Carey

Filezilla on Pantheon

FileZilla is an FTP client that allows you to upload and import files to and from the Pantheon server. This app allows you to copy several files at the same time. It is a cross-platform software that is available on Windows, Mac OS, and Linux.

This article will walk you through the steps of downloading and uploading your WordPress or Drupal site on Pantheon.

Download Filezilla

If you don’t already have FileZilla installed, grab the most recent update and install it on your computer.

Start Filezilla

Start FileZilla by looking for the application on the start menu or search bar on Windows, on the applications folder on Mac OS, and search for Ubuntu. Keep in mind that Pantheon uses a non-standard port for SFTP, and the protocol must be SFTP rather than FTP.

Create a New Site

Click the Site Manager Icon, that would be the Icon under the File menu.

This would prompt the Site Manager window that would allow a new connection to be made on Filezilla.

Click the New Site button and put details from the Site Dashboard Connection Info from Pantheon. Use the password that is being used on Pantheon User Dashboard. Make sure the Protocol is in SFTP and is using port 2222.

Select to accept the server’s host key for the current session so it is stored in the cache. This will allow you to connect to the server and manage your files for the current session.

To get to the site’s root simply navigate to the code folder and you will be able to continue managing your files as normal.

Block IP Addresses in WordPress

There are several reasons that might need to block an IP address from accessing the site. I’ve categorized the reasons in no particular order:

  • Unnecessary traffic
  • Spam
  • Brute Force Attack
  • DDoS Attack

Unnecessary traffic

Usually, this is traffic generated by bots crawling the site, they might be good or bad bots. A bot is considered good when it would adhere or follow what’s on the robots.txt file, the other one would just ignore the contents. There are also some email harvesters, content scrapers, and web extractors. This adds bandwidth and sometimes hinders the loading of the site.

Spam

Spam is unwanted messages, usually on form submissions like contact forms, registration pages, and comment pages. They sometimes become annoying since the query does not come from legitimate users or customers. On server access logs most of them come with a single IP.

Brute Force Attack

A brute force attack is a series of login attempts trying to guess the password. There are many methods of doing this, one is doing all the combinations to log in, another is using a dictionary of known weak passwords. Access to the wp-admin dashboard is really plenty on server access logs.

DDoS Attack

DDoS is an acronym for Distributed Denial of Service. The DDoS attack utilizes several IP addresses that send multiple requests with the aim to exceed the bandwidth and limit access to a website.

Blocking an IP using a plugin

The most sophisticated plugin for securing a WordPress site is Wordfence. Wordfence features a built-from-the-ground-up endpoint firewall and malware scanner to secure WordPress. Wordfence gets the latest firewall rules, malware signatures, and malicious IP addresses from its Threat Defense Feed, so it can keep the website secure. Wordfence is the most robust WordPress protection system today, with 2FA and a suite of additional tools.

Here are other plugins worth considering in blocking IP:

Blocking an IP in Server Configuration

On Apache servers, this can be done by adding Deny keyword on .htaccess

# Block Single IP
Deny from 192.168.254.1

# Block Entire Subnet
Deny from 192.168

# Block using CIDR
Deny from 192.168.254.0/24

On Nginx servers, add access.conf file on Nginx configuration folder.

location / {
   deny 192.168.254.1;
 }

After adding, reload the configuration or restart Nginx.

Blocking an IP by using PHP

Use a PHP snippet to block IP, the best way to put the code on wp-config.php, the server would deny the IP before bootstrapping the core, plugins, and themes.

if ($_SERVER['REMOTE_ADDR'] == '192.168.254.1') {
  header('HTTP/1.0 403 Forbidden');
  exit;
}

Wrapping UP

I think the best method to use is the server configuration and PHP code inclusion. Even if the site is experiencing a DDoS attack, the Server and PHP code can be added instantly.

Starting with PHP

Just bump around recently with some students from a University nearby our home, though it is not yet part of their curriculum they are more than interested in the language. So I am going to write some simple tutorials regarding the language. The last time, I taught or mentor was very long ago, so this would be an exciting journey for me.

When PHP not yet existed?

If my memory serves me right, people do have the internet by 1995, most of the sites use CGI (Common Gateway Interface). If you need to fetch data from a database server, you would need to use the C language or Perl script. It’s a little bit hard to debug or develop since the need to spit out the information either to compile if it’s on C if it’s on Perl not many server log messages to pinpoint where the error is. You would see some servers have the cgi-bin folder that uses to house scripts that will interact with a Web browser. I think it has still today especially for most cPanel hosts.

Here comes PHP

PHP was written by Rasmus Lerdorf in C language. It was written in C because it was the language Rasmus was most comfortable with at that time. Unlike using CGI (Common Gateway Interface) the approach was to embed it with HTML, mostly just specifying with the file extension php. Basically, a scripting language that is executed on the server.

<!DOCTYPE html>
<html>
<body>
<h1>Heading</h1>
<p>paragraph.</p>
<?php
echo 'Hello world';
?>
</body>
</html>

The basic syntax of PHP is very similar to that of Perl, and both share several syntactic features with C. Whitespace is ignored in code, statements are ended with semicolons, and curly braces group together several statements into a single block. The name of the function is accompanied by the actual arguments, which are enclosed in parentheses and separated by commas.

<?php // all code starts with this tag 

// single statement
$variable = "Value of variable"; 

// sample function
function sample($argument, $argument2) {

}

// all code end with this tag
?>

The best way to learn a language is by using it. We would try to install PHP on a server or on a local development machine.

Installing WP Rocket on Pantheon Platform

Some people do find a hard time installing WP Rocket on Pantheon since it creates files on a write-protect folder set by Pantheon Platform.

The solution was to create a symlink and point to the write permitted folder which is the wp-content/uploads folder.

Please take note that this step is not recommended to be used on any SFTP app but only on the SFTP command line. Since creating symlinks over SFTP have inconsistencies between clients. The process below was tested using MacBook Pro (Mojave), Ubuntu 18.04.4 LTS, and Windows 10 (Release 1909)

  • Create a folder cache and wp-rocket-config on wp-content/uploads folder on DEV first (later would be TEST and LIVE).
  • Remove the wp-content/cache folder. If there is a wp-content/wp-rocket-config folder, remove it also.
  • Create a symlink via the terminal command line.

Note: Be sure that you are in the wp-content folder.

$ ln -s ./uploads/cache cache
$ ln -s ./uploads/wp-rocket-config wp-rocket-config
  • Commit and push the symlink via git.
  • Create the folder cache and wp-rocket-config in wp-content/uploads​ for TEST and LIVE.
  • Commit and deploy code to TEST and LIVE.
  • Activate the WP-Rocket plugin and apply the license code.

Hopefully, this will help users install the WP-Rocket Plugin on the Pantheon Platform.

Happy Coding.

Installing Terminus on Windows using WSL 2

What is WSL? It stands for Windows Sub System for Linux. A Linux-compatible sub-system without having a need for a virtual machine. Though not entirely compatible that would run all the Linux commands and features it is good enough to install Terminus, the command-line tool from Pantheon.io.

A note of warning, since this instruction would require installing WSL, there is an article from TrendMicro a security flawed attack better read this first to be aware https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/bashware-attack-targets-windows-system-for-linux-wsl .

If you want a secure way, head over to one of the blog posts, Installing Terminus on Windows using a Virtual Machine.

First thing first, install WSL. Open up Powershell as an administrator.

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux

Restart Windows.

After restarting go to Microsoft Store and search for “Linux”, select “Run Linux on Windows”. Pick Ubuntu and get it.

It would take a while for the installation process, you would be asked to provide a new username and password.

If you got to the Ubuntu shell, install the PHP repository

   sudo add-apt-repository ppa:ondrej/php 

Make sure we are getting all the recently updated software to be installed.

sudo apt-get update

Here are all the necessary libraries that we need.

sudo apt-get install curl php7.4 php7.4-curl php7.4-cli php7.4-mbstring php7.4-xml git unzip 

Install terminus

cd ~

mkdir terminus3

cd terminus3

curl -L https://github.com/pantheon-systems/terminus/releases/download/`curl --silent "https://api.github.com/repos/pantheon-systems/terminus/releases/latest" | perl -nle'print $& while m#"tag_name": "\K[^"]*#g'`/terminus.phar --output terminus

chmod +x terminus

sudo ln -s ~/terminus3/terminus /usr/local/bin/terminus

That’s it enjoy Terminus on Windows.