Installing plugins in a duplicate folder (from wordpress)
-
I used the plugin ‘Duplicator’ to duplicate my wordpress folder as two external files (the archive and php installer) and uploaded those into the projectionpictures folder with this path projection (name of the server)/web/projectionpictures.
I then opended the php file to complete the installation.
However when I sign into http://192.168.1.234/projectionpictures/wp-login.php and try to install or update further plugins I’m asked to enter connection information for the ftp address of my Synology unit. I’m not sure what the ftp address is but Synology inform me that port 21 is open. I don’t know what the ftp username or password is either, unless I do and don’t realise it.What do I have to do now so further plugins can be installed and updated in the newly created projectionpictures as I intend to make it a live site once the plugin problem is solved.
-
I decided to manually reinstall phpmyadmin in the dsm (I didn’t ‘stop’ it or ‘uninstall’ it beforehand) and now I can open it but the database for wordpress and projectionpictures aren’t in there (I thought they might stay there). You did suggest reinstalling it before.
But the projectionpictures WP dash is still working and I even installed a plugin that wanted to be updated and that went in. I didn’t think it would, please forgive my ignorance about this.
The original wordpress dashboard is still working.
How do I reinstall the database for each in the phpmyadmin if I don’t have a an sql back up from inside the phpmyadmin. I do but there few weeks out of date for the projectionpictures website. Not that my site is that complicated.
I took this action based on your first paragraph to my last reply.
I’ve changed the root password in phpmyadmin it created last time in its own generator, for the three user accounts that are in there.
So tonight I attempted to transfer from http to https, before I did that I did some back ups.
First I backed up the databases in phpMyAdmin.
However I had to use nord vpn through Romania with internet explorer to download the archive file from Duplicator and the wpress file from All in one WP migration for projectionpictures. Admittedly there is a size issue wpress is 354MB and the archive file is 125MB.
Opera refused to download the big archive file generated by Duplicator or to downloaded the wpress file from All in one WP migration.
I then used better search replace to go from http to https for projectionpictures. I also saved the permalinks in Setting. So the site URL and home are now https. However I couldn’t log back into the WP dashboard for projectionpictures and the website wouldn’t appear even though. There are two security certificates in the DSM one from Lets Encrypt the other from my 1and1 domain provide. Now we did disable it and as a consequence of that both internet explorer and Opera.
Opera gave this message:
You attempted to reach
www.projectionpictures.com, but the certificate that the server presented has been revoked by its issuer. This means that the security credentials the server presented absolutely should not be trusted. You may be communicating with an attacker.You cannot visit
www.projectionpictures.comright now because the SSL certificate has been revoked. Network errors and attacks are usually temporary, so this page will probably work later.Internet Explorer:
This organization’s certificate has been revoked.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.Should I simply transfer all the virtual hosts to the Lets Encrypt certificate and delete the 1and1 entirely (which needs to be issued again by 1and1, as that is the revoked one). Or would I be any better of using ‘Really Simple SSL’ plugin, is it any good and does it have to be linked to anything is the DSM.
I feel if you have to many SSL certificates search engines start to tell you, that you have mismatched certificates which happened before.
I don’t know anything about that Really Simple SSL plugin beyond reading their info page at the WP dot org site. If the search and replace operation went well, I don’t think the plugin will be of much benefit.
I haven’t used it as it might be in conflict with the one in survelliance that isn’t configured correctly and a youtube link further down states not to use with a reason.
I think I would install the Lets Encrypt SSL certificate. It’s probably easier to manage than 1&1. Overall, it doesn’t really matter as long as one is in place. I don’t know if switching certs affects SEO or not. It’s possible. In any case, you need to set one up at least one more time no matter what. Then there’s no reason to change after that with either cert source.
Not sure if I’m going to use Let’s Encrypt yet as I find it difficult to get the DMS to cooperate with Lets encrypt site externally. Very hit and miss.
Sorry to hear Photo.scr is back. There is clearly a security breach somewhere. These can be very difficult to find. My only experience with breaches like that are on commercial hosted servers. In that situation, the only way to clear the breach for us mere mortals is to wipe our share of the server and restore from backup. We’re primarily talking about data files like WP, images, and DB content. The other option is to hire an expert to clean things up. This is the only option if there is no clean backup and one does not wish to lose data.
I had to delete the contents of the folders in the web/ directory for projectionpictures and phpmyadmin entirely. As I had entire backups of both but there was a slight difference in their dates when I had created them. However I did manage to use this method to get the projectionpictures WP Dash back and the website is live again. Took about 2 hours of thought and practice to figure that out. Not sure if photo.scr will return though. I did a search for it in projectionpictures in file station, but so far nothing. It seems doing a a search in explorer (as I have enabled the SMB facility in the DSM) often brings up more photo.scr than doing a search inside file station within the DSM alone. I was though surprised to fix it how I have done using the method I used. I did loose entry into the phpmyadmin for 30mins as I was getting a red banner saying the config.php was not writable. In uploading the complete database again the permissions in the web/ folder for phpmyadmin had changed. So it should be owner ‘root’ with ‘administrator’ and ‘system’ in FULL CONTROL with ‘http’ as custom (read & write) only.
I then tried unsuccessfully to use a pre-existing ssl certificate in the security section of DSM to migrate across to https. Unfortunately as it was issued to projection.synology.me (lets encrypt previously) so it wouldn’t work with projectionpictures.com as its the wrong domain. I watch a youtube video about migrating across on this link
It raised the use of this site to check your domains compatibility for SSL before and after migrating to https –
It told me that the projection.synology.me had the wrong name even though in the description of it in the DSM I had written the projectionpictures name with https before it. It was who it was issued to that was wrong.
Once I knew this I tried to import a 1and1 certificate I already had one my laptop into the security screen but this was BEFORE I had reactivated in the 1and1 console for the .com version of projectionpictures. The DSM screen hanged as the procedure interpreted the certificate I was trying to create as revoked. So I closed the web page and after that the DSM login screen refused to appear and nor did the projectionpictures WP DB either. So again I had to find out how to get back into the DSM. Answer is using a paper-clip in the reset hold at the back of the Synology box for 4 seconds or until it bleeps once, then releasing. This allows me to get to the login screen generate a new password and enter the DSM interface again, do a few alterations that the reset does and I was back in (as that reset only resets the password and doesn’t affect whats on the drives inside). I had to put the DSM back to http from https. I was doing all this at about 1.30am this morning.
When I went back to the survelliance screen the projection.synoloy.me certificate had gone and replaced with the 1and1 I was trying to install however in the results I got back from
it appears to be damaged with this result:
SSL Certificate Info
Certificate Issuer DigiCert Inc
Certificate Type Encryption Everywhere DV TLS CA – G1
Issued On 2018-07-25Force HTTPS Your webserver is not forcing the use of SSL.
You may want to add a redirect to ensure a secure connection is used.Invalid Intermediate (BAD)
You have an invalid or missing intermediate (bundle) certificate. This may not break your padlock on all browsers, but will on others. Please contact your SSL Vendor for assistance with this error.Domain Matching Your SSL certificate matches your domain name!
Protected Domains:
*.projectionpictures.com
projectionpictures.comSignature Your SSL certificate is using a sha256 signature!
Expiration Date Your SSL certificate is current. Your SSL certificate expires in 145 days. (2019-07-22)
I am now at crossroads about which provider to use for the SSL certificate. I have activated the 1and1 again but the issuer to is projectionpictures.com not https:// in front of it and I selected ‘my own server’ in the option box.
Before I go ahead and have another attempt at doing the SSL I thought I would ask your view on who I should go with for the provider of the SSL. Can you get a free Lets Encrypt directly from their website?
I’ve managed to install two lets encrypt certificates for the simple reason being on the last screen where you enter the:
Domain: http://www.projectionpictures.com
email: me email address
Subject alternative Name: projection.synology.meI didn’t realise that the last entry ‘Subject alternative Name’ had to be the actual assigned name of your server or you can leave it blank. I was putting alternative for projectionpictures, ie .co.uk. Which is Wrong!
And now whynopadlock is also happy ! see results below.
SSL Connection – Pass
SSL Certificate Info
Certificate Issuer Let’s Encrypt
Certificate Type Let’s Encrypt Authority X3
Issued On 2019-02-26Force HTTPS Your webserver is forcing the use of SSL.
Valid Certificate Your SSL Certificate is installed correctly.
Domain Matching Your SSL certificate matches your domain name!Protected Domains:
projection.synology.me
http://www.projectionpictures.comSignature Your SSL certificate is using a sha256 signature!
Expiration Date Your SSL certificate is current. Your SSL certificate expires in 89 days. (2019-05-27)Mixed Content – Pass
You have no mixed content.I have also installed a 2nd lets enrypt certificate supposedly to cover the http IP login for the DSM, but I’m getting a mismatched certificate, interestingly when I entered details again for the last screen. I can still enter the DSM but ‘certificate error’ (mismatched) for Opera and Internet Explorer.
Domain: projection.synology.me
email: my email address
Subject alternative Name: [I left this blank]HOWEVER one irony I can only see my live website on any of my devices through the Nord VPN service I choose Romania, if I switch it off I cant see the site and I can’t login to the projectionpictures WP dash either.
In the virtual host I have these variants:
projectionpictures.co.uk
http://www.projectionpictures.co.uk
projectionpictures.com
http://www.projectionpictures.com
projectionpictures/wp-login.phpIn the certificates there is:
System Default
FTPS
WebDav Server
projectionpictures.co.uk
http://www.projectionpictures.co.uk
projectionpictures.com
http://www.projectionpictures.com
projectionpictures/wp-login.phpand all of those are using issued to: http://www.projectionpictures.com certificate
and the projection.synology.me certificate isn’t covering anything its just there.How can the IP address for the DSM problem be sorted, I could delete the projection.synology.me certificate, but I don’t think it will affect the certificate error as I had it after I created the first one which is being used with the live site.
Your thoughts.
As we know I can’t see my live website or the wordpress dash for it unless I use the Nord VPN service to locate my IP in Rommania.
We think the TalkTalk server is doing this. There is a custom option I in the firewall that will allow me to change the action direction on port numbers to anyone of these:
accept from local
accept from remote
accept in both way
reject from local
reject from remote
reject in both wayBy default everyone is set to ‘Accept from Local’
The numbers below appear only in the Remote Port column the Local Port column is empty throughout.
80
443
21 (switched off) (local IP 192.168.1.234)
20 (switched off) (local IP 192.168.1.234)
53
23
22
143
993
110
995
25
465
119
123
587With regards to the Synology IP address I think I might raise a support ticket with them and ask them which virtual host entries have to be assigned to the projection.synology.me certificate as the projectionpictures.com certificate isn’t sufficient in itself to padlock the servers IP address.
The topic ‘Installing plugins in a duplicate folder (from wordpress)’ is closed to new replies.