Labels
Java
(10)
MySQL
(6)
linux
(6)
INNODB_LOCKS
(2)
INNODB_TRX
(2)
J2EE
(2)
bash
(2)
exclusive
(2)
innoDB
(2)
mountrakis
(2)
processlist
(2)
transactions
(2)
x-locks
(2)
xlocks
(2)
ERROR 1045 (28000)
(1)
Jboss
(1)
Jboss5.0
(1)
Jconsole
(1)
Master
(1)
Slave
(1)
Synchronization
(1)
VPN
(1)
binlogs
(1)
command line
(1)
cook-book
(1)
cookbook
(1)
date
(1)
for
(1)
handy commands
(1)
loop
(1)
michael mountrakis
(1)
replication
(1)
sh
(1)
shell
(1)
unix epoch
(1)
unix timestamp
(1)
while
(1)
Wednesday 19 June 2019
Retrieving the Posts and Pages from Wordpress Database.
Sometimes shit happens. Client took backup only the Wordpress DB without taking the PHP files. In other words, configuration, plugins, custom templates, skins and images.... just lost. Last Well Known good backup gone with the server.... and what we only got is a Wordpress DB without images. So practically, it would be a better idea to backup one by one pages from browser by clicking Save as.... Just jogging of course...
Now he has to write everything from scratch.
Step 1.
Examine your backup file:
-- MySQL dump 10.13 Distrib 5.5.55, for Linux (x86_64)
--
-- Host: localhost Database: wordpress9
-- ------------------------------------------------------
-- Server version 5.5.55
Step 2:
Go to MySQL and download the exact server version your previous installation comes from. Here is our link: https://dev.mysql.com/downloads/mysql/5.5.html
Install the MySQL temporarily in your PC or a simple VM or anything else.
Step 3:
Create a Database in your server just like the backup specifies:
C:\Users\>mysql -uroot -pmypass
mysql> CREATE DATABASE wordpress9 CHARACTER SET utf8 COLLATE utf8_general_ci;
Query OK, 1 row affected (0.01 sec)
Step 4:
Copy your backup file. Edit your backup file
Restore your last backup in the server
C:\Users\>mysql -uroot -pmypass wordpress9 < backup_2019_01_18_1547817726_4347121_wpdb.sql
Step 5:
Create a file called restore.sql with the following query to retrieve your posts, pages and news:
select '<h1>',post_title,'</h1>',post_content, '<hr/> End Post <hr/>' from wp_posts where post_status='publish' and post_type in ('page','post','nooz_release') order by post_name, post_date ;
Step 6:
Run the query command as follows:
C:\Users\>mysql -uroot -pmypass wordpress9 < restore.sql > restored.html
The results are inside restored.html and can be viewed with a browser.
More careful backup next time....
Saturday 3 February 2018
Enable SSL for your Wordpress/Plesk site using a free authority-signed certificate
This article explains how to replace HTTP with HTTPS on your site. This is an easy task if your site is relatively small and can be accomplished with 5 to 6 basic steps.
The article assumes site deployment with Wordpress and Plesk dashboards and suggests the creation of a free trusted authority signed SSL sertificate from Comodo Cyber Security trusted authority which is valied for 3 months (90 days).
Read the overall article here:
Illumine IT Consulting GitHub Articles.
Tuesday 12 September 2017
disk-benchmark A mutlipurpose benchmark program that can simulate your application's I/O performance
disk-benchmark tool - get it here!
Sometimes we need to have a prior estimation of I/O performance of a program we plan to develop or we currently posses.This may be triggered by a number of reasons:
- Order specific Disk hardware in advance
- Plan to rent cloud based volume from a cloud provider
- Estimate the total performance of your application in order to establish operational scenarios and calculate KPIs.
- Check the cloud providers SLA compliance.
dd if=/dev/zero of=/root/testfile bs=1G count=1 oflag=direct
The problem with all those methods, is that you can have an idea of how your disk performs in general, but not according to a given scenario, for example:
- 20 concurrent users each of them reads and writes of a random file of size between 20k and 1 MB with a pause of 2 seconds for 5 mins.
- 10 concurrent users each of them reads/ writes a file of 60kb with a pause of 2 seconds after read repeatedly for 100 times.
Unless you go to very sophisticated tools like JMeter, you don't really have something very handy. On the other hand, sophisticated tools most of the times, have a significant learning curve but of course in most cases, you want something to use it in the next 5 mins with very simple options just like the above scenarios. To amend this situation, last year, I developed a small C program that can be used to do the job, the disk-benchmark program available on Illumine IT Consulting GitHub URL:
https://github.com/illumine/disk-benchmark
This is a benchmark program to test Hard Drives, SSD Drives, HBAs, RAID Adapters & Storage Controllers. This is a really simple C program that you can compile using the standard GNU/gcc compiler that comes with your Linux distribution.
How to setup the disk-benchmark in your Linux system:
Installation of the disk-benchmark is as simple as this:
# git clone https://github.com/illumine/disk-benchmark
# cd disk-benchmark/src/
# gcc disk-benchmark.c -o disk-benchmark -l pthread -lrt -O3 -Wall
# ls -l disk-benchmark
-rwxr-xr-x 1 root root 23365 Apr 15 10:23 disk-benchmark
A simple scenario implementation using disk-benchmark
Scenario: 10 concurrent users each writing and reading a file of size ~10MB in /var. Each user pauses for some seconds randomly picked from the interval [2,10] sec. The command that implements the above scenario has as follows:
[root@mo-8f752419d src]# ./disk-benchmark -p /var -t 10 -a 10000000 -E 2:10 Test scenario: test path=/var Threads=10, sleep sec between write/read = 1, repeats per thread=5, random pick sleep sec from [2 10] Lower file size=1024, Upper file size=10240, Absolute file size=10000000 Read/Write buffer size=8192, Buff Siz W 0, Buf Siz R 0, Do write only=0, Delete files=1 Print values only=0 dont print scenario info= 0, dont print clocks=0 dont print headers=0 print date=1 Work Continously=0 Work Continously Sleep Brake=5 T=7, Avg W=0.016134 Avg R=0.002160 Total W=0.080671 Total R=0.010801 Total Time=0.091473 Sleep=4.600000 Avg File Size =10000000.000000 T=2, Avg W=0.014436 Avg R=0.002411 Total W=0.072179 Total R=0.012056 Total Time=0.084234 Sleep=4.800000 Avg File Size =10000000.000000 T=4, Avg W=0.016104 Avg R=0.002189 Total W=0.080520 Total R=0.010943 Total Time=0.091463 Sleep=4.800000 Avg File Size =10000000.000000 T=9, Avg W=0.011966 Avg R=0.002069 Total W=0.059829 Total R=0.010347 Total Time=0.070176 Sleep=4.800000 Avg File Size =10000000.000000 T=6, Avg W=0.013065 Avg R=0.001826 Total W=0.065323 Total R=0.009128 Total Time=0.074451 Sleep=5.000000 Avg File Size =10000000.000000 T=1, Avg W=0.015399 Avg R=0.003005 Total W=0.076996 Total R=0.015025 Total Time=0.092021 Sleep=5.200000 Avg File Size =10000000.000000 T=8, Avg W=0.012883 Avg R=0.002303 Total W=0.064416 Total R=0.011513 Total Time=0.075930 Sleep=5.200000 Avg File Size =10000000.000000 T=3, Avg W=0.015850 Avg R=0.002492 Total W=0.079251 Total R=0.012458 Total Time=0.091709 Sleep=5.400000 Avg File Size =10000000.000000 T=0, Avg W=0.013430 Avg R=0.002697 Total W=0.067151 Total R=0.013487 Total Time=0.080637 Sleep=5.600000 Avg File Size =10000000.000000 T=5, Avg W=0.016659 Avg R=0.002387 Total W=0.083293 Total R=0.011934 Total Time=0.095226 Sleep=5.600000 Avg File Size =10000000.000000 T=-1, Avg W=0.014593 Avg R=0.002354 Total W=0.072963 Total R=0.011769 Total Time=0.084732 Sleep=5.100000 Avg File Size =10000000.000000 Wall time 28.000000, CPU time 0.880000 Tue Sep 12 13:36:26 2017
Wednesday 18 May 2016
Web Service Client with Basic Authentication and SSL
Web Service Client with Basic Authentication and SSL
Recently, I had to create a web service client for a web service that uses a number of Web Service Policies. In general, the web service utilizes the following policies:- Transport: Service uses one way certificates. Client had to download and check server´s certificate in order to prove the server´s identity.
- Authentication: Basic authentication is required to access the URL and the service WSDL.
- Creating the TrustStore: Access the Web Service URL, download the web service certificate and create a x509 trustStore to host the server´s certificate.
- Create the client Stub: Access the Web Service URL and create the client stub by compiling the WSDL with wsimport.
- Code and complete the service client. This has the following sub tasks:
- Code the client to use Basic Authentication
- Code the client to utilize the trustStore in order to setup SSL session with the server
- Code the client to call the web method.
Creating the SSL Trustore.
