Jorge Saldívar

Tag: dev

  • Saturday morning vibe…

    Cleaning up some personal projects and performing some maintenance on some personal deployments.

  • How-to Backup a WordPress Website Using WP-CLI

    How-to Backup a WordPress Website Using WP-CLI

    Backing up a WordPress website using WP-CLI (WordPress Command Line Interface) involves several steps. Here’s a general guide on how to do it:

    1. Install WP-CLI

    If you haven’t already installed WP-CLI, you’ll need to do so. You can find the installation instructions on the WP-CLI’s official website.

    2. Access Your Server

    You’ll need SSH access to your server. Once you’ve logged in, navigate to the root directory of your WordPress installation.

    3. Backup the Database

    To backup your WordPress database, use the following WP-CLI command:

    wp db export

    This command will create a .sql file in your WordPress directory. This file contains all of your WordPress database information.

    4. Backup WordPress Files

    You also need to backup your WordPress files, including themes, plugins, and uploads. To do this, you can use a command like rsync or tar. For example:

    tar -czvf yoursite_backup.tar.gz /path/to/your/wordpress/directory

    This command will create a compressed archive of your WordPress directory.

    5. Download the Backup

    After creating the backup files on your server, you’ll need to download them to a safe location. You can use an FTP client or a command like scp for this purpose.

    6. Automating the Process

    Optionally, you can write a script to automate the backup process and schedule it to run regularly using a cron job.

    Important Tips

    • Test Your Backup: Always test your backups to ensure they work as expected.
    • Secure Your Backup: Keep your backup files in a secure location to prevent unauthorized access.
    • Regular Backups: Schedule regular backups to minimize the risk of data loss.

    Remember, while WP-CLI is a powerful tool, you should be comfortable with command-line interfaces and have the necessary permissions on your hosting server to perform these actions.

  • The principle of least privilege

    The principle of least privilege

    The principle of least privilege is a key concept in computer security and information security. It refers to the practice of limiting access rights for users to the bare minimum necessary to perform their job functions. This principle is applied to every part of a system, including systems, processes, users, and programs.

    Here are the key aspects of the principle of least privilege:

    1. Access Control: Users are granted only those permissions they need to complete their tasks. For example, a user who needs to read data from a database does not need permissions to modify it.
    2. Minimizing Risk: By limiting the access rights of users and programs, the potential damage from accidents, errors, or unauthorized use is minimized. This reduces the risk of a security breach.
    3. Segmentation of Privileges: Privileges are often segmented and managed separately. For instance, an administrator might have different levels of access depending on the task, rather than having blanket administrative privileges across the entire system.
    4. Regular Review and Adjustment: Privileges should be regularly reviewed and adjusted based on changes in user roles or system configurations. This ensures that the principle remains effective over time.
    5. Application in Software Development: In software development, this principle means giving a program or process only the permissions it needs to operate, thus limiting the potential impact of a security vulnerability in that program.
    6. Defense in Depth: The principle of least privilege is part of a broader security strategy known as defense in depth, where multiple layers of security controls are deployed to protect information and systems.

    Overall, the principle of least privilege is about granting the minimum level of access necessary, reducing the attack surface, and mitigating the potential impact of security breaches.

  • Crontab

    Crontab

    Issue:

    How to setup cron jobs in Ubuntu (and Linux)?

    Solution:

    Setting up cron jobs on a Linux system like Ubuntu is a straightforward process. Cron jobs are scheduled tasks that your system runs at specified times or intervals. Here’s how you can set them up:

    Accessing the Cron Table:

    1. Open the Terminal: Launch your terminal application.
    2. Edit Cron Jobs for Your User: To edit the cron jobs for your current user, use the following command: crontab -e This command opens your user’s cron file in the default text editor. If it’s your first time using crontab, it may ask you to select an editor (like nano, vi, etc.).
    3. Add a New Cron Job: In the text editor, you can add a new cron job in the following format: * * * * * command-to-execute This is broken down as:
      • Minute (0 - 59)
      • Hour (0 - 23)
      • Day of the month (1 - 31)
      • Month (1 - 12)
      • Day of the week (0 - 6) (Sunday = 0)
      For example, to run a script every day at 5 AM, you would write: 0 5 * * * /path/to/script.sh Make sure your script (script.sh in this example) is executable. You can make it executable with chmod +x /path/to/script.sh.
    4. Save and Exit: After adding your cron job, save and exit the editor. This will install the new cron job.
    5. Verify Your Cron Jobs: To ensure your cron job is listed, use: crontab -l

    Special Syntax:

    Instead of the asterisks, you can use special strings for common intervals:

    • @reboot: Run once, at startup.
    • @yearly or @annually: Run once a year, “0 0 1 1 *”.
    • @monthly: Run once a month, “0 0 1 * *”.
    • @weekly: Run once a week, “0 0 * * 0”.
    • @daily: Run once a day, “0 0 * * *”.
    • @hourly: Run once an hour, “0 * * * *”.

