Composer is a dependency manager for PHP, written in PHP. Specifically, it’s used to simplify the process of using PHP libraries in your projects. The use can range from getting a framework, including a library class, or open source projects; generally these packages are downloaded by Composer and then implemented by a developer in a website’s code. Continue reading “Composer 101”
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are common threats that every publicly accessible web server faces. The purpose of such attacks, in simplest terms, is to flood a server with connections, overloading it and preventing from accepting legitimate traffic.
Attacks increasingly have become automated instead of directly targeted and botnets (networks of infected computers that can be remotely controlled) continue to grow at a rapid pace, making DoS and DDoS attacks much more common.
Fortunately, CSF can be used to help mitigate small attacks. Continue reading “Basic DoS/DDoS Mitigation with the CSF Firewall”
In addition to being able to manage traffic from a specific country or a list of countries, CSF allows you to manage access by country to specific ports. This can be useful if you need to ensure that a particular service is available globally (such as your web server on port 80) but want to restrict international access to services such as WHM/cPanel, SSH, or FTP. Continue reading “How to Block or Allow Specific Ports by Country in the CSF Firewall”
One of the most-requested features on cPanel servers is the ability to manage and filter traffic at a country level. With the ConfigServer Firewall (CSF) plugin in WebHost Manager, you can do exactly that. Continue reading “How to Allow Traffic by Country in the CSF Firewall”
One of the most-requested features on cPanel servers is the ability to manage and filter traffic at a country level. With the ConfigServer Firewall (CSF) plugin in WebHost Manager, you can do exactly that.
Country-level filtering in CSF uses the Maxmind GeoLite Country database to obtain CIDR (Classless Inter-Domain Routing) ranges for specific countries. Each CIDR range covers all the IP addresses assigned to that country. Continue reading “How to Block Traffic by Country in the CSF Firewall”
Prior to making direct edits to the firewall configuration file or changing advanced firewall settings in WHM, a backup of the current configuration should be taken so that the settings can quickly and easily be reverted if needed. Continue reading “How to Back up and Restore the CSF Firewall Configuration”
WordPress Optimized Template sites installed via the Sites tab in Manage automatically are backed up each day, with the server retaining the 10 most recent backups. You can easily restore any site from an available backup in the Sites dashboard in Manage. Continue reading “How To Restore WordPress Optimized Template Backups”
Using the Command Line Tools
Liquid Web’s WordPress Optimized Template servers come with a pre-installed set of command-line tools designed to simplify common site maintenance tasks. WP-CLI (WordPress Command Line Interface) can be accessed via SSH, and allows you to do nearly anything that can be done from within the WordPress admin interface. Continue reading “Using WP-CLI With Your WordPress Optimized Template Site”
- SSH File Transfer Protocol (SFTP) is the most secure way to upload files to your WordPress Optimized Template site.
- This article is intended specifically for connecting to a WordPress Optimized Template site using the free, cross-platform FTP client FileZilla, but the connection details should apply to any FTP client.
Step #1: Enter the Connection Details
- FTP/SFTP connection details are included in the “Welcome to your new WordPress site” email that was automatically sent to you upon adding the site in the Sites section of your Manage dashboard. In case you don’t have that handy, you will use:
- Host: The domain name or IP address of the site
- Username: The WordPress admin username created when adding the site
- Password: The password you assigned to the WordPress admin user when adding the site
- Port: 22 (Port 21 can be used for a standard FTP connection, but it is not recommended. SFTP should be used for maximum security. All connection details other than the port number are the same either way.)
- In FileZilla, enter the host, username, password, and port into the Quick Connect toolbar and press the Quickconnect button.
- This article applies specifically to Liquid Web’s Managed WordPress servers.
We will be adding a WordPress site directly through the Manage interface, the preferred method for WordPress Optimized Template servers.
Step #1: Open the Server Dashboard
- Log into your Manage dashboard and click the [+] button to the left of your WordPress Optimized Template server’s name to expand the dashboard.
- Click on the Sites button in your dashboard to launch the WordPress Sites view.
Step #2: Add A Site
- To add a site, click the Install a WordPress Site button, fill out the requested information, and then click Add Site to add the new site.
- Domain Name is the domain name you want to add to the server. If the domain name is using Liquid Web nameservers, a free SSL certificate will be ordered and installed on the domain, and WordPress will be configured to use the https protocol on the site. If the domain name is pointed elsewhere, an SSL can be added later.
- Username is the WordPress admin user. The username specified here will be used to log into both WordPress and the site’s cPanel account. It must be 16 characters or fewer.
- Email is the contact information for the site.
- Password is the credential which will be used to log into both WordPress and cPanel. It should be a strong password, and can contain upper- and lower-case letters, numbers, and basic special characters such as underscores.
- Verify Password requires you to enter the password again, and will alert you if it does not match what was entered on the Password field.
- Automatic Updates allows you to choose between automatically updating WordPress itself (Core), WordPress and its plugins (Core and Plugins), or disabling automatic updates altogether (None). It is recommended to at least enable automatic updates for WordPress itself.
- The site now will be listed in your Sites dashboard, where you can change update preferences or install a free standard SSL on the domain.
Step #3: Review Settings
Once you return to the Sites dashboard in Manage, you’ll now see your new WordPress site listed in the WordPress Sites section. Click on the [+] next to the domain name to expand the view and configure options for the site.
- Automatic Updates: You can choose to have the WordPress core or the WordPress core and all plugins updated automatically, or you can disable update Automatic Updates altogether. Simply click the Update button after making any changes to the selected option.
- Automatic Backups: The WordPress installation automatically will be backed up on a daily basis, and 10 of the daily backups will be retained. Beginning on the 11th day, the oldest backup automatically will be deleted when a new one is created. You will see a list of each backup listed under Automatic Backups once the first backup has been taken.
- Install Free Signed SSL: Automatic SSL installation is possible only when the site’s domain name is registered and pointed to Liquid Web’s nameservers. If the domain is new or using other nameservers, you can click Install Free Signed SSL to get an SSL certificate for the domain ordered and installed at no charge.
Note that WordPress Optimized Template Hosting includes a free standard domain SSL certificate covering the domain name of each WordPress site you add to the server. The server itself is protected by a self-signed SSL certificate to encrypt cPanel, mail, and ftp connections. If you would like to purchase a third-party verified SSL certificate to cover core services on your server, you can find instructions for ordering and installing an SSL certificate for your hostname at Install an SSL certificate on a Domain using cPanel, and you’ll find a guide to installing the certificate at Installing Service SSLs in cPanel. Should you need any assistance purchasing or installing an SSL certificate for the hostname, please feel free to contact a Heroic Support® technician.
- Delete WordPress Site: The Delete WordPress Site button will completely remove the site and its associated cPanel account, and all data associated with the site immediately will be removed from the server. That data will not be recoverable, so it’s imperative that you confirm that you have a local backup of the site files before deleting any site.
Any local backups taken would be stored on the server; these types of backups would be deleted along with the rest of the files in the account if you were to delete the site. It is recommended that any such backups be downloaded to your local computer before you delete a site. Storm® backups, if you elected to configure them during server setup or enabled them later via the Backup tab in your Manage dashboard, do contain a full image of the server and would not be deleted by removing the account; however, restoring an individual file or site from a full-server backup is not a drag-and-drop process and can require significantly more time than restoring from a local backup.
Step #4: Access Your New Site
Once you’ve added the site, an email will automatically be sent to the address on file for your account. The “Welcome to your new WordPress site” email contains:
- the WordPress site’s login URL
- the site’s IP address (for adding or updating the domain’s DNS record)
- instructions for obtaining your free SSL certificate (if it was not able to be installed automatically)
- SFTP connection information
Once you have made any necessary DNS changes and they have had time to propagate, you should see a standard WordPress installation at the site’s URL. You then can log in and start working with your WordPress Optimized Template site.