How to fix Microsoft Baseline Security Reports files – Unable to get property of “text” of underlined or null reference

How to fix Microsoft Baseline Security Reports files – Unable to get property of “text” of underlined or null reference

I have investigated this issue and find out that the only reason why this is failing is badly formatted XML structure in the report files.

Edit you report files and make sure that all <Check> are closed by </Check> and all <Details> are closed by </Details>

The easiest way is to install Notepad ++ and XML Tools plugins and use brackets and start closing checks. Once this is done it will display normally.

You can also use any validation online tool such as http://www.xmlvalidation.com/index.php?id=1&L=0

but this may give a wrong info about the line number. As long as it display any errors it will not correctly on the reports view in Microsoft Baseline Security Reports.

Advertisements
wordpress admin issue

WordPress admin panel is not displaying properly.

By some reason suddenly my other WordPress installation started to playing up with me. I hate this. It does not help the fact that I was during changing from Apache to Nginx on my server hence in the first place I was looking at nginx misconfiguration.

When I go to Admin panel then to Theme -> Configuration everything did not work properly. I think that the issue comes from me installation some plugin to WordPress then removing it back from the site and this cause my wordpress misconfiguration.

WordPress might the the best blogging platform it is not future proof. I really recommend testing new plugins within Vmware of Virtual Box when you can safely check the functionality or make a backup. These tiny things only messing around with your wordpress. Lesson learn!

I have found on few other blogs that adding this to my wp-config.php fix the problem

I personally had to add all 3 rows as people were saying that “CONTATENATE SCRIPTS” option should be there already.

It was not a case in my situation it was just missing.

The problems comes from jquery to be not loaded properly to the system hence it was not working at all.

The below is the code you need to add to wp-config.php

In my nginx configuration this was in /var/www/mysite/wp-config.php.

And I added to the end of the config file. This fix my issue.

The below is shown the fix

wordpress admin issue

WordPress Admin Issue

And this is a issue I was getting.

You can go to Menu ->  Developer -> Web console and display info on the page you were having problem with.

SyntaxError: syntax error load-scripts.php:23
ReferenceError: jQuery is not defined customize.php:109
ReferenceError: jQuery is not defined customize.php:359
ReferenceError: jQuery is not defined load-scripts.php:4
ReferenceError: jQuery is not defined widget-conditions.js:5
ReferenceError: jQuery is not defined customize.php:1035
ReferenceError: jQuery is not defined customize.php:3261

and picture below of the problem.

I am sharing it as always people end up on different blogs and this may safe your day!issue2

How to fix 502 Gateway issue caused by nginx fastcgi fpm and WordPress running on Ubuntu 14.04

By some reason using sockets causing the on Ubuntu 14.04 with fastcig and php5-fpm is causing errors

502 Gateway issues and so on

There are two ways you may want to try:

Change your settings in your nginx server to use:

Open /etc/php5/fpm/pool.d/www.conf and uncomment the following lines:

listen.owner = www-data
listen.group = www-data
listen.mode = 0660 (some people changing it to 0666) altought it might not be a best solution

make sure that the owner of the file is www-data as well.

Other option is to don’t use sockets

so replace in you sites-available and then your website

fastcgi_pass unix:var/run/php5-fpm.sock to

fastcgi_pass 127.0.0.1:9000;

and then change php5-fpm config to match it.

/etc/php5/fpm/pool.d/www.conf:listen = 127.0.0.1:9000

Nginx 1.4.9 optimalization for digital hosting

Once you got everything installed in your system.

Start tuning it up.These are some useful information I manage to find.

1. /etc/nginx.conf optimalization.

worker_processes 1; Normally it’s a good idea to set this humber to a number of cores in your system

grep processor /proc/cpuinfo | wc -l (This will give you an idea of amount of cores)

worker_connections 1024; (This is a number of connection per core and a good starting point it to check your core limiation

$sudo ulimit -n (This will give a number which you can use in config)

In this configuration we can server 1024 connetion per/second so basically around 512 customers being live on website and making around 2 connection to server. If you website server few thousands visit a day this is more than enough!

and this is the final config



# cat /etc/nginx/nginx.conf 

user www-data;
worker_processes 1; # a number of cores on my VPS $grep processor /proc/cpuinfo | wc -l
pid /run/nginx.pid;

events {
	worker_connections 1024; # a number issued by runnig $ulimit -n (core limitation)
	# multi_accept on;
}

#A number of connection served by second is 1 * 1024  with current configuration
http {

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	types_hash_max_size 2048;
	include /etc/nginx/mime.types;
	default_type application/octet-stream;
    access_log off; # as i dont monitored them for now
	#access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;
	#passenger_root /usr;
	#passenger_ruby /usr/bin/ruby;

    client_body_buffer_size 10K; # sites form submissions
    client_header_buffer_size 1k; 
    client_max_body_size 8m; #a maximum allowed size for client request otherwise 413 code will be returned
    large_client_header_buffers 2 1k;
    client_body_timeout 12; #close the connection if client won't respond within 12s
    client_header_timeout 12; #as per above
    keepalive_timeout 15;
    send_timeout 10;
    
    #to reduce bandwith and speed up pages respond
    gzip             on;
    gzip_comp_level  2;
    gzip_disable "msie6";
    gzip_min_length  1000;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types       text/plain application/x-javascript text/xml text/css application/xml;

	# Virtual Host Configs
	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}

This is just a starting point so it’s good setup to start of.