During SSL handshake, the trustStore is used to verify server´s id.Download the Server´s certificate by hitting the Web Service URL. There you will be prompted for login. You can login with the given user/password.
Then, the certificate is stored in your browser. You can export it easy but that depends to you browser. Chrome for example, the certificate can be downloaded directly as a x509 trustStore like the following image illustrates:
If you want to create the a trustStore manually you need to create a X509 keystore file using Java keytool and then import the server´s public certificate in it. The trustStore will be password protected and the certificate inside the trustStore will be password protected using "password" passphrase:
$ keytool -genkey -alias replserver -keyalg RSA -keystore mykeystore.jks -dname "cn=localhost, ou=IT, o=Continuent, c=DE" -storepass password -keypass password
Now you have the keyStore. Next you need to import the server´s public certificate in it. In the general case, supposing the Server certificate is the following one plain text file server-certificate.txt then do one of the following actions to:
Check the server´s certificate:
openssl x509 -in server-certificate.txt -text -noout
Delete previous certificate version from the trustStore if any:
keytool -delete -alias myserver-name.com -keystore mykeystore.jks
Re-import the server certificate to the trustStore:
keytool -import -alias myserver-name.com -keystore mykeystore.jks -file server-certificate.txt
Access the Web Service URL and create the client stub by compiling the WSDL with wsimport.
After running your wsimport command directly you should get a message complaining about a missing web authorization file.What you need to do is create an authorization file (usually the default name/location for it is $HOME_DIRECTORY/.metro/auth, but check the previous error message, you'll get the hint from there).
Inside this file you just write the line: "https://username:password@url?wsdl"
Now create a file called: wsimport_mysvc.bat and code the following commands:
setlocal set _JAVA_OPTIONS=%_JAVA_OPTIONS% -Djavax.net.ssl.trustStore=mykeystore.jks -Djavax.net.ssl.keyStorePassword=changeit -Djavax.net.ssl.trustStore=mykeystore.jks wsimport -s . -verbose -keep -p gr.illumine.wsclient.stub -extension https://myserver-name.com/wsd/alc_interface?wsdl endlocal
Doing so, you fulfill both conditions for basic authentication and also for transport/SSL by asking wsimport to examine what is been sent from server against to what is stored in mykeystore.jks
Run the wsimport_mysvc.bat and the client stub files will be created in the package gr.illumine.wsclient.stub
C:\>set _JAVA_OPTIONS= -Djavax.net.ssl.trustStore=cacerts -Djavax. net.ssl.keyStorePassword=changeit -Djavax.net.ssl.trustStore=cacerts C:\>wsimport -s . -verbose -keep -p gr.illumine.wsclient.stub -extension https://myserver-name.com/wsd/alc_interface?wsdl Picked up _JAVA_OPTIONS: -Djavax.net.ssl.trustStore=cacerts -Djavax.net.ssl.key StorePassword=changeit -Djavax.net.ssl.trustStore=cacerts parsing WSDL...
Code the client
The first thing you have to do is to add a static initializer that will provide the username and password for basic authentication:public class AlcClient { private static final Logger log= Logger.getLogger( AlcClient.class.getName() ); /* * Use this static initializer to provide Basic Authentication for the Web Service Consumption */ static { java.net.Authenticator.setDefault(new java.net.Authenticator() { @Override protected java.net.PasswordAuthentication getPasswordAuthentication() { return new java.net.PasswordAuthentication("happyuser", "mypassword".toCharArray()); } }); }
Next, configure your SSL settings in the code, by adding the following system parameters:
/* * Use the following settings to specify how this client will utilize the X509 trust store * called mykeystore.jks. In this trustore, it is stored the server´s public certificate * Also the trustore/keystores are password protected with a password "password" */ System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol"); System.setProperty("javax.net.ssl.keyStore","mykeystore.jks"); System.setProperty("javax.net.ssl.keyStorePassword","password"); System.setProperty("javax.net.ssl.keyStoreType", "JKS"); System.setProperty("javax.net.ssl.trustStore","mykeystore.jks"); System.setProperty("javax.net.ssl.trustStorePassword","password"); System.setProperty("javax.net.ssl.trustStoreType", "JKS");
Then add some debugging options to debug your SSL session. You are strongly advised to comment out the following code after testing it since it will affect the SSL performance.
