July 2020
« Mar    


WordPress Quotes

I try to learn from the past, but I plan for the future by focusing exclusively on the present. That's were the fun is.
Donald Trump
July 2020
« Mar    

Short Cuts

2012 SERVER (64)
2016 windows (9)
AIX (13)
Amazon (40)
Ansibile (19)
Apache (135)
Asterisk (2)
cassandra (2)
Centos (211)
Centos RHEL 7 (270)
centos8 (3)
chef (3)
cloud (2)
cluster (3)
Coherence (1)
DB2 (5)
DISK (25)
DNS (9)
Docker (30)
Eassy (11)
ELKS (1)
Fedora (6)
ftp (5)
GIT (3)
GOD (2)
Grub (1)
Hacking (10)
Hadoop (6)
health (2)
horoscope (23)
Hyper-V (10)
IIS (15)
JAVA (7)
JBOSS (32)
jenkins (1)
Kubernetes (7)
Ldap (5)
Linux (188)
Linux Commands (166)
Load balancer (5)
mariadb (14)
Mongodb (4)
MQ Server (24)
MYSQL (84)
Nagios (5)
NaturalOil (13)
Nginx (35)
Ngix (1)
openldap (1)
Openstack (6)
Oracle (35)
Perl (3)
Postfix (19)
Postgresql (1)
PowerShell (2)
Python (3)
qmail (36)
Redis (12)
RHCE (28)
Security on Centos (29)
SFTP (1)
Shell (64)
Solaris (58)
Sql Server 2012 (4)
squid (3)
SSH (10)
SSL (14)
Storage (1)
swap (3)
TIPS on Linux (28)
tomcat (62)
Ubuntu (1)
Uncategorized (30)
Veritas (2)
vfabric (1)
VMware (28)
Weblogic (38)
Websphere (71)
Windows (19)
Windows Software (2)
wordpress (1)

WP Cumulus Flash tag cloud by Roy Tanck requires Flash Player 9 or better.

Who's Online

0 visitors online now
0 guests, 0 bots, 0 members

Hit Counter provided by dental implants orange county





y default elasticsearch listens to localhost.

# netstat -na|grep LISTEN |grep 9200
tcp6       0      0          :::*                    LISTEN
tcp6       0      0 ::1:9200                :::*                    LISTEN       

If you want to access over the network you need to edit network.host parameter /etc/elasticsearch/elasticsearch.yml  file

———————————- Network ———————————–
# Set the bind address to a specific IP (IPv4 or IPv6):
# Set a custom port for HTTP:
http.port: 9200

Comment out network.host and type your IP address or type to listen all interfaces


and restart elasticsearch

# systemctl restart elasticsearch 


# netstat -na|grep LISTEN |grep 9200
tcp6       0      0 :::9200                 :::*                    LISTEN

  “name” : “Phantom Eagle”,
  “cluster_name” : “elasticsearch”,
  “cluster_uuid” : “k9tOhsoyTrOnvR-QpUpHxA”,
  “version” : {
    “number” : “2.4.1”,
    “build_hash” : “c67dc32e24162035d18d6fe1e952c4cbcbe79d16”,
    “build_timestamp” : “2016-09-27T18:57:55Z”,
    “build_snapshot” : false,
    “lucene_version” : “5.5.2”
  “tagline” : “You Know, for Search”

In this case, your elasticsearch will be accessible from network without any restriction. You should enable IP based filtering/firewall or user authentication.

Hotlink Protection

Enable Hotlink Protection on Apache

If your WordPress site is running on Apache, all you need to do is open the .htaccess file in your site’s root directory (or create it) and add the following:

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?google.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?bing.com [NC]
RewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yahoo.com [NC]
RewriteRule \.(jpg|jpeg|png|gif|svg)$ http://dropbox.com/hotlink-placeholder.jpg [NC,R,L]

The second line allows blank referrers. You will most likely want to enable this as some visitors use a personal firewall or antivirus program that deletes the page referrer information sent by the web browser. If you don’t allow blank referrers, you could inadvertently disable all of your images for those users.

The third line defines the allowed referrer, the site that is allowed to link to the image directly, this should be your website (update yourdomain.com above with your domain). The fourth, fifth, and sixth lines add search engines to the allowed list, because you don’t want to block crawlers such as Google bot or Bing bot. This could prevent your images from showing and indexing in Google image search.

