How to install the free SSL certificate from “Let’s Encrypt” on NameCheap Shared Hosting Server without SSH access. [Working]

Do you want to make your website secure by enabling https:// by installing Free SSL certificate from “Let’s Encrypt” on NameCheap Shared Hosting Server without SSH access? If the answer is YES, then follow the steps below to achieve the same completely free.

In fact, this will work on any hosting server which allows installation of SSL certificates through cPanel.

All of the procedure needs to be done on your own desktop/laptop and generate the certificate. Once done, install the certificate on your hosting server through cpanel.

These two prerequisites must be set up on your desktop/laptop before starting the procedure:

openssl
python

Step 1: Create a directory and clone the “acme-nosudo” helper script.

Step 2: Generate an user account key to register with Let’s Encrypt.

Step 3: Generate the domain key and a certificate request which will get signed for free for your domain by Let’s Encrypt.

To know the path for the “openssl.cnf” configuration file, use the command ” openssl version -a “. This will show you the OPENSSLDIR: “/System/Library/OpenSSL”

Step 4: Run the script using python using your user account public key and the domain CSR.

Use the “–file-based” option to allow verify the challenge by creating and serving the desired file with desired content at desired URL on your server. This removes the need of having SSH access to your server.

During this process, the script asks you to run some manual commands, you need to run them in a separate terminal window. You need to keep the script open while you run them. Also, the challenge files can be created for verification using the “FileManager” at the desired directory.

Output:

Now, your certificate is signed and ready to be installed on your shared hosting server. Open the files “signed.crt” and “domain.key” with any text editor.

Step 5: Open the cPanel in the browser and install the certificate.

* Go to cPanel > Security > SSL/TLS and press on “Manage SSL Sites”.
* Select the domain you want to install the certificate. in my case it is “wpdelighter.com”
* In Certificate: (CRT) paste the content of the recently created “signed.crt”
* In Private Key: (KEY) paste the content of “domain.key”
* Press Autofill by Domain button, next to the domain selection drop-down.
* Press Install certificate.

If everything goes well, your let’s encrypt certificate is successfully installed on NameCheap shared hosting server.

How to fix 403 error resulting out of wrong installation of SSL certificate on Bitnami WordPress Stack For AWS Cloud

The issue of “403 error” can result from various reasons. In my case, it was due to the wrong installation of Let’s Encrypt SSL Certificate on the EC2 instance on AWS. After the SSL certificate setup, once the Apache server was restarted the website was down and it started showing a 403 forbidden error.

The system log was showing the following errors: ( System Log can be accessed by following the below-mentioned step on AWS graphical interface )

I used the command below:

The output of the above command was:

It was obvious that port 80 was being used by some other process. To find out which process was using it, I used the “netstat” command.

It was nginx which was using the port 80. Since I was not using the nginx, I had to stop and restart the apache inside bitnami.

Useful Resources:

Install Postgres database on Windows and allow password less access

Install Postgres Database on Windows and allow password less access for the database to be used in various applications.

  1. Install Postgres database on Windows machine by downloading the executable file from here: https://www.enterprisedb.com/downloads/postgres-postgresql-downloads
  2. pgAdmin tool can be downloaded and setup on Windows machine to view and manage the databases and tables by downloading the executable file from here: https://www.pgadmin.org/download/ Make sure to check the Postgres version and compatible version of the pgAdmin tool.
  3. phpPgAdmin can be downloaded and setup on Apache server to manage the databases from a web based enviornment. http://phppgadmin.sourceforge.net/doku.php?id=download

Now, for applications running on private & internal LAN setup, a password less access to the the postgres database is required. To allow login into the database without a password, a simple modification to the pg_hba.conf file is required.

  1. Edit postgre configuration file: C:\Program Files\PostgreSQL\9.2\data\pg_hba.conf
  2. Change all configuration access to:
  3. Restart the postgres server. Go to Control Panel > Administrative Tools > Services > Restart the Postgres service.