/* Following options enable logging of all communication to the console * We are most interested in the request response SOAP Messages */ System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", "true"); System.setProperty("com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.dump", "true"); System.setProperty("com.sun.xml.ws.transport.http.HttpAdapter.dump", "true"); System.setProperty("com.sun.xml.internal.ws.transport.http.HttpAdapter.dump", "true");
Now code the Web Service client instance by using the stub you have created with the wsimport:
ZALCINTERFACE_Service service = new ZALCINTERFACE_Service( new URL("myserver-name.com/wsd/alc_interface?wsdl"), new QName("urn:com:myserver-name:document:sap:soap:functions:mc-style",
"ZALC_INTERFACE")); /* * From this service get the proper port */ ZALCINTERFACE port = service.getZALCINTERFACE(); /* Make the web service call */ String responseMessage = port.callMyWebMethod();
Get the entire web service client java implementation can be downloaded here
Labels:
basic authentication,
certificate,
client,
Java,
keystore,
password protected,
SSL,
truststore,
web service,
ws,
wsdl,
x509
Location:
Chalandri, Greece
Tuesday 15 March 2016
Set your HTML META tags in WordPress
Hi folks!
I think there is no much need to tell you how important are HTML META tags for SEO for your site.
So in order to have a simple touch of perfection, you just have to edit the following META tags:
I think there is no much need to tell you how important are HTML META tags for SEO for your site.
So in order to have a simple touch of perfection, you just have to edit the following META tags:
<meta name="" content="Illumine Consulting - Europe" property="og:title"/> <meta name="" content="website" property="og:type"/> <meta name="" content="technology" property="website:tag"/> <meta name="" content="cloud computing" property="website:tag"/> <meta name="" content="b2b" property="website:tag"/> <meta name="" content="science" property="website:tag"/> <meta name="" content="http://www.illumine.gr" property="og:url"/> <meta name="" content="https://www.linkedin.com/company/illumine-it-consulting?trk=company_logo" property="og:image"/>
<meta name="" content="Illumine IT Consulting - Greece" property="og:site_name"/> <meta name="" content="For more than ten years Illumine IT Consulting " property="og:description"/>
<meta name="" content="1392144595" property="og:updated_time"/> <link href="https://plus.google.com/{+PageId}" rel="publisher" /> <meta name="" content="https://media.licdn.com/media/p/2/005/020/2ca/29e39f7.png"
property="og:image"/> <meta name="robots" content="index, follow" /> <meta name="keywords" content="illumine, IT, technology, consulting, services, software,mountrakis" />
<meta name="generator" content="illumine it consulting" /> <meta name="author" content="michael mountrakis" /> <meta name="copyright" content="Copyright (c) Illumine Consulting. All Rights Reserved." />To do so, go to your WordPress admin panel Then in the left menu select Appearance, Editor and select to edit header.php file. Then add your meta tags just like the following picture illustrates:
Labels:
configuration,
HTML,
meta,
tags,
Wordpress
Tuesday 8 March 2016
Implement Redirects withing WordPress and Eggplant 301 Redirects
The easiest way in order to add a redirect in your Wordpress site is by installing Eggplant 301 Redirects Plugin.
To do so login to WordPress as administrator
On the Left side menu go to Plugins --> Add New -->
Now in the Add Plugin page you have to add the word "eggplant" in the textfield and click "Install now"
The last part is to add a redirect. To do so, go on the Left side menu go to Settings --> EPS Redirects
To do so login to WordPress as administrator
On the Left side menu go to Plugins --> Add New -->
Now in the Add Plugin page you have to add the word "eggplant" in the textfield and click "Install now"
The last part is to add a redirect. To do so, go on the Left side menu go to Settings --> EPS Redirects
And finally add the redirect to your Wordpress page using Eggplant plugin redirect management:
Monday 7 March 2016
Apache httpd reverse proxy for Tomcat with SSL self signed certificates.
Recalling from the previous article on how to install Apache Tomcat 7 and Httpd on Fedora 22 we are now going to present how to configure Apache Httpd working as a reverse proxy for Apache Tomcat.
In more details, we are going to implement the following setup:
To install them in you Fedora 22 server do:
Then openssl tools are installed to:
Go to the apache httpd configuration directory and do the following:
Generate a PEM RSA private key key using DES3
Create a Server PEM certificate request using the server key:
Finally, create the server certificate using the PEM Certificate Request
By the end of this operation you should have the following files created:
Add the following section:
The second section VirtualHost configures Apache to use Tomcat as reverse Proxy. So if someone requests URI path /zsecure-pdf/ this will be redirected to port 8080 where tomcat listens.
Save and restart the Apache HTTPD:
if you also navigate to the path that was reverse pass: https://31.171.245.82/zsecure-pdf/secure-my-pdf-to-image-password-encrypt-and-watermark.html then you will be served from Tomcat serving your application.
To get rid of this log to your server as root and run those commands:
Page does not renders correctly: images and CSS are missing. That is very common since HTML pages might taken from other sites by A HREF. The only think you can do is copy them locally to WebContent directory of your WAR deployment.