    Common Examples:

    • Backup Every Day at Midnight:
      0 0 * * * /path/to/backup/script.sh
    • Run a PHP Script Every Hour:
      0 * * * * /usr/bin/php /path/to/your/script.php

    Tips:

    • Environment Variables: Cron jobs run in a minimal environment, so you might need to define environment variables that your task requires.
    • Output Handling: By default, cron sends the output of the job to the user’s mail (local mail, not internet email). You can redirect the output to a file or to /dev/null if you don’t need it.
    • Logging: To log the output of a cron job, redirect the output to a file:
      * * * * * command-to-execute >> /path/to/logfile 2>&1
    • Script Permissions: Ensure that any scripts you’re calling are executable and have the appropriate permissions.

    Cron jobs are particularly useful for automating routine tasks like backups, system updates, or periodic cleanup of temporary files.

  • LAMP Stack Setup

    LAMP Stack Setup

    Setup for Ubuntu 20.04 LTS or 22.04 LTS. Lifted from this resource on AWS.

    Linux

    WSL, Ubuntu Multipass, or equivalant.

    Apache

    Version: distribution

    sudo apt update -y
sudo apt install apache2 -y

    PHP FPM

    Version: 8.2

    Run the following commands to install PHP:

    sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update -y
sudo apt install php8.2 php8.2-{fpm,mysql,curl,gd,mbstring,mysql,xml,mcrypt,zip,ldap} libapache2-mod-php8.2 -y

    Install PHP-FPM

    sudo a2enmod proxy_fcgi setenvif
sudo a2enconf php8.2-fpm
sudo a2dismod php8.2
sudo systemctl enable php8.2-fpm
sudo service apache2 restart;sudo service php8.2-fpm restart

    MariaDB

    Version: 11.1.2

    Run the following command to add the MariaDB yum repository (For all Linux distributions):

    curl -LsS https://downloads.mariadb.com/MariaDB/mariadb_repo_setup | sudo bash -s -- --mariadb-server-version="mariadb-11.1.2"

    Install MariaDB Package

    sudo apt install mariadb-server -y

    MariaDB Secure Installation

    sudo mysql_secure_installation

    When prompted, set a password for the root account:

    • Enter the current root password. By default, the root account doesn’t have a password set.
    • Press Enter.
    • Press N to switch to unix_socket authentication.
    • Press Y to set a password, and then enter a secure password twice. Make sure to store this password in a safe place.
    • Press Y to remove the anonymous user accounts.
    • Press Y to disable the remote root login.
    • Press Y to remove the test database.
    • Press Y to reload the privilege tables and save your changes.

    Permissions

    The following command will add the ubuntu user to the www-data group:

    sudo usermod -a -G www-data ubuntu

    The following commands will set the correct permissions for the /var/www directory:

    sudo chown -R ubuntu:www-data /var/www
sudo chmod 2775 /var/www
find /var/www -type d -exec sudo chmod 2775 {} \;
find /var/www -type f -exec sudo chmod 0664 {} \;

    Your site is ready!

    Visit your website by entering your instance’s public IP address in your browser. You should see the default Apache page.

  • PDF to HTML

    PDF to HTML

    WSL, Ubuntu 20.05, command line, for “PDF to HTML.” Step by step.

    Here are the short instructions to convert a PDF to HTML using WSL with Ubuntu 20.04:

    1. Install WSL with Ubuntu 20.04.
    2. Launch the Ubuntu terminal.
    3. Update Ubuntu: sudo apt update && sudo apt upgrade -y.
    4. Install Poppler: sudo apt install -y poppler-utils.
    5. Convert PDF to HTML using:
      pdftohtml -s <input_file>.pdf <output_file>.html
    6. Access the converted HTML file in the same directory.

    That’s it!