Git: list files between two commits

February 17, 2017March 3, 2017 ~ tadmin

To display changes between two commits you need to know SHA sum of commit.
You can take it from

# git log

command output.

Example command output:

commit 5b75d2ecf30b2ee9b28ca1febf60fb96b4d8625c
Merge: 78ac4ff4 ccb47ced
Author: Author Name <autor.name@email.com>
Date:   Mon Feb 13 22:27:55 2017 +0000

    Commit description goes here...

commit 4b6197f19f8c196e246d6277059f1d784e635a67
Author: Author Name <autor.name@email.com>
Date:   Mon Feb 13 20:34:38 2017 +0600

    Another commit description goes here...

Then you can run command:

# git diff --name-only 4b6197f19f8c196e246d6277059f1d784e635a67 5b75d2ecf30b2ee9b28ca1febf60fb96b4d8625c

it will show you list of changed files.

Alternatively, you can also use command:

# git diff --name-only HEAD~7 HEAD~14

to see the difference between seventh and fourteenth latest commits.

Set up password protection for virtual host in nginx

February 7, 2017February 7, 2017 ~ tadmin

To set up virtual host password protection in Nginx you can follow such steps:

1. Created .htpassword file outside web server foot folder using commands below:

# echo -n 'user:' >> /var/www/taras/data/.htpasswd
# openssl passwd -apr1 >> /var/www/taras/data/.htpasswd

Second command will ask you for a password.

2. Add the following lines to Nginx configuration file /etc/nginx/nginx.conf

auth_basic "Restricted Content";
auth_basic_user_file /var/www/taras/data/.htpasswd;

into virtual host definition section.

PHP Warning: Unknown: Unable to allocate memory for pool. in Unknown on line 0

January 26, 2017January 26, 2017 ~ tadmin

To fix error below:

PHP Warning: Unknown: Unable to allocate memory for pool. in Unknown on line 0

You should increase APC opcode cache parameter apc.shm_size, which is set to 32M by default and restart web server Apache module if PHP is set to wokr like web server module.

One more thing, you can switch off APC module for some domain or virtual host you can add the following lines to your .htaccess configuration file:

<IfModule mod_php5.c>
php_flag apc.cache_by_default off
</IfModule>

Example usage of custom fields and shortcode parameters in WordPress CMS

January 3, 2017 ~ tadmin

WordPress CMS has a lot of useful features e.g. shortcodes, custom fields.
Look at the code example below:

function my_slider( $atts ) {
	global $post;

	extract( shortcode_atts( array(	'slide_category' => 0 ), $atts, 'slide_category' ) );
	/*
	...
	*/	
	$args = array(
		'post_type'  => 'slide',
		'showposts'  => -1,
		'meta_query' => array(
			array(
				'key'   => 'slide_category',
				'value' => $slide_category,
			)
		)
	);
	$qry = new WP_Query($args);
	/*
	...
	*/

}

/*
...
*/
add_shortcode('mySlider', 'my_slider');

In example above it allows to output slides of exact category on page.
Possible slider shortcode usage can be:

[mySlider slide_category="1"]

Where mySlider is shortcode, slide_category is shortocode attribute which allows us to display flides of particular category.
To set slide_category – custom field should be added to each slide with slide category id.

WP-CLI: command line interface for WordPress CMS

December 27, 2016December 27, 2016 ~ tadmin

If you have shell access to your hosting account and your web server is running WordPress websites under Linux you should check amazing command line utility wp-cli.

Some usage examples:
1. Upgrade WordPress CMS core:

# wp core update

2. List installed themes:

# wp theme list

Example output

$ wp theme list
+----------------+----------+--------+---------+
| name           | status   | update | version |
+----------------+----------+--------+---------+
| twentyfifteen  | inactive | none   | 1.7     |
| twentyfourteen | inactive | none   | 1.9     |
| twentysixteen  | active   | none   | 1.3     |
+----------------+----------+--------+---------+
$

3. Update themes example (in case if update is available):

# wp theme update twentyfifteen twentysixteen

4. List installed plugins:

# wp plugin list

Example output:

$ wp plugin list
+--------------------------------+----------+--------+---------+
| name                           | status   | update | version |
+--------------------------------+----------+--------+---------+
| akismet                        | inactive | none   | 3.2     |
| adsense-plugin                 | inactive | none   | 1.42    |
| google-analyticator            | inactive | none   | 6.5.0.0 |
| google-analytics-for-wordpress | active   | none   | 5.5.4   |
| google-analytics-dashboard     | inactive | none   | 2.1.1   |
| google-captcha                 | active   | none   | 1.27    |
| google-sitemap-generator       | inactive | none   | 4.0.8   |
| hello                          | inactive | none   | 1.6     |
| limit-login-attempts           | active   | none   | 1.7.1   |
| socialize                      | active   | none   | 2.3     |
+--------------------------------+----------+--------+---------+
$

5. Update plugins (if update is available) example command:

# wp plugin update akismet limit-login-attempts

ProFTPd server configuration: enable FTPS (OpenSSL mod_tls)

December 7, 2016December 6, 2016 ~ tadmin

To setup SSL encryption in ProFTPd you can follow such instructions:

1. Generate self-signed SSL certificate & private key.

# mkdir -pv /etc/proftpd/ssl/
# cd /etc/proftpd/ssl/
# openssl req -new -x509 -days 365 -nodes -out /etc/proftpd/ssl/proftpd.cert.pem -keyout /etc/proftpd/ssl/proftpd.key.pem

You should fill form below:

Generating a 2048 bit RSA private key
.............................+++
................................+++
writing new private key to '/etc/proftpd/ssl/proftpd.key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [XX]:UA
State or Province Name (full name) []:Kyivska
Locality Name (eg, city) [Default City]:Kyiv
Organization Name (eg, company) [Default Company Ltd]:Shkodenko V. Taras Ltd
Organizational Unit Name (eg, section) []:IT
Common Name (eg, your name or your server's hostname) []:shkodenko.com
Email Address []:taras@shkodenko.com

2. Create mod_tls SSL configuration file /etc/proftpd/tls.conf :

<IfModule mod_tls.c>
TLSEngine                  on
TLSLog                     /var/log/proftpd/tls.log
TLSCipherSuite AES128+EECDH:AES128+EDH
TLSOptions                 NoCertRequest AllowClientRenegotiations
TLSRSACertificateFile      /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile   /etc/proftpd/ssl/proftpd.key.pem
TLSVerifyClient            off
TLSRequired                on
RequireValidShell          no
</IfModule>

3. Include mod_tls SSL configuration file /etc/proftpd/tls.conf into main “/etc/proftpd.conf” using Include :

# ...
</Global>

# Define the log formats
LogFormat                       default "%h %l %u %t \"%r\" %s %b"
LogFormat                       auth    "%v [%P] %h %t \"%r\" %s"

# TLS
Include /etc/proftpd/tls.conf
# Explained at http://www.castaglia.org/proftpd/modules/mod_tls.html
# ...

4. Check ProFTPd configration using command:

# proftpd -td10

5. If there is no errors on step 4: restart ProFTPd service using:

# /etc/init.d/proftpd restart

Upgrading MySQL 5.6 to 5.7 on CentOs

November 11, 2016December 2, 2016 ~ tadmin

First of all I would recommend you to make backups for all MySQL databases and configuration files you have.

The second recommendation is to use official Yum repositories located on http://dev.mysql.com/downloads/repo/yum/
It is the best possible option for CentOs and other Red Hat based Linux ditstibutions.

You should download repository depending on your distribution version.
For example on CentOs 6 you should use Red Hat Enterprise Linux 6 / Oracle Linux 6 (Architecture Independent), RPM Package – http://dev.mysql.com/downloads/file/?id=465605

Also, read the following page: https://dev.mysql.com/doc/mysql-repo-excerpt/5.7/en/updating-yum-repo.html before starting updates to understand how does it work better.

If you have previously installed mysql from different repository run command:

# yum repolist all | grep mysql

to find out all Yum repositories list which contains mysql.