In more details, we are going to implement the following setup:
- Setup Tomcat 7 listening on port 8080
- Redirect port 80 (HTTP) to port 443 (HTTPS)
- Use self signed RSA server certificates to authenticate our HTTPs server on clients and secure the TCP session.
Public and Private Server Key
In order to create the Server Public/Private key set we are going to use openSSL tools.To install them in you Fedora 22 server do:
# dnf install openssl # or for older Fedora systems # yum install openssl
Then openssl tools are installed to:
# which openssl /bin/openssl
Go to the apache httpd configuration directory and do the following:
# cd /etc/httpd/conf/
Generate a PEM RSA private key key using DES3
# openssl genrsa -des3 -passout pass:mypass -out server.pass.key 2048 Generating RSA private key, 2048 bit long modulus ..............................+++ ...................................................................................+++ e is 65537 (0x10001)
Create a Server PEM certificate request using the server key:
# openssl req -new -key server.pass.key -out server.csr Enter pass phrase for server.pass.key: # put mypass here You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:GR State or Province Name (full name) [Some-State]:Athens Locality Name (eg, city) []:Athens Organization Name (eg, company) [Internet Widgits Pty Ltd]:Illumine IT Consulting Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:www.illumineit.com Email Address []:info@illumine.gr Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: # press enter here to skip password An optional company name []: Illumine IT Consulting
Finally, create the server certificate using the PEM Certificate Request
# openssl x509 -req -in server.csr -signkey server.pass.key -out server.crt -days 365 Signature ok subject=/C=GR/ST=Athens/L=Athens/O=Illumine IT Consulting/CN=www.illumineit.com/emailAddress=info@illumineit.com Getting Private key Enter pass phrase for server.pass.key: # put mypass here
By the end of this operation you should have the following files created:
# ls -l -rw-r--r--. 1 root root 1318 Mar 7 18:11 server.crt -rw-r--r--. 1 root root 1115 Mar 7 18:07 server.csr -rw-r--r--. 1 root root 1743 Mar 7 18:05 server.pass.key
- server.ctr: is the server certificate
- server.csr: is the server PEM certificate request
- server.pass.key : server´s private RAS key.
Configure Apache HTTPd working with SSL certificates and reverse proxy to Tomcat
# vi /etc/httpd/conf/httpd.conf
Add the following section:
ServerRoot "/etc/httpd" # Port 80 (HTTP) will be redirected to 443 (HTTPS) Listen 80The first section VirtualHost configures Apache to redirect whatever goes to port 80 to be redirected to port 443 (HTTPS)ServerName www.illumineit.com Redirect permanent / https://www.illumineit.com # Port 443 HTTPS will be default Listen 443ServerName www.illumineit.com ServerAdmin my-mail-here # # Configure SSL engine on and add your certificates # SSLEngine on SSLCertificateFile conf/server.crt SSLCertificateKeyFile conf/server.key # # proxypass configuration to your tomcat server running on 8080 # ProxyPass /zsecure-pdf/ http://www.illumineit.com:8080/zsecure-pdf/ ProxyPassReverse /zsecure-pdf/ http://www.illumineit.com:8080/zsecure-pdf/ ProxyPassReverseCookieDomain www.illumineit.com www.illumineit.com ProxyPassReverseCookiePath /zsecure-pdf /zsecure-pdf ProxyPassReverse / SetOutputFilter proxy-html RequestHeader unset Accept-Encoding BrowserMatch "MSIE [2-5]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
The second section VirtualHost configures Apache to use Tomcat as reverse Proxy. So if someone requests URI path /zsecure-pdf/ this will be redirected to port 8080 where tomcat listens.
Save and restart the Apache HTTPD:
# service httpd restart Redirecting to /bin/systemctl restart httpd.service
Test Apache
Hit with browser http://www.illumineit.com this will redirect you to https://www.illumineit.comif you also navigate to the path that was reverse pass: https://31.171.245.82/zsecure-pdf/secure-my-pdf-to-image-password-encrypt-and-watermark.html then you will be served from Tomcat serving your application.
Potential problems
AH01114: HTTP: failed to make connection to backendTo get rid of this log to your server as root and run those commands:
/usr/sbin/setsebool httpd_can_network_connect 1 /usr/sbin/setsebool -P httpd_can_network_connect 1
Page does not renders correctly: images and CSS are missing. That is very common since HTML pages might taken from other sites by A HREF. The only think you can do is copy them locally to WebContent directory of your WAR deployment.
Subscribe to:
Posts (Atom)