Apache module installation needed to server WordPress with PHP

So I have removed all my modules all my apache modules and my apache server does not starting now 🙂

$sudo service apache2 restart
* Restarting web server apache2                                         [fail]
* The apache2 configtest failed.
Output of config test was: AH00534: apache2: Configuration error: No MPM loaded. Action ‘configtest’ failed.
The Apache error log may have more information.

Ok so we don’t have MPM loaded then.

So lets load mpm_prefork module

$sudo a2enmod mpm_prefork

$sudo service apache2 start

OK what is know:)

Output of config test was:
AH00526: Syntax error on line 156 of /etc/apache2/apache2.conf:
Invalid command ‘Require’, perhaps misspelled or defined by a module not included in the server configuration
Action ‘configtest’ failed.
The Apache error log may have more information.

Another issue:)

$sudo vim /etc/apache2/apache2.conf (in vim press :156) go!

This tells me:

Require all denied 😉

Oh a quick search in google save my day

http://httpd.apache.org/docs/2.4/upgrading.html

So we need another module or we need to remove the config from the configuration 🙂

ods-enabled# a2enmod authz_host

More about this module: http://httpd.apache.org/docs/2.4/mod/mod_authz_host.html

Considering dependency authz_core for authz_host:
Enabling module authz_core.
Enabling module authz_host.
To activate the new configuration, you need to run:
service apache2 restart’

$sudo service apache2 restart

service apache2 restart
AH00558: apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.0.1. Set the ‘ServerName’ directive globally to suppress this message
* Restarting web server apache2

Ah yest got sweet Jesus!. It’s up and running.

Now we can also remove this annoying message!

Follow the quide depend on the system. You don’t have to use localname 🙂

https://amionrails.wordpress.com/2014/02/09/how-to-fix-could-not-reliably-determine-the-servers-fully-qualified-domain-name-using-127-0-1-1-for-servername-on-ubuntu-linux/

OK apache will now work with its minimal configuration.

Next step is to add some php module so we can serve php websites.

Again lots of information:

http://phplens.com/phpeverywhere/tuning-apache-php

https://www.digitalocean.com/community/tutorials/how-to-optimize-apache-web-server-performance

http://haydenjames.io/strip-apache-improve-performance-memory-efficiency/

http://2bits.com/articles/apache-fcgid-acceptable-performance-and-better-resource-utilization.html

OK

gets some other default modes added to apache conifuuration

$sudo a2endmod rewrite

$sudo a2endmod dir

$sudo a2endmod alias

$sudo a2endmod env

$sudo a2endmod setenvif etc.

My list of runnig modules

Loaded Modules:
core_module (static)
so_module (static)
watchdog_module (static)
http_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
unixd_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_core_module (shared)
authn_file_module (shared)
authz_core_module (shared)
authz_host_module (shared)
authz_user_module (shared)
dir_module (shared)
env_module (shared)
mpm_prefork_module (shared)
rewrite_module (shared)
setenvif_module (shared)

You can add any of these modes by doing $sudo a2enmod (module_name without world module) eg. rewrite instead of rewrite_module

You can try this if you want or

http://www.vps.net/blog/2013/04/08/apache-mpms-prefork-worker-and-event/

http://2bits.com/articles/high-performance-drupal-with-apache-mpm-worker-threaded-server-and-php-fpm.html

Simply make sure that these modules are there

a2ensmod ph5 and a2ensmode mpm_prefork

a2enmod deflate – to reduce bandwith

Then you may need to edit your php conf if you have got “Order” issue

http://stackoverflow.com/questions/10925528/invalid-command-order-perhaps-misspelled-or-defined-by-a-module-not-included

http://askubuntu.com/questions/364722/invalid-command-order-after-deleting-etc-apache2

http://httpd.apache.org/docs/2.4/upgrading.html

Upgrading mysql 5.5 to mysql 5.6 on digital hosting on Ubuntu 14.04 – The easy way

By default currently 5.5 get install by default with Ubuntu 14.04.

you cannot just simply upgrade the database by typing one command.

If you would like to do in professional manner then 🙂 you should read

http://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html

If you are just upgrading the mysql db and care to much what might happens then you can following these instruction

So to upgrade your default version of MySQL 5.5 to MySQL 5.6 on Ubuntu 14.04.1 LTS (Trusty Tahr)

$sudo apt-get remove mysql-server

$sudo apt-get autoremove

$sudo apt-get install mysql-client-5.6 mysql-client-core-5.6

and finally

$sudo apt-get install mysql-server-5.6

Wait few minutes and set up a new password again

Well done!

You have now upgrade your MySQL 5.5 to the latest version on Digital Hosting

Perahps it’s worht checking 🙂

$sudo mysql -h localhost -V

Now our output looks amazing. This is what we wanted!

mysql  Ver 14.14 Distrib 5.6.19, for debian-linux-gnu (x86_64) using  EditLine wrapper