Fixing getpwnam(“nginx”) failed

If you’re compiling Nginx from source, you might be specifying the user and group flags at compile time.

If this is the case, you need to ensure that the users actually exist when you attempt to start Nginx.

How to fix getpwnam(“nginx”) failed

It’s easy to fix this issue, simply create the specified user (in this case, ‘nginx’) by issuing the following command:

useradd nginx

If you would prefer to create the user without a home directory, just add the --no-create-homeflag, as such:

useradd --no-create-home nginx

What does this fix?

Depending on the user you specified, this can fix many things, such as:

  • getpwnam(“root”) failed
  • getpwnam(“nginx”) failed
  • getpwnam(“www-data”) failed

Just make sure you create the user that it’s ‘failing’ under!

Advertisements

Fixing PEM routines:PEM_read_bio:bad end line error

Today we’ll be learning how to fix the following SSL error you might encounter when your SSL certificate has been misconfigured.

Most likely, you’ve concatenated both the intermediate CA bundle (typically intermediate.csr) and your SSL certificate together (SSL.crt), however, no line break has been created between each start and end points within the file, i.e.

-----END CERTIFICATE----------BEGIN CERTIFICATE-----

This can cause some serious issues because it cannot be interpreted, as you might have noticed.

How to Fix SSL PEM routines:PEM_read_bio:bad end line error

To fix this issue, fire up your text editor of choice and create a line break between the two files, i.e.

-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----

Tip: Count five hyphens at the start and end of the text.

You can now save the file and the error should be fixed!

Installing Siege Stress Tester on CentOS 6.3

Siege, similar to Apache Benchmark, is an amazing stress testing tool for your web-server. You can spin up a number of connections to simulate concurrency of transactions and gain invaluable insight into how your app or website might perform while under, well, stress!

How to Install Siege on CentOS 6.3

To get started, simply download Siege from the official website and unpack it using Tar:

cd /opt
wget http://www.joedog.org/pub/siege/siege-2.72.tar.gz
tar -zxvf siege-2.72.tar.gz

Next, navigate to the Siege folder and compile it:

cd /opt/siege-2.72
./configure
make && make install

You’re done, let’s confirm that Siege is working by checking its version:

siege -v

Siege Examples

Try running a few of the Siege Examples below (at your own discretion) to verify that your setup is working:

siege -c25 -t1M  www.example.com
siege -c25 -t50s  example.com

Common Errors

[alert] unsupported protocol

If you receive this error message, it means that you’re trying to Siege a website using https (SSL) without SSL installed – or – Siege cannot determine the location of your OpenSSL installation.

To fix this error, simply compile OpenSSL statically with Siege to get SSL support:

cd /opt
wget http://www.openssl.org/source/openssl-1.0.1e.tar.gz
tar -zxvf openssl-1.0.1e.tar.gz
cd siege-2.72.tar.gz
./configure -with-ssl=/opt/openssl-233

How to Install PPTP VPN Server on CentOS 6.x

Bare Bones (PPTP) VPN Installer for CentOS 6.x

Installation

To get started with your own secure VPN, simply execute the following commands at your servers command-line:

If you’re on Linode, you can simply rebuild your instance with the PPTP VPN Installer StackScript.

Note: OpenVZ users, currently one of the iptables rules used in this script is not virtualised in OpenVZ (masquerade). This means you will need to run this line of code once you have finished installing the CentOS PPTP VPN script for it to work:

iptables -t nat -A POSTROUTING -j SNAT --to-source x.x.x.x

Where x.x.x.x is your venet0 IP address

In addition to this, you will also need OpenVZ kernel 2.6.32

How do I connect to my VPN?

You can now connect to your VPN using your servers IP as the hostname (this depends on your VPN client)

The default username and password for your VPN server is:

Username: myuser
Password: mypass

Nginx IP Restrict Access WordPress wp-admin

This article will show you how to block all IP addresses to a specific folder (wp-admin) and only allow access to your IP address. Additionally, the blocked IP’s will be redirected to a location that you choose. This is a fantastic way to lock down your WordPress installation with minimal effort and maximum results.

How to block all access and redirect IP’s to wp-admin in Nginx

To get started, open up your Nginx site configuration file and add the following lines of code:

location ~ ^(wp-admin|wp-login.php) {
try_files $uri $uri/ /index.php?$args;
index index.html index.htm index.php;
    allow x.x.x.x;
    deny all;
    error_page 403 = @wp_admin_ban;
}

location @wp_admin_ban {
    rewrite ^(.*) http://mywebsite.com permanent;
}

This will only allow access to the IP you specify (i.e. x.x.x.x) and redirect all other IP’s to mywebsite.com.

Allow multiple IP’s access to wp-admin in Nginx

If you would like to allow access for multiple IP addresses to your wp-admin folder, this can be done by adding a another allow x.x.x.x; directive in your Nginx site configuration file:

location ~ ^(wp-admin|wp-login.php) {
try_files $uri $uri/ /index.php?$args;
index index.html index.htm index.php;
    allow x.x.x.x; # First IP to allow access
    allow x.x.x.x; # Second IP to allow access
    allow x.x.x.x; # Third IP to allow access
    deny all;
    error_page 403 = @wp_admin_ban;
}

location @wp_admin_ban {
    rewrite ^(.*) http://mywebsite.com permanent;
}