This post assumes you have successfully installed PHP-FPM and have confirmed it is running on the server, and
# systemctl status php7.2-fpm.service
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2020-08-13 03:40:43 UTC; 14min ago
Configured on the site:
But still getting this:
The good news is you are actually pretty close, and it’s actually something you missed in your site config file.
Go back and verify the port you’re listening on (e.g., vim /etc/php/7.2/fpm/pool.d/[pool name].conf). For instance, in my case it was:
DD-WRT is an OpenSource router firmware supported by most modern router systems. If you want to open the door to what you can do with your router, DD-WRT is the way to do it. It allows you to bypass the limitations your commercial router software introduces.
Ok, let’s cut to the chase..
Permission Denied Using SSH with DD-WRT
If you’re like me, you have probably hit a brick wall when trying to SSH into the router after it’s been imaged with DD-WRT.
Check All SSH Settings
There are two place you want to update SSHD settings. Navigate to the following location
Services > Services > Secure Shell
Here, you will enable the SSHD daemon.
Make note of the port you’re using, and select to use a password or key or both. This is pretty straight forward, in my scenario I selected to disable password login and use my public SSH key for security.
Snapshot of Secure Shell Panel on Services Page
Then, navigate here:
Administration > Management > Remote Access
Don’t ask me why, but here you will make sure that SSH Management is Enabled and that your port is set the same as the last page.
Snapshot of Remote Access Panel on Management Page
Now save, and reboot the machine to make sure the changes stick.
Verify Username is Correct
If you are still having an issue, and it looks something like this:
$ ssh admin@192.168.1.1
DD-WRT v3.0-r44048 std (c) 2020 NewMedia-NET GmbH
Release: 08/02/20
Board: Linksys WRT3200ACM
admin@192.168.1.1: Permission denied (publickey).
or, something like this:
$ ssh admin@192.168.1.1
ssh: connect to host 192.168.1.1 port 22: Network is unreachable
tony:public antonioperez$ ssh admin@192.168.1.1
DD-WRT v3.0-r44048 std (c) 2020 NewMedia-NET GmbH
Release: 08/02/20
Board: Linksys WRT3200ACM
admin@192.168.1.1’s password:
Permission denied, please try again.
admin@192.168.1.1’s password:
Permission denied, please try again.
admin@192.168.1.1’s password:
But you swear you are using the same username and password you log into the GUI with, then it might be something a little more frustrating.
The user.
Update the user to root instead of whatever user you were using. In my case, I was testing with admin.
After updating the username to ROOT:
$ ssh root@192.168.1.1
DD-WRT v3.0-r44048 std (c) 2020 NewMedia-NET GmbH
Release: 08/02/20
Board: Linksys WRT3200ACM
Enter passphrase for key ‘/Users/antonioperez/.ssh/id_rsa’:
Tada! Like magic, it started working. I have no idea why this is, but I have successfully used this on three DD-WRT installations and it works every time.
Was recently working on a project, not using a CMS like WordPress and Daniel was making fun of me for requiring “.php” in my URL.
Naturally, that could not go without a response.
Example of What I wanted to Do
Example of what I’m talking about:
https://defragged.org/somdirectory/somefile.php
I wanted to remove the “.php” extension from the URL, so that it reads:
https://defragged.org/somdirectory/somefile
If this is you, then here is the quick and dirty on how to get this done.
How To Remove .PHP / .HTML from URL Slug
I am working on Apache and the latest version of Ubuntu, but it should be the same for most of the latest versions.
Because this is a test server, I wanted to do a global deployment so that I don’t have to worry about it anymore. This saves me from having to remember to do this in each web directory via an .htaccess file.
Navigate to your apache config file, something like this:
# vim /etc/apache2/apache2.conf
Scroll to the bottom, and append this to your file:
I was working with the categorify.org site and I wanted to parse through the API’s response. The response was in JSON format.
There are a number of different ways you can do this, but if you want a quick, simple, way that uses existing tools you probably already have installed, this is for you.
{“domain”:”pornhub.com”,”ip”:”31.192.120.36″,”country-code”:”NL”,”country”:”Netherlands”,”rating”:{“language”:true,”violence”:false,”nudity”:true,”adult”:true,”value”:”R & NSFW”,”description”:”Adult-only content and not safe for a work environment”},”category”:[“Adult\/Pornography”],”keyword_heatmap”:{“videos”:99,”free”:85,”pornhub”:61,”porn”:55,”models”:54,”premium”:45,”content”:45,”rated”:44,”photos”:44,”exclusive”:43,”party”:43,”gifs”:42,”sister”:39,”discover”:36,”online”:36,”video”:35,”albums”:34,”pornhubcom”:33,”cancel”:33,”subscribed”:30}}
What I specifically wanted was the category value: “category”:[“Adult\/Pornography”]
So I modified my command to pipe my output to python and ran the following:
The section you’re most interested in is this: print obj[“category”]
You have to choose which object you want to print. In my case, I wanted the category object as it holds the value I am looking for.
You can use this to parse any JSON response, just update the print object with one that corresponds to your results. The beautiful part is that this should be available on most major OS platforms without additional installations.
Side note, here are two variations depending on which version of Python you have on your machine.
What we’re also doing above is cutting out any grep inquiries, because if you were to run a grep command it will show as a process as shown here in red:
This is important because this if [ $? = 0 ]; is looking for the grep exit value of 0, which states:
EXIT STATUS The grep utility exits with one of the following values:
0 One or more lines were selected. 1 No lines were selected. >1 An error occurred.
With this selection, if you run the grep and there are no service running it would still find the grep service itself. It’d give you a false positive response.
The echo command then prints the status of the service:
echo `date “+%Y-%m-%d %H:%M “`”$i Running…”;
It passes each argument through the loop. If the service is found to be running it prints:
When working on your server you might need to disable the Uncomplicated Firewall (UFW). When doing so you’ll notice it doesn’t display your rules when the application is inactive.
Sometimes you need to compress an entire directory, but sometimes you want to ignore specific file types.
Here is a basic command that you can use to remove specific file types before you compress it. In this example we use the find command to look for, and ignore, all image file types. That then gets piped into the tar command:
SFTP is a file transfer protocol. It wraps the File Transfer Protocol (FTP) inside the Secure Shell (SSH) protocol. This allows the communication to be protected as it moves from one point to another.
PSA: Using FTP is considered an insecure transfer protocol and should be avoided.
This article assumes you are trying to create new SFTP users on your linux machine. In this example we’ll be using Ubuntu 18.04.
Enabling and Creating SFTP users:
To enable SFTP you have to enable it inside your SSH configuration file. It’s often located here: /etc/ssh/sshd_config. Open the file and add the following to the end of the configuration file:
# override default of no subsystems
Subsystem sftp /usr/lib/openssh/sftp-server
Match group sftp
X11Forwarding no
AllowTCPForwarding no
ForceCommand internal-sftp
Options explained:
Option
Description
Subsystem
An abstraction layer that allows you to invoke remote commands. In this instance, we’re invoking sftp-server.
Match
Allows you to limit actions in shell, in this instance we’re limiting the actions to a specific group – sftp. Only those users inside the SFTP group will be able to SFTP into the server.
X11Forwarding
This is a special case for remote tunneling. Unfortuantely it can be used maliciously by a bad actor, so it’s recommended your disable unless you know what you’re doing.
AllowTCPForwarding
“TCP Forwarding” allows you to encapsulate any other protocol (based on TCP of course) inside an already established SSH connection. There are a lot of reasons for this, but we don’t want to allow SFTP users to use this without appropriate planning.
ForceCommand
The remote system can only execute a set of statically defined commands. Specifying a command of internal-sftp will force the use of an in-process SFTP server that requires no support files when used with ChrootDirectory.
Once you add this to the SSH config file you need to restart OpenSSH:
service ssh restart
Now you need to add new SFTP users, and apply the user to the right group.
useradd -m [newsftpuser] -g sftp
Set the password:
passwd [newsftpuser]
Now you can test your SFTP connection, from a different server:
