Top Nav

Archive | Web

Upgrade CURL

The Yoast SEO plugin in WordPress has started advising users to upgrade curl to the latest version. On CentoOS this can be done easily using the repo here:

For a CentOS 6 server, here are the steps:




404 On sitemap_index.xml With Yoast SEO After Site Migration

After moving and renaming a site, we were getting 404 errors for the sitemap generated by Yoast SEO at:

After digging around it turned out the solution was to reset permalinks by going to:

Settings -> Permalinks

and clicking the Save button without making any changes.


Changing Magento Path

Suppose you have a Magento Commerce store at:

but you want to change the URL to:

There are plenty of articles that give the basics like:

Basically the steps are:

1. Login to admin, go to Configuration -> Web and change the secure and insecure urls.

2. Move the store/ folder to catalog/

3. Clear cache and sessions folders with

4. Add a rewrite rule in your .htaccess to send traffic from the old path to the new path:

So far so good but we found several additional steps that might be needed. If compilation is turned on then you may need to do:

Next if you have APC installed in PHP then you may need to restart the web server to clear the APC cache with something like:

If you have memcached configured as the cache backend then you’ll also need to restart memcached:

Let us know if the comments if you find any other steps that are needed to successfully move magento to a new path.




How-to Mitigate Bittorrent DDOS Attacks

You’ll know that you’re getting hit with a Bittorrent attack when the server slows down and you see log entries referencing:

Here’s a good article about one sysadmin’s struggle with this type of attack:

There are a number of possible strategies to mitigate this attack:

1. CloudFlare will block but it can take time to move DNS to CloudFlare and activate.

2. Create an announce.php file that returns an error like this:

This will use fewer resources then letting WordPress or other CMS return a 404.

3. Block in iptables with a rule like this:

Not sure how efficient this is on a high traffic web server.

4. Block in Apache config:

5. Block with fail2ban as described here:

Note that Plesk 12 has fail2ban built-in so this fix is easy to implement.

6. If traffic is limited to a range of IP addresses then block that range in any available firewall. For example we’ve defeated this attack in one case by blocking a class B range from China.

Other suggestions on blocking this type of attack are welcomed. Comment below and let us know if you’ve seen this attack and how you handled it.


Magento – List Applied Patches

You can view a list of patches that have been applied to a Magento site with:

You’ll get something like this: