BGRoot
Monday, August 29, 2016
Fixing “Your connection is not private / secure" issue in Chrome / FireFox
Some of you might encounter some of the following errors depending on the browser you use:
This is caused due to an error associated with the SSL certificate.
I you are just a user this might mean that someone might try to steal your session or that the owner didn't configure their certificate correctly.
If you are the owner of the website here what you need to do!
At first you will need to check if the SSL certificate for your website is properly installed if installed at all. There are a lot of online tools for that but we will show you only one: https://www.sslshopper.com/ssl-checker.html
In the following you can check the main things you will need to check for:
1. Check the domain of the website is listed in the certificate you are using. All certificates are domain specific and all domains for which it's valid must be listed in it*;
2. Check from where your website is loading;
3. Check if all steps are ok;
4. Check if the entire chain is installed - on top of the SSl certificate you might need to install CA chain which is publicly available and can be downloaded from the SSL provider;
*www.domain.com and domain.com are different domains.
If there are any error you should see and error/warning as shown in the screenshot below:
For example in the above screenshot the website do not have installed SSL certificate and redirects to the first website in the Apache's list which is the website of my hosting.
If there is any issues with your certificate, try to fix them regarding the warning or contact your hosting support about it.
You can also write a comment below and I will review your issue personally.
Labels:
chrome,
connection is not private,
ERR_CERT_AUTHORITY_INVALID,
ERR_CERT_COMMON_NAME_INVALID,
firefox,
fix,
google,
https,
jooomla,
mozilla,
plugin,
private,
solution,
ssl,
website,
wordpress,
www
Sunday, July 17, 2016
Firewatch Game Cycling menu bug - A SOLUTION
Hello again boys and girls!
If you consider to play Firewatch you might encounter a pretty neat bug.
A friend of mine called me that he have an issue with this game Firewatch (You know how the things are when you are an IT guy ;) )
The issue was that when he started the game, the menu marker start circling over and over again like a button was pressed. Here is a gif of the bug:
Just FYI I noticed that the control keys for the menu are W, A, S, D and not the arrow keys.
However you can use the mouse so just navigate with it to "Settings" > "Controls" > Select "Ignore Other Input devices" and you are done. Here is a quick gif:
Now you are all set up!
Some of the devices connected in my PC was considered as a controller by the game (I have all of my actual controllers unplugged) and that's why the menu was cycling like that.
Have fun and don't stay too late playing ;)
Friday, July 15, 2016
Pokemon Go is not compatible with your device? Here is a A Fix and Neat Solution for Android
Hey!
So you want to play Pokemon GO but Google Apps Store keeps saying that your device is not compatible?
Don't worry there might be a solution for you.
First thing first! You will need to check if your device is compatible with Pokemon Go even if the Google App Store says it's not.
Here are the system requirements:
Android
- Android 4.4 to Android 6.0.1 (Android N will not supported until the official Android release)
- Preferred resolution of 720x1280 pixels (Not optimized for tablet)
- Strong internet connection (Wi-Fi, 3G, or 4G)
- GPS and Location Services
- Intel CPUs are not supported
How to check you Android version? Check this article: http://www.wikihow.com/Check-What-Android-Version-You-Have
Ok. Now lets install the Pokemon Go App.
1) First you will need to allow the installation of Applications from Unknown Sources.; To do that go to Setting > Security > Unknown Sources.
2) And now download the latest version of the app manually and install it from the following link: https://www.apkmirror.com/apk/niantic-inc/pokemon-go/
To check for newest version scroll down and check all versions.
Now go and catch them all!
Labels:
android,
app,
catch them all,
compatible,
game,
google,
huawei,
light,
not compatible,
p8,
p9,
phone,
pokeball,
pokemon,
pokemon go,
store,
version
Tuesday, July 28, 2015
Tutorial - How to migrate WordPress website (The proper way!)
Hello kiddos!
Today we will learn the proper way to migrate a WordPress website from one hosting to another. Not that method that teaches you to install fresh WordPress installation and to move few folders from the old hosting on top of it. This is not the proper way to migrate a website and can mess everything.
I will also try to keep it as simple as possible and will not involve complicated SSH command lines. Using SSH will save you a lot of time and efforts but it's more for the hosting support professionals than WordPress newbies. I will assume that if you know how to use SSH you will find your way to optimize this process ;)
Just to be clear:
DB = Database
Let's prepare few things, shall we?
If you haven't done it already, download FileZilla - Good FTP client. We will use it to transfer files and folders.
Get access to FTP/SFTP and phpMyAdmin to both hosting environments - mandatory.
Add the website into the new hosting. This depends on the hosting environment and if you are not sure "how to" just ask the hosting support.
Putty or ZOC terminal emulator is optional.
1) Download the files via FTP from the old hosting:
By using FileZilla connect to the FTP server of the old hosting and download all website's files to your computer.
Tip: You can reduce the download and upload time by putting all of the files in a archive.
Tip: Make sure that you have enabled "Force showing hidden files" in FileZilla. The option is located in: Server > Force showing hidden files.
2) Upload the files via FTP to the new hosting:
Again using FileZilla connect to the new hosting FTP server. Locate the website's directory and upload the files that you have already downloaded from the old hosting.
Tip: Check if you have moved the .htaccess file. Some users make custom rules there and it might be mandatory to move it.
Tip: Sometimes you will need to press F5 to refresh the folder and see any new files.
3) Export the Database from the old hosting:
Open phpMyAdmin. Locate the database and click on it. Go to the upper menu and click on the export option. Then click on Go.
Tip: If the Database is too big (more than 128-256MB you should ask the hosting support to export it for you via SSH (or use their Database backup solution). WP Plugins are often unreliable for that.
4) Check for old absolute paths in the DB:
Some plugins leave absolute paths in the DB and if you leave them this can lead to crashing of the website or at least performance issues.
Tip: You can download the DB and search and edit with Notepad++, gVIM or similar text editor.
Look for paths like this: /home2/userTest/public_html/wp-content/....
Replace before "wp-content" with the correct paths of your server. If you are not sure what are they consult your support or developer.
Tip: If you have moved your website to a different domain you should edit it and replace every old domain with the new one in it! This can be achieved by downloading the DB and edit it using Notepad++, gVim or similar text editor (just find and replace). In 99% of the cases this will be enough.
5) Import the Database to the new hosting:
We will need to configure and tune the website to work with the new hosting environment. I will assume that you have already created DB, DB user and DB password.
Open phpMyAdmin. Locate the database and click on it. Go to the import option on the upper Menu > "Browse" the files that you have just exported in your computer and upload it.
Tip: Again! If the Database is too big you should import it via SSH or ask the Hosting support to do it for you.
6) Locate the wp-config.php and edit it:
- Fill the credentials of the new environment - DB name, DB user, DB pass:
- Change the paths if there are any in the wp-confg.php file according to the new hosting environment;
7) Check for any errors in the error's log:
You can have some minor issues with the new environment. Every hosting environment is different and if you can't clean the errors alone the hosting support should help you.
8) Check your file's permissions:
If you have access to SSH run the following commands IN public_html:
find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;
If you are moving your website from WPEngine is little more complicated. and it's part of another tutorial.
Tip: I'm not recommending the usage of plugins to migrate websites. If you want to do it right do it manually.
Final Tip: If you are not sure what are you doing just hire a professional to do it for you ;)
Today we will learn the proper way to migrate a WordPress website from one hosting to another. Not that method that teaches you to install fresh WordPress installation and to move few folders from the old hosting on top of it. This is not the proper way to migrate a website and can mess everything.
I will also try to keep it as simple as possible and will not involve complicated SSH command lines. Using SSH will save you a lot of time and efforts but it's more for the hosting support professionals than WordPress newbies. I will assume that if you know how to use SSH you will find your way to optimize this process ;)
Just to be clear:
DB = Database
Before starting the migration!
Let's prepare few things, shall we?
If you haven't done it already, download FileZilla - Good FTP client. We will use it to transfer files and folders.
Get access to FTP/SFTP and phpMyAdmin to both hosting environments - mandatory.
Add the website into the new hosting. This depends on the hosting environment and if you are not sure "how to" just ask the hosting support.