And the seventh line defines the image you want the visitor to see in place of the hotlink protected image. This not required, but you could give them a friendly warning. If you want to allow multiple sites you can duplicate this row and replace the referrer. If you want to generate some more complex rules, take a look at this htaccess hotlink protection generator.

If you are using the above rules along with a CDN, you might also need to whitelist your CDN subdomain.

Enable Hotlink Protection on NGINX

If you are running on NGINX, all you need to do is open your config file and add the following:

location ~ .(gif|png|jpeg|jpg|svg)$ {
     valid_referers none blocked ~.google. ~.bing. ~.yahoo. yourdomain.com *.yourdomain.com;
     if ($invalid_referer) {
        return   403;

If you are a Kinsta user and aren’t using a CDN, we can add this for you. Just open up a quick ticket with our support team from the MyKinsta dashboard. If you are using the above rules along with a CDN, you might also need to whitelist your CDN subdomain.

Implementing Content Security Policy in Apache

Header unset Content-Security-Policy
Header add Content-Security-Policy "default-src 'self'"
Header unset X-Content-Security-Policy
Header add X-Content-Security-Policy "default-src 'self'"
Header unset X-WebKit-CSP
Header add X-WebKit-CSP "default-src 'self'"

You may also be interested in adding those headers:

Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header set X-Frame-Options "DENY"
Header set Strict-Transport-Security "max-age=631138519; includeSubDomains"




Along with SQL injection attacks, cross-site scripting (XSS) attacks are some of the more common to be used when attacking a website. Cross-site scripting attacks are a kind of hack where the attacker manages to inject a piece of code, normally in the form of Javascript, into a website where it is executed by another user.

Let 100TB give you the tools to execute infrastructure management quickly and efficiently with our secure and monitored virtual servers.

Originally, this just covered the use of fooling a website into loading a javascript file from another website, but these days this can also include other content files or malicious fonts and images that may be executed by either the end user’s computer or on the server itself. The purpose of this form of attack is often to infect other users with malware, gain access to their account information or to gain deeper access to the system when run by an administration account.

Content Security Policy

To help prevent against cross-site scripting attacks, the idea of the Content Security Policy was devised. While the first version of CSP was only published in 2012, it has a history running back to 2004 with attempts to resolve this issue. CSP version 2 is the current version of the standard and is supported by  both Chrome and Firefox, while Safari and edge only support version 1. It works when the web server sends a special header to the web browser identifying that the server implements a content security policy.  Ait then dictates from where the browser should load things like stylesheets, script files, images and fonts. The web browser should then reference this information when loading the HTML code for the site and then fail to load any files that aren’t allowed by the policy.

While this won’t render all XSS style attacks impossible, it will (when implemented well) prevent all XSS attacks involving tricking the browser to load malicious files from external websites. Implementing CSP is as simple as placing a few files of configuration in your web server configuration. When running Apache you can place this code in the virtualhost configuration for your website or in a .htaccess file for the directory your website resides within. For anyone running a website on a dedicated server or VPS then the virtualhost configuration method is recommended whilst the .htaccess file method should only be needed if your website is on shared web hosting.

How To Implement CSP

At this point I’m going to be assuming you know how to edit your virtualhost configuration or create a .htaccess file for this purpose. If not then we’ve previously provided guides explaining both that you could use for reference. So prepare your file and add the following directive:

Header set Content-Secure-Policy "default-src 'self';"

This is about the simplest set-up that you can have and informs the browser that the only content  it should be allowing for your site is content that is loaded from your own domain. The Content-Secure-Policy header can be broken down to a number of directives starting with the directive type and then providing the sources for use with the directive. The default-src directive applies to all forms of content such as images, CSS, Javascript, AJAX requests, Frame contents, fonts and media content. There are separate -src directives for each type of file such as script-src and img-src. A full list of the directive types and their potential source declarations is available at the Content Secure Policy site here: https://content-security-policy.com/

Multiple Directives

Each directive can have numerous sources applied to them and you can use multiple directives in the policy separated by semicolons. This allows for both strict and comprehensive settings for the policy. So let’s imagine a more complex example of a blog that may link to images from across the internet, uses Javascript from it’s own domain, jquery from Google’s CDN and Google analytics and only uses it’s own CSS. This could be handled with a header similar to the below:

Header set Content-Secure-Policy "default-src 'none'; script-src 'self' www.google-analytics.com ajax.googleapis.com; img-src *; style-src 'self';"

By including default-src ‘none’ in the directives the browser would block all external files that aren’t explicitly defined later in the Content-Secure-Policy header. The img-src directive uses an asterisk (*) as its source definition to illustrate that it should allow images to be allowed from any domain. Hopefully, the rest of it should be fairly straight forward.
Once you’ve created your Content-Secure-Policy header you can save your file, and if you’ve included the directive within your virtualhost declaration rather than in a .htaccess file, don’t forget to reload the Apache configuration for your changes to take effect.

