“There has been a critical error on your website. Learn more about debugging in WordPress.” after updating to WordPress 5.7 (All in one WP security and firewall) [Solved]

Investigating the error log reveals that the problem has to do with All in one WP security and firewall plugin:

Got error 'PHP message: PHP Fatal error:  Cannot redeclare retrieve_password() (previously declared in /www/wp-includes/user.php:2671) in /www/wp-content/plugins/all-in-one-wp-security-and-firewall/other-includes/wp-security-rename-login-feature.php on line 358'

The problem has been solved in All in one WP security and firewall plugin version 4.4.8, so it means your WordPress site was updated to 5.7 prior to updating the plugins.

To solve it, you need to update All in one WP security and firewall but not being able to login to your site you will need to solve this using FTP.

Using FTP, rename the folder wp-content/plugins/all-in-one-wp-security-and-firewall to something else. Now you can log into your site and reinstall All in one WP security and firewall. Make sure you get at least version 4.4.8.

ISPConfig3 localized ‘Welcome to your new email account’ mail not working [SOLUTION]

I made a copy of the file welcome_email_en.txt from /usr/local/ispconfig/server/conf/mail to /usr/local/ispconfig/server/conf-custom/mail and named it welcome_email_se.txt and translated the content of the file, as I wanted my clients to be greeted to their new email account in Swedish. However, the client was still receiving the welcome email in English.

It turned out that the configuration file for ISPConfig has a parameter for language which controls what email templates to use. I thought it would use the country settings from the Client but it doesn’t.

In /usr/local/ispconfig/server/lib check if the file config.inc.local.php exists. If it doesn’t, create one (here is a template for it).

Add the line:

$conf['language'] = 'se';

By using config.inc.local.php and not directly editing config.inc.php you are making sure it doesn’t get overwritten in the next ISPConfig3 update.

In a multiserver setup (master/slaves) this must be done on all the slaves as the ‘Welcome to your new email account’-email is being generated on the server where the new mailbox is located.

Automatic restart of IPSec VPN on Teltonika RUT-950 / RUT-240

On one location where I am using a Teltonika RUT-950 / RUT-240 router, the IPSec VPN can only be connected in one direction which is outbound. Normally both ends can initiate the connection. The reason for this is that the router is connecting using 3G/4G and the provider only allows outbound traffic (i.e. “surf the Internet”). I need to buy an extra service for “fixed IP-address” in order to get their firewall removed from my service.

My IPSec VPN setup is based on hostname updated through dynamic DNS. If the router reboots, it will get a new IP-address and sometimes the router tries to connect the VPN before the dynamic DNS has been updated, causing the VPN connection to fail. The router gives up and does not try anymore to connect the VPN. A manual workaround is to remote control a computer on the LAN side of the router, login to the router, disable the VPN profile, save, enable it and save again. Now the VPN connects.

The Teltonika products are wonderful in many ways but I lack a way of restarting IPSec VPN via SMS. It is only possible to restart OpenVPN connections using SMS.

To avoid manual actions to get the VPN up in a case like this I have created a small script. It checks if an IP-address on the other side of the tunnel is ping:able, if not it restarts IPSec VPN and it normally resolves the problem.

  • Log in to the Teltonika RUT-950 / RUT-240 using CLI or SSH.
  • Create a script in /root/chk_vpn.sh with the following content:

#!/bin/ash
HOST=10.0.0.1
if ping -c5 $HOST > /dev/null; then
  echo "$HOST responded; VPN is up!"
else
  echo "$HOST did not respond; trying to restart VPN"
  /usr/sbin/ipsec restart
fi

  • Replace the IP-adress on the HOST= line to an IP-address on the other side of the tunnel that you know should be up at all times and responds only when the IPSec VPN is up, for example the LAN interface of the other router.
  • Check from the router commandline that you can ping the IP-address (if you mistakenly enter an IP-address that doesn’t respond to ping even thought IPSec VPN is up, your VPN will be disrupted 10 times per hour).
  • Enter crontab -e and add the following line:

*/6 * * * * /root/chk_vpn.sh

  • Exit vi (ESC then :wq and enter)

This will check the VPN connection 10 times per hour and if necessary restart it.

Prevent Mac OSX ssh from disconnecting (also on any Linux/BSD/*nix system)

To prevent ssh from disconnecting while idle, add the following to ~/.ssh/config:

Host *
    ServerAliveInterval 30
    TCPKeepAlive no

This solution is alse useable in any Linux/BSD/*nix environment. If you want to implement this not only on your own user, as a sysadmin, add the above to /etc/ssh/ssh_config instead.

Cisco RV160 IPv6 configuration

This is how I configured IPv6 address received dynamically from my ISP. This is not to be confused with using a 6to4 tunnel service which is something completely different. In this case, a real IPv6 address is received using DHCP6 or SLAAC from the ISP.

In this setup the IPv6 LAN side is bridged with the IPv6 WAN side, so the LAN subnet is a part of the larger WAN subnet. Firewall rules will apply even though it is a bridged, not routed setup.

  1. Go to WAN -> WAN settings -> IPv6 Settings and select DHCP, check DHCP-PD and enter “0” for Prefix name. Apply.
  2. Go to Status and Statistics -> IPv6 tab and verify that you get a IPv6 address from your provider (starting with 2a02 in my case).
    Cisco RV160 IPv6
  3. Go to LAN -> VLAN Settings and select vlan 1, click edit button.
    Cisco RV160 IPv6
    In the IPv6 sections, select prefix from WAN 0, in my case address beginning with 2a02 and /48 size.
    Enter 0 for suffix, 64 for prefix length, leave DHCP Type disabled. Apply.
  4. Go to LAN -> Router advertisment and click Enable, select Unicast, do not select Managed or Other. Make sure the IPv6 prefix is visible in the Prefix table.

Done.

WordPress displays 'Connection Information'

WordPress displays “Connection Information” asking for FTP credentials

WP displays “Connection Information” and a text “To perform the requested operation, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.

To solve this, add the following line to your wp-config.php:

define('FS_METHOD','direct');

If that doesn’t solve the problem you need to check the file access rights for the WordPress installation on the web server.

Config Cisco Nexus L3 vlan routing IPv6

Config Cisco Nexus L3 vlan routing IPv6

This is a simple how to make a nexus switch L3 routeing and the connected access switches still on L2 switching. If you have a router connected between internet and the router switch. Make shure you have a static route configured to the two vlan network.

Router Switch

no system default interface-vlan autostate (brings up the vlan)

conf t

vlan 10  (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 20 L2)

name Servers vlan 20

exit

feature interface-vlan  (Converts L2 vlan 10 to L3 vlan 10)

interface vlan 10

ipv6 address 2001:db8::/50

no ip redirects

exit

feature interface-vlan  (Converts L2 vlan 20 to L3 vlan 20)

interface vlan 20

ipv6 address 2001db8:0:4000::/50

no ip redirects

exit

interface ethernet 1/1 (creates tagged vlan port to access sw1)

description To Access Sw1

switchport

switchport mode trunk

no shutdown

exit

interface ethernet 1/2 (creates tagegd vlan port to access sw1)

description to Access Sw2

switchport

switchport mode trunk

no shutdown

exit

interface ethernet 1/3 (Creates the link network port)

description to Internet

no switchport

ipv6 address 2001:db8:1000:8000::1/64

no shutdown

exit

ipv6 route ::  2001:db8:1000:8000::2 (makes default router to next hop router)

copy running-config startup-config

Access Sw1

conf t

vlan 10 (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 20 L2)

name Servers vlan 20

exit

interface ethernet 1/1 (creates tagged vlan port to Router switch)

description To Router Switch

switchport

switchport mode trunk

no shutdown

exit

interface ethernet 1/2 (creates untagged vlan 10 port to servers)

description Access vlan 10

switchport

switchport mode access vlan 10

no shutdown

exit

interface ethernet 1/3 (creates untagged vlan 20 port to servers)

description  Access vlan 20

switchport

switchport mode access vlan  20

no shutdown

exit

copy running-config startup-config

Access Sw2

conf t

vlan 10 (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 10 L2)

name Servers vlan 20

exit

interface ethernet 1/1 (creates tagged vlan port to Router switch)

description To Router Switch

switchport

switchport mode trunk

no shutdown

exit

interface ethernet 1/2 (creates untagged vlan 10 port to servers)

description Access vlan 10

switchport

switchport mode access vlan 10

no shutdown

exit

interface ethernet 1/3 (creates untagged vlan 20 port to servers)

description  Access vlan 20

switchport

switchport mode access vlan  20

no shutdown

exit

copy running-config startup-config

Config Cisco Nexus L3 vlan routing IPv4

This is a simple how to make a nexus switch L3 routeing and the connected access switches still on L2 switching. If you have a router connected between internet and the router switch. Make shure you have a static route configured to the two vlan network.

Router Switch

no system default interface-vlan autostate (brings up the vlan)

conf t

vlan 10  (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 20 L2)

name Servers vlan 20

exit

feature interface-vlan  (Converts L2 vlan 10 to L3 vlan 10)

interface vlan 10
ip address 1.1.1.1/24
no ip redirects

exit

feature interface-vlan  (Converts L2 vlan 20 to L3 vlan 20)
interface vlan 20
ip address 2.2.2.2/24
no ip redirects

exit

interface ethernet 1/1 (creates tagged vlan port to access sw1)
  description To Access Sw1
switchport 
switchport mode trunk
  no shutdown

exit

interface ethernet 1/2 (creates tagegd vlan port to access sw1)
  description to Access Sw2
switchport 
switchport mode trunk
no shutdown

exit

interface ethernet 1/3 (Creates the link network port)
description to Internet
no switchport
ip address 3.3.3.1/30
no shutdown

exit

ip route 0.0.0.0 0.0.0.0 3.3.3.2 (makes default router to next hop router)

copy running-config startup-config

Access Sw1

conf t

vlan 10 (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 20 L2)

name Servers vlan 20

exit

interface ethernet 1/1 (creates tagged vlan port to Router switch)
description To Router Switch
switchport 
switchport mode trunk
no shutdown

exit

interface ethernet 1/2 (creates untagged vlan 10 port to servers)
description Access vlan 10
switchport 
switchport mode access vlan 10
no shutdown

exit

interface ethernet 1/3 (creates untagged vlan 20 port to servers)
description  Access vlan 20
switchport 
switchport mode access vlan  20
no shutdown

exit

copy running-config startup-config

Access Sw2

conf t

vlan 10 (creates vlan 10 L2)

name Servers vlan 10

exit

vlan 20 (creates vlan 10 L2)

name Servers vlan 20

exit

interface ethernet 1/1 (creates tagged vlan port to Router switch)
description To Router Switch
switchport 
switchport mode trunk
no shutdown

exit

interface ethernet 1/2 (creates untagged vlan 10 port to servers)
description Access vlan 10
switchport 
switchport mode access vlan 10
no shutdown

exit

interface ethernet 1/3 (creates untagged vlan 20 port to servers)
description  Access vlan 20
switchport 
switchport mode access vlan  20
no shutdown

exit

copy running-config startup-config

iFAQ auto expand all [solution]

The Joomla! extension iFAQ from Ideal Extensions is a nice way of building a FAQ (Frequently Asked Questions) section on your website.

One feature I am missing though is to be able to select wether a FAQ list of articles should default to all open instead of closed. This is a simple workaround.

Add a module of the type Custom HTML and edit the module content using no editor. Publish the module in a suitable module position, like Debug.

Insert the following javascript into the module (remember, no editor mode):

<script>
jQuery(document).ready(function($) { 
  jQuery( "#expand-all" ).click(); 
});
</script>

By selecting which menu items the module is displayed for, you can choose the FAQ pages where you want to have the articles expanded by default.

Prestashop multistore – can’t get out of maintenance mode

After maintenance even though setting to shop to active, frontend still shows maintenance mode. This can occur when multistore is enabled.

Solution:

  • Use for example phpMyAdmin to access the shop database
  • Find the ps_configuration table
  • Find all records with the name PS_SHOP_ENABLE and change them from ‘0’ to ‘1’ (there are probably more than one)