Putty or ZOC terminal emulator is optional.
Let's begin with the migration!
1) Download the files via FTP from the old hosting:
By using FileZilla connect to the FTP server of the old hosting and download all website's files to your computer.
Tip: You can reduce the download and upload time by putting all of the files in a archive.
Tip: Make sure that you have enabled "Force showing hidden files" in FileZilla. The option is located in: Server > Force showing hidden files.
2) Upload the files via FTP to the new hosting:
Again using FileZilla connect to the new hosting FTP server. Locate the website's directory and upload the files that you have already downloaded from the old hosting.
Tip: Check if you have moved the .htaccess file. Some users make custom rules there and it might be mandatory to move it.
Tip: Sometimes you will need to press F5 to refresh the folder and see any new files.
3) Export the Database from the old hosting:
Open phpMyAdmin. Locate the database and click on it. Go to the upper menu and click on the export option. Then click on Go.
Tip: If the Database is too big (more than 128-256MB you should ask the hosting support to export it for you via SSH (or use their Database backup solution). WP Plugins are often unreliable for that.
4) Check for old absolute paths in the DB:
Some plugins leave absolute paths in the DB and if you leave them this can lead to crashing of the website or at least performance issues.
Tip: You can download the DB and search and edit with Notepad++, gVIM or similar text editor.
Look for paths like this: /home2/userTest/public_html/wp-content/....
Replace before "wp-content" with the correct paths of your server. If you are not sure what are they consult your support or developer.
Tip: If you have moved your website to a different domain you should edit it and replace every old domain with the new one in it! This can be achieved by downloading the DB and edit it using Notepad++, gVim or similar text editor (just find and replace). In 99% of the cases this will be enough.
5) Import the Database to the new hosting:
We will need to configure and tune the website to work with the new hosting environment. I will assume that you have already created DB, DB user and DB password.
Open phpMyAdmin. Locate the database and click on it. Go to the import option on the upper Menu > "Browse" the files that you have just exported in your computer and upload it.
Tip: Again! If the Database is too big you should import it via SSH or ask the Hosting support to do it for you.
6) Locate the wp-config.php and edit it:
- Fill the credentials of the new environment - DB name, DB user, DB pass:
/** The name of the database for WordPress */
define('DB_NAME', 'fill_the_db_name');
/** MySQL database username */
define('DB_USER', 'fill_the_db_user');
/** MySQL database password */
define('DB_PASSWORD', 'fill_the_db_password');
/** MySQL hostname */
define('DB_HOST', 'localhost'); //in 99% of the cases you should leave this as it is
- Change the paths if there are any in the wp-confg.php file according to the new hosting environment;
And now the fun part!
The final tuning!
7) Check for any errors in the error's log:
You can have some minor issues with the new environment. Every hosting environment is different and if you can't clean the errors alone the hosting support should help you.
Optional but recommended!
8) Check your file's permissions:
If you have access to SSH run the following commands IN public_html:
find . -type d -exec chmod 755 {} ;
find . -type f -exec chmod 644 {} ;
If you are moving your website from WPEngine is little more complicated. and it's part of another tutorial.
Tip: I'm not recommending the usage of plugins to migrate websites. If you want to do it right do it manually.
Final Tip: If you are not sure what are you doing just hire a professional to do it for you ;)
Friday, July 24, 2015
WordPress - Fixing “Your connection is not private” issue with Chrome v44
THIS ARTICLE WAS WRITTEN REGARDING A BUG IN CHROME AND THE ISSUE WAS FIXED A LONG TIME AGO.
TO FIX “Your connection is not private / secure" issue in Chrome / FireFox" PLEASE CHECK THE FOLLOWING ARTICLE: http://bgroot-eng.blogspot.bg/2016/08/fixing-your-connection-is-not-private.html
Update 1: The issue should be fixed in the last Chrome update (Version 44.0.2403.107 m)
TO FIX “Your connection is not private / secure" issue in Chrome / FireFox" PLEASE CHECK THE FOLLOWING ARTICLE: http://bgroot-eng.blogspot.bg/2016/08/fixing-your-connection-is-not-private.html
Update 1: The issue should be fixed in the last Chrome update (Version 44.0.2403.107 m)
It appears that in the Chrome 44 release (version 44.0.2403.89), that happened just yesterday, Google made one little change that affects many websites and not for good.