HTTP Strict Transport Security for Apache, NGINX and Lighttpd

HTTP Strict Transport Security (often abbreviated as HSTS) is a security feature that lets a web site tell browsers that it should only be communicated with using HTTPS, instead of using HTTP. This tutorial will show you how to set up HSTS in Apache2, NGINX and Lighttpd. It is tested with all mentioned webservers, NGINX 1.1.19, Lighttpd 1.4.28 and Apache 2.2.22 on Ubuntu 12.04, Debian 6 & 7 and CentOS 6.It should work on other distro’s however, these are just reference values.

What is HTTP Strict Transport Security?

Quoting the Mozilla Developer Network:

If a web site accepts a connection through HTTP and redirects to HTTPS, the user in this case may initially talk to the non-encrypted version of the site before being redirected, if, for example, the user types http://www.foo.com/ or even just foo.com.

This opens up the potential for a man-in-the-middle attack, where the redirect could be exploited to direct a user to a malicious site instead of the secure version of the original page.

The HTTP Strict Transport Security feature lets a web site inform the browser that it should never load the site using HTTP, and should automatically convert all attempts to access the site using HTTP to HTTPS requests instead.

An example scenario:

You log into a free WiFi access point at an airport and start surfing the web, visiting your online banking service to check your balance and pay a couple of bills. Unfortunately, the access point you're using is actually a hacker's laptop, and they're intercepting your original HTTP request and redirecting you to a clone of your bank's site instead of the real thing. Now your private data is exposed to the hacker.

Strict Transport Security resolves this problem; as long as you've accessed your bank's web site once using HTTPS, and the bank's web site uses Strict Transport Security, your browser will know to automatically use only HTTPS, which prevents hackers from performing this sort of man-in-the-middle attack.

Do note that HSTS does not work if you’ve never visited the website before. A website needs to tell you it is HTTPS only.

Important regarding preload

In the below configuration the preload directive was used. As requested by Lucas Garron from Google I removed it since most people seem to do screw it up.

Please note that that THE PRELOAD DIRECTIVE WILL HAVE SEMI-PERMANENT CONSEQUENCE. If you are testing, screw up or don’t want to use HSTS anymore you might be on the preload list.

It is important that you understand what you are doing and that you understand that the preload directive means that it will end up in browsers. If your HTTPS configuration is wrong, broken or you don’t want to use HTTPS anymore, you will experience problems. See this page as well.

If you still want to use preload, just append it to the header after the semi-colon.

Set up HSTS in Apache2

Edit your apache configuration file (/etc/apache2/sites-enabled/website.conf and /etc/apache2/httpd.conf for example) and add the following to your VirtualHost:

# Optionally load the headers module:
LoadModule headers_module modules/mod_headers.so

    Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"

Now your website will set the header every time someone visits, with an expiration date of two years (in seconds). It sets it at every visit. So tomorrow, it will say two years again.
You do have to set it on the HTTPS vhost only. It cannot be in the http vhost.

To redirect your visitors to the HTTPS version of your website, use the following configuration:

<VirtualHost *:80>
  ServerName example.com
  Redirect permanent / https://example.com/

If you only redirect, you dont even need a document root.

You can also use modrewrite, however the above method is simpler and safer. However, modrewrite below redirects the user to the page they were visiting over https, the above config just redirects to /:

<VirtualHost *:80>
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}

And don’t forget to restart Apache.


The lighttpd variant is just as simple. Add it to your Lighttpd configuration file (/etc/lighttpd/lighttpd.conf for example):

server.modules += ( "mod_setenv" )
$HTTP["scheme"] == "https" {
    setenv.add-response-header  = ( "Strict-Transport-Security" => "max-age=63072000; includeSubdomains; ")

And restart Lighttpd. Here the time is also two years.


NGINX is even shorter with its config. Add this in the server block for your HTTPS configuration:

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; ";

Don’t forget to restart NGINX.

X-Frame-Options header

The last tip I’ll give you is the X-Frame-Options header, which you can add to your HTTPS website to make sure it is not embedded in a frame or iframe. This avoids clickjacking, and might be helpfull for HTTPS websites. Quoting the Mozilla Developer Network again:

The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a `<frame>` or `<iframe>`. Sites can use this to avoid clickjacking attacks, by ensuring that their content is not embedded into other sites.

You can change DENY to SAMEORIGIN or ALLOW-FROM uri, see the Mozilla link above for more information on that. (Or the RFC.)

X-Frame-Options for Apache2

As above, add this to the apache config file:

Header always set X-Frame-Options DENY


This goes in the lighttpd config. Make sure you don’t double the above set config, if you have that, just add the rule it to it.

server.modules += ( "mod_setenv" )
$HTTP["scheme"] == "https" {
    setenv.add-response-header  = ( "X-Frame-Options" => "DENY")


Yet again, in a server block:

add_header X-Frame-Options "DENY";

Detailed Docker container common operations

First, start the container

There are two ways to start a container. One is to create a new container based on the image and start, and the other is to restart the container in the terminated state. 
Because Docker’s containers are too lightweight, users often delete and recreate containers at any time.

New and start

For example, the following command outputs a “Hello World” and then terminates the container.

$ docker run Ubuntu :14.04 /bin/echo ‘Hello world’ 
Hello world

This is almost indistinguishable from directly executing /bin/echo ‘hello world’ locally.

The following command launches a bash terminal that allows the user to interact.

$ docker run -t -i ubuntu:14.04 /bin/bash 

The -t option causes Docker to assign a pseudo-tty and bind to the container’s standard input, and -i keeps the container’s standard input open.

When using docker run to create containers, the standard operations that Docker runs in the background include:

  • Check if the specified image exists locally. If it does not exist, download it from the public repository.
  • Create and launch a container with an image
  • Allocate a file system and mount a readable and writable layer outside the read-only mirror layer
  • Bridge a virtual interface into the container from the bridge interface configured by the host host
  • Configure an ip address from the address pool to the container
  • Execute a user-specified application
  • The container is terminated after execution

Starting a terminated container 
You can use the docker container start command to start a container that has been terminated.

Second, the guardian state runs

More often, you need to have Docker run in the background instead of directly outputting the results of the execution command under the current host. This can be done by adding the -d parameter.

$ docker run -d ubuntu /bin/sh -c “while true; do echo hello world; sleep 1; done” 

A unique id is returned when started with the -d parameter. The output can be viewed with docker logs [container ID or NAMES]. If you do not use the -d parameter. The output result (STDOUT) will be printed on the host

View container information with the docker container ls command.

$ docker container ls 
cb30b87566d0 ubuntu “/bin/sh -c ‘while t…” 2 minutes ago Up 2 minutes goofy_mcclintock

To get the output of the container, you can use the docker container logs command.

$ docker container logs goofy_mcclintock 
hello world 
hello world 
hello world 

Note: Whether the container will run for a long time is related to the command specified by docker run, regardless of the -d parameter.

Third, terminate the container

You can use the docker container stop to terminate a running container. The format is: 
docker container stop [options] CONTAINER [CONTAINER…]

In addition, when the application specified in the Docker container is terminated, the container is also automatically terminated. 
For example, only the container of one terminal is started. When the user exits the terminal through the exit command or Ctrl+d 
, the created container is terminated immediately.

The container for the terminated state can be seen with the docker container ls -a command. E.g

$ docker container stop goofy_mcclintock 

$ docker container ls -a 
cb30b87566d0 ubuntu “/bin/sh -c ‘while t…” 20 minutes ago Exited (137) 23 seconds ago goofy_mcclintock

The container in the terminated state is started by the docker container start command; the 
container of a running state is terminated and restarted by the docker container restart command.

Fourth, enter the container

When the -d parameter is used, the container will enter the background after it starts. 
Use the docker attach command or the docker exec command to enter the container. It is recommended to use the docker exec command for reasons explained below.

The attach command 
docker attach is a command that comes with Docker. The following example shows how to use this command.

$ docker run -dit ubuntu 

$ docker container ls 
e1ffd4f792fe ubuntu “/bin/bash” About a minute ago Up About a minute awesome_payne

$ docker attach e1ff 

Note: If exit from this stdin, it will cause the container to stop.

The exec command 
-i -t parameter 
docker exec can be followed by multiple parameters, here mainly the -i -t parameter. 
When only the -i parameter, since there is no allocation of pseudo-terminals, the interface is not familiar Linux command prompt, the command execution 
line results can still be returned. 
When the -i -t parameter is used together, you can see the Linux command prompt we are familiar with.

$ docker run -dit ubuntu 

$ docker container ls 
16168d4b66b1 ubuntu “/bin/bash” 58 seconds ago Up 57 seconds happy_bardeen

$ docker exec -it 16168 bash 

Exit from this stdin will not cause the container to stop. That’s why the docker exec is recommended. 
For more parameter descriptions, please use docker exec –help to view.

Fifth, delete the container

Delete a container that is in a terminated state in the format: 
docker container rm [options] CONTAINER [CONTAINER…]

$ docker container rm awesome_payne 

If you want to delete a running container, you can add the -f parameter. Docker will send a SIGKILL signal to the container.

Clean up all containers in the terminated state. Use the docker container ls -a command to view all the containers that have been created, including the termination status. If the number is too large, it may be cumbersome to delete them one by one. You can use the following command to clear all the termination status. Container.

Prune Container Docker $ 
! This by Will the Remove All the WARNING stopped Containers. 
Are you the Sure you want to the Continue [the y-/ N] the y-? 
Deleted Containers: 

Export and import containers

Exporting a container 
If you want to export a local container, you can use the docker export command.

Container Docker LS -a $ 
16168d4b66b1 Ubuntu “/ bin / the bash” 18 is happy_bardeen minutes minutes ago Member 18 is Up

$ docker export 16168d4b66b1 > ubuntu.tar

This will export the container snapshot to a local file.

Import container snapshots 
can be imported as mirrors from the container snapshot file using docker import, for example

$ cat ubuntu.tar | docker import – test/ubuntu:v1.0 

$ docker image ls 
test/ubuntu v1.0 91b174fec9ed 10 seconds ago 69.8MB 
ubuntu latest 735f80812f90 3 weeks ago 83.5MB

Alternatively, you can import it by specifying a URL or a directory, such as 
$ docker import http://example.com/exampleimage.tgz example/imagerepo

Note: Users can either use the docker load to import the image storage file to the local image library, or use docker import to import a container snapshot to the local image library. The difference between the two is that the container snapshot file will discard all history and metadata information (that is, only the snapshot state of the container at the time), and the image storage file will save the full record and be large. In addition, metadata information such as tags can be reassigned when importing from a container snapshot file.

EC2 volume size incorrect

Expanding the Storage Space of an EBS Volume on Linux

[root@data ~]# df -TH
Filesystem Type Size Used Avail Use% Mounted on
/dev/xvda1 xfs 859G 818G 42G 96% /
devtmpfs devtmpfs 4.1G 0 4.1G 0% /dev
tmpfs tmpfs 4.2G 0 4.2G 0% /dev/shm
tmpfs tmpfs 4.2G 26M 4.1G 1% /run
tmpfs tmpfs 4.2G 0 4.2G 0% /sys/fs/cgroup
/dev/xvdg ext4 212G 201G 4.1k 100% /databackup
/dev/mapper/vg_newlvm-centos7_newvol ext4 106G 20G 81G 20% /data1
tmpfs tmpfs 821M 0 821M 0% /run/user/1004
tmpfs tmpfs 821M 0 821M 0% /run/user/0

[root@data ~]# resize2fs /dev/xvdg
resize2fs 1.42.9 (28-Dec-2013)
Filesystem at /dev/xvdg is mounted on /databackup; on-line resizing required
old_desc_blocks = 25, new_desc_blocks = 50
The filesystem on /dev/xvdg is now 104857600 blocks long.

[root@data ~]# df -TH
Filesystem Type Size Used Avail Use% Mounted on
/dev/xvda1 xfs 859G 818G 42G 96% /
devtmpfs devtmpfs 4.1G 0 4.1G 0% /dev
tmpfs tmpfs 4.2G 0 4.2G 0% /dev/shm
tmpfs tmpfs 4.2G 26M 4.1G 1% /run
tmpfs tmpfs 4.2G 0 4.2G 0% /sys/fs/cgroup
/dev/xvdg ext4 423G 201G 203G 50% /databackup
/dev/mapper/vg_newlvm-centos7_newvol ext4 106G 20G 81G 20% /data1
tmpfs tmpfs 821M 0 821M 0% /run/user/1004
tmpfs tmpfs 821M 0 821M 0% /run/user/0
[root@data ~]#

rsync increment data

command will copy increment data and keep it in sync with remote server.

  1. It will copy only incremental data.
  2. It will delete if any data deleted from source.
  3. It will copy again from source if any data deleted at destination.
  4. basically this command will keep the both environment in sync.

rsync -avWe ssh --delete-before (source) root@localhost:(destination)
rsync -avW --delete-before -e ssh (source) root@localhost:(destination)


rsync -avWe ssh --delete-before /data root@
rsync -avW --delete-before -e ssh /data root@

To delete files in the target, add the --delete option to your command. For example:

rsync -avh source/ dest/ --delete

Apache Configure CORS Headers for Whitelist Domains

Apache Configure CORS Headers for Whitelist Domains



In the current implementation of Cross Origin Resource Sharing (CORS) the Access-Control-Allow-Origin header can only provide a single host domain or a wildcard as the accept value. This is not optimal when you have multiple clients connecting to the same virtual server and simply want to allow a list of known client host domains to the “allow” list.

Since only a single domain in a single access header can be delivered back to the client, Apache must read the incoming Origin header and match it to the list of “white” (accepted) domains. If an appropriate match is found, echo the domain host back to client as the value of Access-Control-Allow-Origin.

Use the following configuration snippet in the Apache virtual host “.conf” file or in the server “.htaccess” file. Ensure mod_headers and SetEnvIfNoCase are enabled.

<IfModule mod_headers.c>
   SetEnvIfNoCase Origin "https?://(www\.)?(domain\.com|staging\.domain\.com)(:\d+)?$" ACAO=$0
   Header set Access-Control-Allow-Origin %{ACAO}e env=ACAO

The regular expression https?://(www\.)?(domain\.com|staging\.domain\.com)(:\d+)?$ matches the URL of Origin, a required HTTP header for all requests. The pattern matches both the http and https protocols. It will match an optional www. subdomain and finally matches the actual host name of your whitelist entries. Any characters after the domain name are ignored. This example will therefore enable:

* http://domain.com
* https://domain.com
* http://www.domain.com
* https://www.domain.com
* http://staging.domain.com
* https://staging.domain.com
* http://www.staging.domain.com
* https://www.staging.domain.com

If you send a request from http://staging.domain.com/app/, the response would include the header:

Access-Control-Allow-Origin: http://staging.domain.com

If you sent another request from https://www.domain.com/client/, the response would include the header:

Access-Control-Allow-Origin: https://www.domain.com

Linux: include hidden files in tar archive

When you create a tar archive of a directory tree the hidden files are normally not included. Here’s how to include the hidden files.

Say you have a web directory called “/var/www/html/mysite/” that contains the following tree:


Normally you would use the tar command like this:

tar czf mysite.tar.gz /var/www/html/mysite/*

This way all files are tarred except the .htaccess files.

The solution is actually quite simple: replace the asterisk (*) by a dot (.):

tar czf mysite.tar.gz /var/www/html/mysite/.

This way the .htaccess files are included in the tarfile.

Reset your WordPress password via email

Reset your WordPress password via email

If you’ve forgotten your WordPress admin password, you can reset it via email from the WordPress dashboard login page following these steps:

  1. Go to your WordPress login page (example.com/wp-admin)
  2. Click on Lost you password? at the bottom
  3. Enter the Username or E-mail of your WordPress admin user, then click on Get New Password
  4. You should get an email with the subject [WordPress Site] Password Reset. The body of this email will contain a link below the text To reset your password, visit the following address, go ahead and click on that link.
  5. Type in your New password, confirm it, then click on Reset Password


WordPress makes it super easy to reset your password. You can simply go to the login screen and click on the ‘Lost your password’ link.

ow you can easily reset a WordPress password from phpMyAdmin.

Server: localhost »Database: wordpress »Table: wp__users

change the user name
change the user email id