Example output of such command on my server:

# yum repolist all | grep mysql
mysql-connectors-community MySQL Connectors Community disabled
mysql-connectors-community-source MySQL Connectors Community – S disabled
mysql-tools-community MySQL Tools Community enabled: 40
mysql-tools-community-source MySQL Tools Community – Source disabled
mysql-tools-preview MySQL Tools Preview disabled
mysql-tools-preview-source MySQL Tools Preview – Source disabled
mysql55-community MySQL 5.5 Community Server disabled
mysql55-community-source MySQL 5.5 Community Server – S disabled
mysql56-community MySQL 5.6 Community Server disabled
mysql56-community-source MySQL 5.6 Community Server – S disabled
mysql57-community MySQL 5.7 Community Server enabled: 146
mysql57-community-source MySQL 5.7 Community Server – S disabled
#

To select disable version 5.6 and select version 5.7 you can use commands such commands:

# sudo yum-config-manager --disable mysql56-community
# sudo yum-config-manager --enable mysql57-community

And then make all server packages update including mysql:

# sudo yum-update -y

Once all server updates are completed you should run:

# sudo mysql_upgrade --force

Some interesting task related to recursion and arrays in PHP

September 22, 2016November 9, 2016 ~ tadmin

Sometimes it is difficult to find best solution for some problem quickly.
For example, if you need to walk some nested array. You don’t know how deep it could be nested and extract values from it to make it flattern you can use amazing function array_walk_recursive together with anonymous function to solve such task like it is shown in example below:

$inputArray = [9, [7, 5, [11, [3]]], 14];
array_walk_recursive($inputArray, function($value, $key) use (&$resultArray) {
    $resultArray[] = $value;
});

This amazing example of magic is very simple: it calls our anonymous function for each $inputArray element, storing nested element values in $resultArray. Note, usage of & in use (&$resultArray) it tells we shoud pass variable by reference.

MySQL GROUP_CONCAT default result length & possible problems with big results

September 16, 2016November 9, 2016 ~ tadmin

If you use such function like GROUP_CONCAT you should be aware of default result size is 1024 bytes. It could lead possible problems.

For example, check the SQL query below:

set @user_ids = (SELECT GROUP_CONCAT(user_id ORDER BY user_id SEPARATOR ',') FROM user WHERE enabled = 1);

If you expect result to be list of IDs separated by comma and you have data result bigger than 1024 characters it will be truncated to default length. If you use such result in another SQL queries such as:

SELECT some_stuff FROM user_stuff WHERE user_id IN (@user_ids);

It could lead to possible logical problems when some IDs will be cropped and wrong data will be used.
To solve such problem you can change session variable using SQL query:

SET SESSION group_concat_max_len = 1000000;

Where 1000000 is maximum possible GROUP_CONCAT result size.
Also, you can set this variable globally (it is preffered way if you work with big data in most cases. Then you should add such configuration to your /etc/my.cnf

group_concat_max_len = 1000000;

and restart MySQL server to apply new default configuration.

OpenSSL generate CSR using secure SHA256 instead of SHA1

June 26, 2015July 8, 2015 ~ tadmin

To generate RSA private key using 2048 long modulus use command:

# openssl genrsa -out www.shkodenko.com.key 2048

If you want to password protect your key add -des3 parameter. You can also increase key modulus to 4096 to make it more secure.

To generate CSR using secure SHA256 algorithm the following command can be used:

# openssl req -sha256 -new -key www.shkodenko.com.key -out www.shkodenko.com-sha256.csr

There is also genkey utility. By default it will generate CSR with SHA1 but you can change it in configuration file /etc/pki/tls/openssl.cnf:

# diff -Nau /etc/pki/tls/openssl.cnf-2015-06-26.bak /etc/pki/tls/openssl.cnf

— /etc/pki/tls/openssl.cnf-2015-06-26.bak 2015-01-13 13:34:32.000000000 +0000
+++ /etc/pki/tls/openssl.cnf 2015-06-26 16:13:28.000000000 +0000
@@ -104,7 +104,7 @@
####################################################################
[ req ]
default_bits = 2048
-default_md = sha1
+default_md = sha256
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes