How to login remote server using SSH without password?

Simply run this on your command line.

$ cat ~/.ssh/id_rsa.pub | ssh yourusername@yourdomain.com 'cat >> ~/.ssh/authorized_keys'

Posted in Uncategorized | Leave a comment

Could not connect to LiveReload server

I’m using vagrant, virtualbox, guard-livereload, chrome browser, and Windows 7 OS.

I’m using the following command to login or connect to the vagrant server.
$ ssh 127.0.0.1 -p 2222 -i ~/.vagrant.d/insecure_private_key -l vagrant

In order, for my browser to connect to LiveReload server. I need to connect to the vagrant server via SSH:
Sample: $ ssh -L 35729:127.0.0.1:35729 <vagrant-ssh-config>
$ ssh -L 35729:127.0.0.1:35729 127.0.0.1 -p 2222 -i ~/.vagrant.d/insecure_private_key -l vagrant

Whew, You can now connect to the LiveReload server.

By the way, this is my Guardfile

...
guard 'livereload', :host => '127.0.0.1', :port => '35729' do
  watch(%r{.+\.(html)$})
  watch(%r{stylesheets/.+\.(css)})
  watch(%r{javascripts/.+\.(js)})
end
...

Posted in Uncategorized | Leave a comment

How to login to your server using SSH in PuTTY.

PuTTY is a free telnet and open source terminal emulator. I often use PuTTY to connect to my server for some reasons like creating a backup files, running simple scripts, deleting, moving files, and etc…

Below are the guidelines on how to use and login PuTTY to your server.

  1. Download and Install PuTTY
  2. Configuring PuTTY
    Enter you host name or IP Address.

    Example:
    123.45.67.89
    yourwebsite.com

  3. Credentials
    Enter your login username and password. You’ll notice that when
    enter a key password the cursor will not move and won’t even display
    anything like (*) just continue with it and then when you’re done just hit
    enter.

Done. You are now logged in. Please be careful using PuTTY you might delete, move, or overwrite your existing files. This is a powerful tool. If you need further information you can contact your hosting support about it or you can contact me. :)

Posted in Uncategorized | Leave a comment

Remove WordPress Header Tags

Add the code below to your [CURRENT_THEME_FOLDER]/function.php file.

<?php
remove_action( 'wp_head', 'feed_links_extra', 3 ); // Display the links to the extra feeds such as category feeds
remove_action( 'wp_head', 'feed_links', 2 ); // Display the links to the general feeds: Post and Comment Feed
remove_action( 'wp_head', 'rsd_link' ); // Display the link to the Really Simple Discovery service endpoint, EditURI link
remove_action( 'wp_head', 'wlwmanifest_link' ); // Display the link to the Windows Live Writer manifest file.
remove_action( 'wp_head', 'index_rel_link' ); // index link
remove_action( 'wp_head', 'parent_post_rel_link', 10, 0 ); // prev link
remove_action( 'wp_head', 'start_post_rel_link', 10, 0 ); // start link
remove_action( 'wp_head', 'adjacent_posts_rel_link', 10, 0 ); // Display relational links for the posts adjacent to the current post.
remove_action( 'wp_head', 'wp_generator' ); // Display the XHTML generator that is generated on the wp_head hook, WP version
?>

Posted in Wordpress | Leave a comment

WordPress Hack: Malware Scanner

This Malware Scanner script scans files and detects for a possible malware codes. This script will return a list of possible infected files. Each file will be labelled with (eval, c99madshell, & long_text) and a portion of the matched codes. The script will match a word “eval(…), <?php $md5=”…”; $wp_salt=”…”; … (also know as ‘c99madshell’), and a long_text such as “FEKS2121asFklMn83kUgdlf/sDkn12L+…”, because I believe these are potential malware code.

When you’re done running the malware scanner script, double check the result. Do not delete or clean them immediately. The script matches also clean files as long as it has the 3 potential hacker codes. So, please be careful.

Below are the sample results:

1. ./website.com/wp-includes/js/tw-sack.dev.js – eval – eval(this.response

  • File  - ./website.com/wp-includes/js/tw-sack.dev.js
  • Label – eval
  • Small portion of Matched Code – eval(this.response
  • Not a hacker code

2. ./website2.com/system/libs/65d1.php – long_text – UeZTUf77n6yg8roYttj54AztjS3gfP7FhotwRGOTO9CKDOJeAr

  • File  -  ./website2.com/system/libs/65d1.php
  • Label – long_text
  • Small portion of Matched Code – UeZTUf77n6yg8roYttj54AztjS3gfP7FhotwRGOTO9CKDOJeAr
  • I checked the file and confirmed it was a hacker’s code.

Download Malware Scanner
To use the script you can run it on your favorite browser or using a command line (recommended):

$ time php scanner_2.6.php 2>&1 >> scanner_log | tail -f scanner_log

This command will run the scanner_2.6.php and log the output on scanner_log file.

scanner_2.6
Title : scanner_2.6
Caption :
File name : scanner_2.6.zip
Size : 3 kB

Posted in Wordpress | 67 Comments