Just completed my WP 5k 2016 walk :)

Feeling little tired but happy as I have just now completed my WP 5k 2016 walk#WWWP5K ) !! If you aren’t aware of the WP 5k 2016, it’s a 5-kilometer run/walk/hike/hop in between September 19th to September 25th. Wherever you are, whatever you are doing, if you are anyway involved with WordPress, just participate and blog about it.

Today morning I thought about taking part in the Worldwide WP 5k 2016 by walking the distance of 5 Km. Started off from my home and went to the Buddha Park and walked until I cover the WP 5k 2016 🙂 It’s really awesome to get up early and walk around that too for WordPress’s Worldwide WP 5k 2016.

I have been involved with WordPress for more than 5 years now, currently working as a WordPress developer at Axelerant. Love to unite with worldwide bloggers, runners, WP developers !!

Here is the map of my walk !!
subharanjan_wwwp5k

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Selfie afterward:

subharanjan_wwwp5k_after

How to fix 302 redirect issue when updating posts in WordPress? [Solved]

Recently, while writing a blog post I found that I am not able to update/publish any post on my WordPress website dashboard rather it redirects me to the website front page when I click the “Update” button. Now, I was unsure what’s creating this trouble and how to fix this 302 redirect when updating posts in WordPress.

Debug:

To check what could be the issue, I tried the followings :

  • I checked for any javascript errors through chrome dev tool’s console, but no errors there.
  • I deactivated all the plugins
  • Even changed the theme to the default Twenty Sixteen

Root Cause:

Still, the issue was there. After debugging a little more I found the cause of this. It was the strict Mode_Security which was causing the trouble. Now the question is: “What is Mod_Security?”

ModSecurity is an open source, cross-platform web application firewall (WAF) module. Known as the “Swiss Army Knife” of WAFs, it enables web application defenders to gain visibility into HTTP(S) traffic and provides a power rules language and API to implement advanced protections.

Basically, this is an Apache module that is installed on most servers by default to help protect your website from various attacks. It is used to block commonly known exploits by use of regular expressions and rule sets. This sometimes blocks the POST requests being generated after a post is updated or published because of the complex HTML content having all the tags, embed code, shortcodes etc. which get caught by the ModSecurity’s rule set.

cPanel-Mod-Security-Subharanjan

Solution:

To fix this issue simply disable the module on your server. This can be achieved through the Modsec Manager plugin for cPanel if you are on a shared server. Read the following to know how to disable manually on VPS and Dedicated servers. http://www.inmotionhosting.com/support/website/modsecurity/what-is-modsecurity-and-why-is-it-important

I am sure there are a ton of other reasons for a 302 redirect issue but in my case, this was Mod_Security causing the problem and after disabling the module I am able to update and publish the posts. 🙂

List of useful tools for WordPress development

When a developer starts WordPress development and tries to make the process easier and faster, generally he searches for best tools and various boiler plates which can alleviate the manual task of starting the development from scratch.

wpgearWordPress Gear (WPgear.org) is a website which lists out lots of useful tools those are free and GPL(OpenSource). The list includes tools and its related information for all aspects of WordPress development. Starting from WordPress base tools to Debug tools, PHP boiler plates, Meta fields frameworks, Theme development tools and lot more..

New and latest tools are being added constantly into this list as this is a community driven site. Whole of the code for this page resides in Github and anybody can add any free tool into the list. Just fork the project, add/edit your tool with a link, submit a pull request.

Visit WPGear.org to browse the complete list of tools. Happy WP Coding 🙂
1) http://wpgear.org/
2) https://github.com/wycks/WordPress-Gear

Timthumb not showing images and throws “Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. ” error. [Solved]

timthumbRecently I faced a situation where the timthumb script was unable to crop the images and was throwing error messages. There are themes those still use timthumb even though its a bad practice to use in themes when we have already functions available in core WordPress. Anyway I had to fix the issue as I was not state to replace the timthumb functionality with core WordPress functions.

Here is the error message:

This issue occurs in several hosts, mainly the free hosts available these days. So, the trick is to find where the $docRoot variable was set and set it to my public_html folder manually in my home directory. In my file it was on line number 825. I did the following…

Obviously the /a9582221/ would be your username.

Where to make this changes ??
Search for the file timthumb.php and make the above changes. Thats it. The issue got resolved now.