snakpak
Forum Replies Created
-
Forum: Plugins
In reply to: [Simply Static - The Static Site Generator] Doesn’t Generate, Can’t CancelI have the exact same problem, it’s too bad no one else responded. In my case, the Diagnostics section is all green except for “Checking if WordPress can make requests to itself”. The generate button has been running for a day with no output, and I can’t cancel it. I’m thinking to remove & reinstall the plugin at this point, and/or reset it.
Forum: Plugins
In reply to: [SSH SFTP Updater Support] determining path to WordPressI figured this out, the plugin assumes the location of the wordpress files are in the same place relative to / as when the user logs in. Since this isn’t the case in my environment, I CHROOTED my SFTP users and then mounted a nullfs filesystem to fake it into working, so the SFTP user appears to have full access to everything on the server but in fact only has read/write access to the WordPress folder.
For the benefit of other people, there’s a quick summary of how to do this on FreeBSD if your web server is inside a secure jail. First, just follow this tutorial to CHROOT sshd and then add a user for WordPress to use: http://bsdtutorial.org/freebsd/sftp-chroot/
Then all you need to do is mount part of your jail’s filesystem inside the wordpress-user directory. The user will *only* have access to the wordpress files and not the rest of the web server, so it’s a much safer way to implement remote access using this plugin. Here’s an example of how to do this as root, using “wordpress-user” as the user and an obvious path to the jailed environment.
# chown -R root:chroot /home/wordpress-user # mkdir -p /home/wordpress-user/usr/jails/webjail/usr/local/www/apache24/mysite # chown -R flouken:chroot /home/wordpress-user/usr # mount_nullfs /usr/jails/webjail/usr/local/www/apache24/mysite /home/wordpress-user/usr/jails/webjail/usr/local/www/apache24/mysite # chmod -R 775 /usr/jails/webjail/usr/local/www/apache24/mysite # chown -R wordpress-user:www /usr/jails/webjail/usr/local/www/apache24/mysiteThen when the wordpress-user logs in, it will *only* have read/write access to “mysite” and absolutely nothing else. Much safer if WordPress gets compromised and your SFTP credentials are stolen – the user cannot break out of the wordpress directory. If all is working you can then add an entry into /etc/fstab to make the mount_nullfs permanent upon reboot of the server.
Hopefully this helps someone out there who also runs their web servers inside secure jails… the Internet would be a safer place overall if more people did this.