendkim/KeyTable”
echo “*@$1 $1” >> “$opendkim/SigningTable”
echo “$1” >> “$opendkim/TrustedHosts”
echo “mail.$1” >> “$opendkim/TrustedHosts”
echo
echo “Put this in the DNS ZONE for domain: $1”
echo
cat “$location/mail.txt”
echo
cd “$cwd”

Now we must use it to generate the domain keys and dns record:


/opt/generatedkim.sh test.de

Put this in the DNS ZONE for domain: test.de

mail._domainkey IN TXT “v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPzE0GmvFwAQsgcFzopy4zMNWUbL6JM5XIyjBy3bUnANI5axeb
/Lw/GBjUoSFLEiO80Tt8m3A5YrBKcodRQQURYiW6/
YtElhLupHyfcxQhfNLU4z9JUOJKPjcpMZCj0Xv873QgVOl+7U605JdBHSPOx4ybBZwDq68cw9YFYRPmEwIDAQAB” ; —– DKIM key mail for test.de

Create the record dns as the script put out on your domain dns zone.

Remember that if you restart the server you must go up the service of opendkim!!

Thank you to matoski.com