Setting up SSH public key authentication

Tired of typing a password every time you login to your server? You’d be needing some SSH keys then. DSA ones are the best for this apparently, so on your local machine:

[bash]ssh-keygen -t dsa
cat ~/.ssh/id_dsa.pub[/bash]

copy the key you’ve just made to the clipboard, and on your remote machine paste it into the file ~/.ssh/authorized_keys

Simple as that. No more typing that password every time.


Fixing slow wp-cron requests on servers behind NAT routing

So we’ve been having a weird problem with WordPress installs on supposedly fast linux VMs running very slowly. It was mainly noticeable on server requests for the Dashboard by logged in users. After a bit of analysis using New Relic, we narrowed it down to external web requests taking a long time.

The trouble was, these requests were mainly pointed back to the server itself. For instance:

htp://myserver.com/wp-cron.php?doing_wp_cron=12345678

The actual load on Nginx & PHP processes was practically non-existent. PHP was just waiting for it’s cURL requests to come back. How strange.

As it turns out, the server was receiving all it’s network traffic via NAT, which meant that while myserver.com resolved to, say, 194.100.99.98 (an external IP), all the actual box was aware of was it’s internal IP, say 10.11.12.13. The external was never directly configured as one of it’s network interfaces. This meant that requests like the above had to make a round trip all around the network and back again before they’d get processed. Not good.

Our solution was to setup an alias for the loopback interface so the external IP would behave exactly the same as 127.0.0.1 when it was requested internally, and so never leave the box:

[bash]
vi /etc/sysconfig/network-scripts/ifcfg-lo:1

DEVICE=lo:1
IPADDR=194.100.99.98
NETMASK=255.255.255.255
NETWORK=194.100.99.98
ONBOOT=yes
NAME=loopback194
[/bash]

“service network restart” or a quick reboot and job done!

This was on CentOS 6.5 btw, but I’m sure it’s pretty similar for Ubuntu or any other flavour of Linux.


Git version control and WordPress

I use Git for pretty much any decent sized coding project I do, and that includes WordPress sites. There are a number of different ways to set things up, but I thought I’d share mine as I think it’s the cleanest and nicest way to go about it. …although I would, wouldn’t I!

First thing: Don’t keep the core files under version control. WordPress has a great update system baked in so this is not necessary.

Second thing: Make sure you can bring anything you wrote yourself under version control. As well as the template, you may make custom site specific plugins, have special things going on in your .htaccess etc. etc.

So, make a new git repo, copy the core files into it, tell git to ignore them all with .gitignore and start to commit and push our own code.

Make yourself an ssh key pair:

[bash]ssh-keygen -t rsa[/bash]

Accept the defaults, get the new public key:

[bash]cat ~/.ssh/id_rsa.pub[/bash]

Copy that into Github or Beanstalk or wherever your repository is hosted.

Now lets put it up on a server. As Git doesn’t like cloning into non-empty directories, we need to download the wordpress core into a separate dir and merge it in using rsync (mv will not work here):

[bash]cd /var/www/your_site
git clone git@your_repo.com:/whatever.git html
wget http://wordpress.org/latest.zip
unzip latest.zip
rsync -a wordpress/ html/
rm -rf wordpress[/bash]




Setting up Nginx on Amazon EC2 for WordPress

So I thought the first post may as well be about what I’ve done most recently, which is setup this blog. I’m running it on Amazon Web Services (AWS) because if it’s good enough for about fucking half the internet, it’s good enough for me.

EC2 is their VPS service, and it’s all I’ll be using for now until that million-billion hits an hour of traffic comes along, at which point I’ll get more complex. Read on for the HOWTO.
Continue reading “Setting up Nginx on Amazon EC2 for WordPress”