It's now sending the 'HTTPS:1' header on every request by default. This affects many websites (core and plugins) and mainly some WordPress Plugins. This should be a change for a good, to enhance security but it seems that a lot of the developers were not ready for that change.
In general if you are not using SSL certificate for your website and try to access the admin section of your WordPress site (domain.com/wp-admin) it will redirect you to the https version of the website and you will get the error that “Your connection is not private” and “ERR_CERT_COMMON_NAME_INVALID “.
Some of the plugin developers already released updates which will fix this bug. However a lot of them still haven't.
Here is the solution of the issue if you are using Wordpress CMS:
1) Update all of your plugins! (use different browser to access your wp-admin section) In most of the cases this will fix the issue.
2) Purge your cache if you are using any cache plugin.
3) Check if you can access your admin section via Chrome!
If it's fixed, you don't need to do anything else. If the issue was not fixed move to the next step!
4) I work for a hosting company optimized for a fast WordPress moneymaking websites. Our team have created one miniPlugin for WP which fixes this issue. You can download it from here:
https://trafficplanethosting.com/downloads/category/2/fixes/
Install the plugin from the Plugins section in your WP website:
Plugins > Add New > Upload Plugin > upload the ZIP you have already downloaded > Activate it.
When the plugin is active you should see a notice in the top of the page: “The fix for Chrome v44 is active now. Thank you for using Traffic Planet Hosting”. If you do not want to see this anymore you can click on “Close” and it will hide it for your user.
5) Check if you can access your admin section via Chrome!
You can remove the plugin when all of the plugin developers release fixes for their plugins.
Labels:
chrome,
chrome 44,
connection is not private,
ERR_CERT_COMMON_NAME_INVALID,
fix,
google,
https,
plugin,
plugins,
private,
solution,
ssl,
trafficplanethosting,
website,
wordpress,
wp-admin,
wp-login.php
Wednesday, July 22, 2015
Ensure high security of your WordPress Website!
In the next lines we will see several things that you need to do in order to enhance your website's security.
Here is what I recommend to ensure high security:
1) Keep your computer/s secure and do not access your mail or websites from public computers and/or unknown open WiFI networks. Some of the open WiFI networks are made with the only goal to snuff for private information (but this is a subject for another article). On the same subject:
- Using of Antivirus software is mandatory - Here are the good once: Avira Antivirus (free or paid), Avast (free or paid), ESET NOD32 (only paid)
- Scanning with passive anti malware software - recommending MalwareBytes. DO NOT activate the paid version. Use it in passive mode and scan regularly your computer.
2) ONLY use plugins and themes from TRUSTED SOURCES.
Some commercial plugins/themes can be found for free on seemingly good looking websites where it looks safe to download for free. Nothing on these legitmate-looking websites appears to suggest that the plugins or themes offered there are infected with a very powerful backdoor script called 'CryptoPHP'.
What this CryptoPHP can do:
After being installed on a webserver the backdoor has several options of being controlled which include command and control server communication, mail communication as well as manual control.
Backdoors of this type are mainly used for illegal search engine optimization, also known as Blackhat SEO. The backdoor is a well-developed piece of code and dynamic in its use. The capabilities of the CryptoPHP backdoor include:
- Integration into popular content management systems like WordPress, Drupal and Joomla
- Public key encryption for communication between the compromised server and the command and control (C2) server
- Backup mechanism in place against C2 domain takedowns by using email communication
- Manual control of the backdoor besides the C2 communication
- Remote updating of the C2 server list
- Ability to update itself
So we HIGHLY recommend to ONLY use plugins from TRUSTED SOURCES.
Here is a list of some of the websites that distribute plugins with CryptoPHP backdoor:
The following websites host the actual plug-in and theme files used for direct download:
If you have installed plugin or theme from one of these websites it is very likely your website to be infected with CryptoPHP.
