Investigating the error log reveals that the problem has to do with All in one WP security and firewall plugin:
Got error 'PHP message: PHP Fatal error: Cannot redeclare retrieve_password() (previously declared in /www/wp-includes/user.php:2671) in /www/wp-content/plugins/all-in-one-wp-security-and-firewall/other-includes/wp-security-rename-login-feature.php on line 358'
The problem has been solved in All in one WP security and firewall plugin version 4.4.8, so it means your WordPress site was updated to 5.7 prior to updating the plugins.
To solve it, you need to update All in one WP security and firewall but not being able to login to your site you will need to solve this using FTP.
Using FTP, rename the folder wp-content/plugins/all-in-one-wp-security-and-firewall to something else. Now you can log into your site and reinstall All in one WP security and firewall. Make sure you get at least version 4.4.8.
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2021-03-10 18:50:252021-03-10 18:52:48“There has been a critical error on your website. Learn more about debugging in WordPress.” after updating to WordPress 5.7 (All in one WP security and firewall) [Solved]
I made a copy of the file welcome_email_en.txt from /usr/local/ispconfig/server/conf/mail to /usr/local/ispconfig/server/conf-custom/mail and named it welcome_email_se.txt and translated the content of the file, as I wanted my clients to be greeted to their new email account in Swedish. However, the client was still receiving the welcome email in English.
It turned out that the configuration file for ISPConfig has a parameter for language which controls what email templates to use. I thought it would use the country settings from the Client but it doesn’t.
In /usr/local/ispconfig/server/lib check if the file config.inc.local.php exists. If it doesn’t, create one (here is a template for it).
Add the line:
$conf['language'] = 'se';
By using config.inc.local.php and not directly editing config.inc.php you are making sure it doesn’t get overwritten in the next ISPConfig3 update.
In a multiserver setup (master/slaves) this must be done on all the slaves as the ‘Welcome to your new email account’-email is being generated on the server where the new mailbox is located.
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2021-02-21 15:05:262021-02-21 15:21:49ISPConfig3 localized ‘Welcome to your new email account’ mail not working [SOLUTION]
On one location where I am using a Teltonika RUT-950 / RUT-240 router, the IPSec VPN can only be connected in one direction which is outbound. Normally both ends can initiate the connection. The reason for this is that the router is connecting using 3G/4G and the provider only allows outbound traffic (i.e. “surf the Internet”). I need to buy an extra service for “fixed IP-address” in order to get their firewall removed from my service.
My IPSec VPN setup is based on hostname updated through dynamic DNS. If the router reboots, it will get a new IP-address and sometimes the router tries to connect the VPN before the dynamic DNS has been updated, causing the VPN connection to fail. The router gives up and does not try anymore to connect the VPN. A manual workaround is to remote control a computer on the LAN side of the router, login to the router, disable the VPN profile, save, enable it and save again. Now the VPN connects.
The Teltonika products are wonderful in many ways but I lack a way of restarting IPSec VPN via SMS. It is only possible to restart OpenVPN connections using SMS.
To avoid manual actions to get the VPN up in a case like this I have created a small script. It checks if an IP-address on the other side of the tunnel is ping:able, if not it restarts IPSec VPN and it normally resolves the problem.
Log in to the Teltonika RUT-950 / RUT-240 using CLI or SSH.
Create a script in /root/chk_vpn.sh with the following content:
#!/bin/ash HOST=10.0.0.1 if ping -c5 $HOST > /dev/null; then echo "$HOST responded; VPN is up!" else echo "$HOST did not respond; trying to restart VPN" /usr/sbin/ipsec restart fi
Replace the IP-adress on the HOST= line to an IP-address on the other side of the tunnel that you know should be up at all times and responds only when the IPSec VPN is up, for example the LAN interface of the other router.
Check from the router commandline that you can ping the IP-address (if you mistakenly enter an IP-address that doesn’t respond to ping even thought IPSec VPN is up, your VPN will be disrupted 10 times per hour).
Enter crontab -e and add the following line:
*/6 * * * * /root/chk_vpn.sh
Exit vi (ESC then :wq and enter)
This will check the VPN connection 10 times per hour and if necessary restart it.
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2021-02-02 10:14:592021-02-02 10:17:32Automatic restart of IPSec VPN on Teltonika RUT-950 / RUT-240
To prevent ssh from disconnecting while idle, add the following to ~/.ssh/config:
Host *
ServerAliveInterval 30
TCPKeepAlive no
This solution is alse useable in any Linux/BSD/*nix environment. If you want to implement this not only on your own user, as a sysadmin, add the above to /etc/ssh/ssh_config instead.
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2021-01-07 09:30:172021-01-07 09:30:18Prevent Mac OSX ssh from disconnecting (also on any Linux/BSD/*nix system)
This is how I configured IPv6 address received dynamically from my ISP. This is not to be confused with using a 6to4 tunnel service which is something completely different. In this case, a real IPv6 address is received using DHCP6 or SLAAC from the ISP.
In this setup the IPv6 LAN side is bridged with the IPv6 WAN side, so the LAN subnet is a part of the larger WAN subnet. Firewall rules will apply even though it is a bridged, not routed setup.
Go to WAN -> WAN settings -> IPv6 Settings and select DHCP, check DHCP-PD and enter “0” for Prefix name. Apply.
Go to Status and Statistics -> IPv6 tab and verify that you get a IPv6 address from your provider (starting with 2a02 in my case).
Go to LAN -> VLAN Settings and select vlan 1, click edit button. In the IPv6 sections, select prefix from WAN 0, in my case address beginning with 2a02 and /48 size. Enter 0 for suffix, 64 for prefix length, leave DHCP Type disabled. Apply.
Go to LAN -> Router advertisment and click Enable, select Unicast, do not select Managed or Other. Make sure the IPv6 prefix is visible in the Prefix table.
WP displays “Connection Information” and a text “To perform the requested operation, WordPress needs to access your web server. Please enter your FTP credentials to proceed. If you do not remember your credentials, you should contact your web host.”
To solve this, add the following line to your wp-config.php:
define('FS_METHOD','direct');
If that doesn’t solve the problem you need to check the file access rights for the WordPress installation on the web server.
This is a simple how to make a nexus switch L3 routeing and the connected access switches still on L2 switching. If you have a router connected between internet and the router switch. Make shure you have a static route configured to the two vlan network.
Router Switch
no system default interface-vlan autostate (brings up the vlan)
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 20 L2)
name Servers vlan 20
exit
feature interface-vlan (Converts L2 vlan 10 to L3 vlan 10)
interface vlan 10
ipv6 address 2001:db8::/50
no ip redirects
exit
feature interface-vlan (Converts L2 vlan 20 to L3 vlan 20)
interface vlan 20
ipv6 address 2001db8:0:4000::/50
no ip redirects
exit
interface ethernet 1/1 (creates tagged vlan port to access sw1)
description To Access Sw1
switchport
switchport mode trunk
no shutdown
exit
interface ethernet 1/2 (creates tagegd vlan port to access sw1)
description to Access Sw2
switchport
switchport mode trunk
no shutdown
exit
interface ethernet 1/3 (Creates the link network port)
description to Internet
no switchport
ipv6 address 2001:db8:1000:8000::1/64
no shutdown
exit
ipv6 route :: 2001:db8:1000:8000::2 (makes default router to next hop router)
copy running-config startup-config
Access Sw1
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 20 L2)
name Servers vlan 20
exit
interface ethernet 1/1 (creates tagged vlan port to Router switch)
description To Router Switch
switchport
switchport mode trunk
no shutdown
exit
interface ethernet 1/2 (creates untagged vlan 10 port to servers)
description Access vlan 10
switchport
switchport mode access vlan 10
no shutdown
exit
interface ethernet 1/3 (creates untagged vlan 20 port to servers)
description Access vlan 20
switchport
switchport mode access vlan 20
no shutdown
exit
copy running-config startup-config
Access Sw2
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 10 L2)
name Servers vlan 20
exit
interface ethernet 1/1 (creates tagged vlan port to Router switch)
description To Router Switch
switchport
switchport mode trunk
no shutdown
exit
interface ethernet 1/2 (creates untagged vlan 10 port to servers)
description Access vlan 10
switchport
switchport mode access vlan 10
no shutdown
exit
interface ethernet 1/3 (creates untagged vlan 20 port to servers)
This is a simple how to make a nexus switch L3 routeing and the connected access switches still on L2 switching. If you have a router connected between internet and the router switch. Make shure you have a static route configured to the two vlan network.
Router Switch
no system default interface-vlan autostate (brings up the vlan)
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 20 L2)
name Servers vlan 20
exit
feature interface-vlan (Converts L2 vlan 10 to L3 vlan 10)
interface vlan 10 ip address 1.1.1.1/24 no ip redirects
exit
feature interface-vlan (Converts L2 vlan 20 to L3 vlan 20) interface vlan 20 ip address 2.2.2.2/24 no ip redirects
exit
interface ethernet 1/1 (creates tagged vlan port to access sw1) description To Access Sw1 switchport switchport mode trunk no shutdown
exit
interface ethernet 1/2 (creates tagegd vlan port to access sw1) description to Access Sw2 switchport switchport mode trunk no shutdown
exit
interface ethernet 1/3 (Creates the link network port) description to Internet no switchport ip address 3.3.3.1/30 no shutdown
exit
ip route 0.0.0.0 0.0.0.0 3.3.3.2 (makes default router to next hop router)
copy running-config startup-config
Access Sw1
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 20 L2)
name Servers vlan 20
exit
interface ethernet 1/1 (creates tagged vlan port to Router switch) description To Router Switch switchport switchport mode trunk no shutdown
exit
interface ethernet 1/2 (creates untagged vlan 10 port to servers) description Access vlan 10 switchport switchport mode access vlan 10 no shutdown
exit
interface ethernet 1/3 (creates untagged vlan 20 port to servers) description Access vlan 20 switchport switchport mode access vlan 20 no shutdown
exit
copy running-config startup-config
Access Sw2
conf t
vlan 10 (creates vlan 10 L2)
name Servers vlan 10
exit
vlan 20 (creates vlan 10 L2)
name Servers vlan 20
exit
interface ethernet 1/1 (creates tagged vlan port to Router switch) description To Router Switch switchport switchport mode trunk no shutdown
exit
interface ethernet 1/2 (creates untagged vlan 10 port to servers) description Access vlan 10 switchport switchport mode access vlan 10 no shutdown
exit
interface ethernet 1/3 (creates untagged vlan 20 port to servers) description Access vlan 20 switchport switchport mode access vlan 20 no shutdown
The Joomla! extension iFAQ from Ideal Extensions is a nice way of building a FAQ (Frequently Asked Questions) section on your website.
One feature I am missing though is to be able to select wether a FAQ list of articles should default to all open instead of closed. This is a simple workaround.
Add a module of the type Custom HTML and edit the module content using no editor. Publish the module in a suitable module position, like Debug.
Insert the following javascript into the module (remember, no editor mode):
By selecting which menu items the module is displayed for, you can choose the FAQ pages where you want to have the articles expanded by default.
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2020-10-24 08:40:432020-10-24 08:40:45iFAQ auto expand all [solution]
After maintenance even though setting to shop to active, frontend still shows maintenance mode. This can occur when multistore is enabled.
Solution:
Use for example phpMyAdmin to access the shop database
Find the ps_configuration table
Find all records with the name PS_SHOP_ENABLE and change them from ‘0’ to ‘1’ (there are probably more than one)
https://media01.nerdia.net/uploads/nerdia-logo-340x156.png00Stefan Helanderhttps://media01.nerdia.net/uploads/nerdia-logo-340x156.pngStefan Helander2020-03-19 10:33:332020-03-19 10:33:34Prestashop multistore – can’t get out of maintenance mode
