Protect your WordPress from Yoast Vulnerability


Yoast logoThere is a new vulnerability affecting popular WordPress plugin Yoast. If you’re using the plugin, update it to the most recent version to protect you and your customers from attack.

What is Yoast, and what is the vulnerability?
Yoast is an SEO plugin for WordPress. Versions of the plugin prior to are vulnerable to a blind SQL injection attack, which can lead to a database breach and exposure of confidential information.

What do you need to do to protect your website?
If you’re using Yoast, upgrade to the latest version (1.7.4). Make sure you regularly back up your site to prevent irreparable damage from attacks, take advantage of WordPress’s automated updating of plugins and themes and avoid WordPress plugins that don’t allow for auto-updating.

undefined symbol: xmlTextReaderSetup error in Plesk

A quick one, about an issue that appears after Plesk upgrade to 10.4 version on I686 CentOS or RedHat.

It seams is not ok for the new sw-engine, and after the upgrade, there is “Internal server error 500”
And typical error in the sw-wngine log:

/usr/bin/sw-engine-cgi: symbol lookup error: /usr/bin/sw-engine-cgi: undefined symbol: xmlTextReaderSetup

The soliton is to remove manually the ingine:

#rpm -qa | grep sw-en
#rpm -e sw-engine-2.3.1-201410061604.rhel5 –nodeps

Then download the appropriate one from

In my case it was:


Then you may need to fix some apache configuration issues:

#/usr/local/psa/admin/bin/websrvmng -av

That is all.

SteamOS – it’s about time!

globalheader_logo“Thousands of games, millions of users. Everything you love about Steam.
Available soon as a free operating system designed for the TV and the living room.”

For a long time I was wondering why the big development companies focused on creating games haven’t adopted any Linux distribution and based on it to create “THE GAME OS” – where the ‘main’ purpose of the OS is gaming, but you’ll have the benefit to take the advantage of using common Linux software. It seams something like this is going to happen! Recently Steam announced SteramOS . It will be the new home of “All Steam games you like“, “In-home Streaming“, “Music, TV, Movies”  etc. More information on the official page:

CentOS joins Red Hat.

centos_red-hatCentOS has joined forces with Red Hat! As per officially announced at: – some of the core members: Karanbir Singh, Johnny Hughes Jr, Jim Perrin and Fabian Arrotin are moving to Red Hat. Someone may say that the money already started raining as mirrored in the new look of Here are some of the statements:

” Some of the key things that are changing:
– – Some of us now work for Red Hat, but not RHEL. This should not have
any impact to our ability to do what we have done in the past, it
should facilitate a more rapid pace of development and evolution for
our work on the community platform.

– – Red Hat is offering to sponsor some of the buildsystem and initial
content delivery resources – how we are able to consume these and when
we are able to make use of this is to be decided.

— The changes we make are going to be community inclusive, and promoted,
proposed, formalised, and actioned in an open community centric manner
on the centos-devel mailing list. And I highly encourage everyone to
come along and participate.”

Maybe they are not ling but still the question is: “Now, where does CentOS stand in the money tree?”


Registrant Email Verifications Process for Domain Name Registration

Iccan Email Verifications ProcessStarting on the 1st of January 2014, all domain Registrars will ask every Registrants to verify their ownership through email via the Registrant Email Verification process. When an unverified Registrant contact is used to register a domain name, an email will be sent to the Registrant’s email address. The receiver will have up to 15 days to respond to that email after which, their domain name will be suspended. This regulation was approved on 27th. June 2013, by the ICANN board and any registrars that fail comply will risk having their agreement revoked by ICANN.

The Registrant first name, last name, and email details of the Registrant contact will be used to validate a Registrant contact. Changes to any one of those three data will trigger the Registrant Email Verification process when the contact is used to register a new domain name. If the verification is not completed within 15 days, on day 16th day DomainPeople will update the DNS to DomainPeople’s and the domain/s will resolve to a suspended verification page.

Also the Registrant Email Verifications Process will only be applicable to generic Top Level Domains per ICANN requirements. For exmaple: .com .net .pro but not .ca .us domains.

Here is an example lifespan of the registratnt email verification process:

Ubuntu Remote Desktop – multiple users

When I got my new dedicated server setup with Ubuntu server 12.04 LTS, I wanted to use it both for website hosting and multiple users remote desktop work.
It took me some time to arrange all the steps to have the above completed, and as far as the hosting part was pretty easy, the multiple Ubuntu users desktop setup needed some jugs of coffee before start working as I wanted it.

So, I presume you have logged in to your server with some user already, so we will stat with updating the system:

Next, as I want all Gnome desktop features, will install it completely with:

Unity looks fancy, but I want the old Gnome panel, and I do not need “compiz”, so:

Next what we need is a VNC server.

The tricky part here is that you have to create several configuration files for the Ubuntu Remote Desktop user. This is really time consuming if you have to read all the settings and creating the files by yourself.

It is more easy to start the VNC server which will create the files automatically:

You will be asked for a password so enter it, and then kill the server as we have to make some configuration changes:

Edit the xstartup configuration file:

And make it looks like this:

Now you can start the vnc server with this:

Certainly you can change the settings if you want different Remote Desktop geometry.

Now use your preferred VNC client – (Linux) and (Windows) are my suggestions – and connect to the Ubuntu Remote Desktop server using x.x.x.x:2 as (:2) is the number of display used to run for the client. If you have more than one running you should use different number at the end.

As I saying different desktops, I am going to add another user to my Ubuntu Remote Desktop server.
For this I will need to repeat the above steps for creating (and starting) the VNC profile for each user. This one is not yet automatically implemented, but it is not a big deal.
First I will add another user:

Complete the several steps for creating the user which is including creating the password and user personal information.
(A little trick when you want to add user with administrative privileges is to type the command as : adduser admin
Then start the VNC server once to create the VNC password:

Open VNC startup file for the ‘newuser’

And paste the same configuration as for the first user:

Save the file and start the service

Now using VNC client you can connect to the new user Desktop as going to x.x.x.x:3 address.

The next step is to automate a little bit the start-up precess for these Ubuntu Remote Desktop users. Otherwise you have to start vnc4server for each user when the server is rebooted.

So, switch to root (it is just more easier) and then create vncserver folder and create file as vncservers.conf:

Inside put the following massive:

Where ‘user’ is the main user you are dealing with (the one we configured VNC for initially) and ‘newuser’ which is the second user are we have created. If you have more users created and the above steps for settings passwords and vnc4srver start-up completed, add more lines accordingly wit (:4),(:5) etc. screens.

Then create startup script for VNC server as:

And put the following lines inside:

Make the script executable, and add it to the startup scripts:


And all added users in /etc/vncserver/vncservers.conf will be able to connect via Remote Desktop.

Certainly make sure VNC ports are anebled on the firewall.

Also take in mind that VNC is alsways better to be combined with SSH tunnel as its encryption and vulnerability issues are well known.

ProFTP – Fatal: error processing configuration file ‘/etc/proftpd.conf’

This is quick one how to fix issue with ProFTPD returning this error:

Simply run :

And the issue sould be resolved.

Health check script Linux

Bellow I will present script checking Load Average on a Linux server which will send report if it becomes to high.
It is using Linux command ‘uptime’ which is pulling out server’s uptime as well as its Load Average:

In my script bellow I am using not the last minute load average, but the last five minutes (the second) one.
If you are not aware you can interpret a load average of “1.63, 0.70, 7.89” on a single-CPU system as:

– during the last minute, the system was overloaded by 63% on average (1.63 runnable processes, so that 0.73 processes had to wait for a turn for a single CPU system on average).

– during the last 5 minutes, the CPU was idling 30% of the time on average.

– during the last 15 minutes, the system was overloaded 698% on average (7.89 runnable processes, so that 6.98 processes had to wait for a turn for a single CPU system on average).

I have chosen the five minute interval as sending mails every minute is too aggressive in case of a server load. Also it could be something too short and handled by the server without notification.

* Note that some settings may need tuning because of changed/different command output

Once the script is ready you can set it as Cron. job Mine is set to check every 5th minute:

Windows Server 2012 Release Candidate (RC)

This is an announcement for the launch of Microsoft Windows Server 2012 Release Candidate (RC), the next release of Windows Server. Windows Server 2012 RC delivers a highly dynamic, available, and cost-effective server platform for private clouds. It offers businesses a scalable, dynamic, and multitenant-aware cloud infrastructure that securely connects across premises and allows IT to respond to business needs faster and more efficiently.

Microsoft offers a common set of tools and services that provide these capabilities, all of which either are found in Windows Server 2012 or easily integrate with it. When combined with a set of management tools, such as System Center 2012, Windows Server 2012 offers a complete private cloud solution. Windows Server 2012 provides the platform functionality that manages the physical servers, networking, and storage access, and enables the management layer built on top of it to expose these as a pool of compute, network, and storage resources.

Key Areas of Improvement Include:

Applications and Websites: Windows Server 2012 has multiple features that enable mission critical applications, improve website density and efficiency, and increase scalability and elasticity for multi-tenant enabled applications. It also enhances support for open standards, open source applications, and various development languages.

Network Virtualization: The Hyper-V Replica functionality of Windows Server 2012 allows migration and placement of virtualized workloads, including from on-premises to a hoster in the cloud, without regard to underlying physical network topology.

Manageability: Windows Server 2012 offers a multi-machine management experience, providing the customer with a cohesive view of their servers and roles.

Storage: Windows Server 2012 offers continuous availability ‘“ if a cloud component fails, there is no blackout period, no service interruption and no lost data.

World ipv6 day will be on 6 June 2012

World IPv6 DayLast 2011 World IPv6 Day was on June 8th and it was huge step forward for implementing IPv6 globally in Internet. It was involving websites and Internet service providers around the world, including Limelight Networks, Akamai, Facebook, Yahoo! and many more coming together to populate and enable IPv6 for their products.

This year 6 June 2012 will be the IPv6 World Day. Major ISPs, networking equipment manufacturers, web companies, and many more involved into the Internet industry will permanently enable IPv6 in their services.
Many participating websites in World IPv6 Day will join the global trial of the new protocol, IPv6. 24 hours event will demonstrate how the companies are prepared to move to IPv6-enabled Internet. If you wan to join the launch you can visits , and do not forget to test your IPv6 connectivity at