What you need to do is at least delate the plugin/theme and check that you have additional admin user added and all your website looks like it should for the search engines.
You can do that from Google Webmasters Tools > Fetch as Googlebot .
3) Install CAPTCHA on your login page and comments.
4) Keep your WP and plugins up to date. A lot of vulnerabilities are found every day in plugins and WP itself. The truth is that 99% of the websites are hacked trough such vulnerabilities.
5) Last but not least, if you are using static IP to connect to internet you can Lock down your WordPress wp-admin. To allow access from multiple IP addresses, replace 123\.123\.123\.xxx with your own IP addresses:
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.121$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.122$
RewriteCond %{REMOTE_ADDR} !^123\.123\.123\.123$
RewriteRule ^(.*)$ - [R=403,L]
</IfModule>
Another way:
<FilesMatch wp-login.php>
Order Deny,Allow
Deny from all
Allow from 123.123.123.123
</FilesMatch>[/code]
If your IP address changes, you can protect your WordPress site by only allowing login requests coming directly from your domain name. Simply replace example\.com with your own domain name
Most brute force attacks rely on sending direct POST requests right to your wp-login.php script. So requiring a POST request to have your domain as the referrer can help weed out bots.
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{HTTP_REFERER} !^http://(.*)?example\.com [NC]
RewriteCond %{REQUEST_URI} ^(.*)?wp-login\.php(.*)$ [OR]
RewriteCond %{REQUEST_URI} ^(.*)?wp-admin$
RewriteRule ^(.*)$ - [F]
</IfModule>
Friday, August 1, 2014
How to remove "v9.com" from our browsers - A Solution! THE EASY WAY!!!
In general it's really hard to remove v9.com from infected machine. The reason of that is that it installs all over the OS and if only one trace remains it can infect the whole OS again!
OK! Let's start with the process. I will add screens later!
step 1. - Remove any suspicious software from your computer. You can uninstall software from the Start button -> control panel -> Programs and futures. Start with - V9 Toolbar, Browser defender, Browser protect, Browser protected by conduit, Delta search, Babylon Search, LessTabs, WebCake 3.0, Yealt, LyricsContainer, VideoSaver, AddLyrics, privacy safeguard, unfriend checker, Pricepeep today, Coupon amazing, TidyNetwork.com, DownloadTerms 1.0, Yontoo and continue with any other toolbar and software you decide is suspicious.
step 2. - Download and install anti malware/adware software. I can recommend Malwarebytes (i use this particular software to remove v9.com from my machine). You can use the free version in passive mode (download the free version and do not pick trail version in the end of the installation). I use it like this alongside with another active antivirus software (Avira Antivirus in my case)!
Scan the computer and quarantine everything the software finds.
OK! Let's start with the process. I will add screens later!
step 1. - Remove any suspicious software from your computer. You can uninstall software from the Start button -> control panel -> Programs and futures. Start with - V9 Toolbar, Browser defender, Browser protect, Browser protected by conduit, Delta search, Babylon Search, LessTabs, WebCake 3.0, Yealt, LyricsContainer, VideoSaver, AddLyrics, privacy safeguard, unfriend checker, Pricepeep today, Coupon amazing, TidyNetwork.com, DownloadTerms 1.0, Yontoo and continue with any other toolbar and software you decide is suspicious.
step 2. - Download and install anti malware/adware software. I can recommend Malwarebytes (i use this particular software to remove v9.com from my machine). You can use the free version in passive mode (download the free version and do not pick trail version in the end of the installation). I use it like this alongside with another active antivirus software (Avira Antivirus in my case)!
Scan the computer and quarantine everything the software finds.
Attention! Look for everything that looks like system files! Like explorer.exe, kernel32.exe and etc. If they are infected and you quarantine them the OS will fall and it will be really hard to fix it later!
step 4. - Clean the shortcuts! Right click over it -> Properties. From "Shortcut tab" in "target" section remove everything after " .exe" " it will look something like this "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://v9.com/djfsdfsdjfsdf[sd and must remain only that part "C:\Program Files (x86)\Mozilla Firefox\firefox.exe"!
Subscribe to:
Posts (Atom)