/var/log/auth.log gets filled with

May 3 12:55:56 localhost sshd[109454]: rexec line 31: Deprecated option UsePrivilegeSeparation
May 3 12:55:56 localhost sshd[109454]: rexec line 34: Deprecated option KeyRegenerationInterval
May 3 12:55:56 localhost sshd[109454]: rexec line 35: Deprecated option ServerKeyBits
May 3 12:55:56 localhost sshd[109454]: rexec line 60: Deprecated option RSAAuthentication
May 3 12:55:56 localhost sshd[109454]: rexec line 67: Deprecated option RhostsRSAAuthentication
May 3 12:55:56 localhost sshd[109454]: error: Unable to load host key: /etc/ssh/ssh_host_dsa_key

Hi
I noticed that you have a long list of plugins in your blacklist.
How to appeal and make plugin out of your blacklist?
In this case, plugin is marked as excessive logging. Does it mean plugin is generating excessive log in error log therefor is blacklisted?

set timezone

if [[ -z "$SS_TIMEZONE" ]]; then
timedatectl set-timezone UTC
else
timedatectl set-timezone @SS_TIMEZONE
fi

I believe it should be read $SS_TIMEZONE since its not sed'ed

Back then it was my liking, nice UI, low prices... than came 2 years of measurements

See 160 server providers https://github.com/szepeviktor/wordpress-speedtest and reconsider using popular providers.

I get this error when I run ss-purge:

Purging all caches (PHP OPcache, WP transients, Redis object cache, and FastCGI (Nginx) cache...
ERROR 1045 (28000): Plugin sha256_password could not be loaded: /usr/lib/x86_64-linux-gnu/mariadb19/plugin/sha256_password.so: cannot open shared object file: No such file or directory

Everything works fine, I am using a remote database, however I don't like the error messages. It also seems strange to me that a mariadb plugin is needed.

Hi I wanted to use Slick stack but when i put your command it show 404 erro

(/etc/init.d/php7.2-fpm restart <--- should be remove in ss-update)

After running ss-update manually, I rebooted server and got lock out,
I notice that somehow /etc/ufw/user.rules was back to original version,
maybe because of a apt-get update ?

I had to manually
wget -O /tmp/user.rules http://mirrors.slickstack.io/ufw-firewall/user-rules.txt
sed -i "s/@SSH_PORT/${SSH_PORT}/g" /tmp/user.rules
cp /tmp/user.rules /etc/ufw/user.rules

Before submitting this message, I ran again ss-update and /etc/ufw/user.rules got
override by default again, I dont know where exactly in the processus this happen
I will try if I have time today to run the script step by step

Hello,

I'm getting a 400 Error when trying to import any demo with the following theme: GeneratePress.

I've tried to use it on another VPS without SlickSlack, and the import works.
I've searched for a solution on internet without any result.
Any suggestion?

SS_MU_PLUGINS get broken up ss-update because it set SS_TYPE instead of SS_MU_PLUGINS

if [[ -n "$SS_MU_PLUGINS" ]]; then
sed -i "s|(^SS_MU_PLUGINS=).*|SS_TYPE="$SS_MU_PLUGINS"|g" /tmp/ss-config
fi

Thanks for this. I would like to upgrade PHP, MySQL and NginX. Any preferred method?

Dropping in MariaDB 10.4 works like a charm. PHP 7.3.5 does not. I have not tried NginX as I am sure everything will brake :)

Hi, out of curiosity, when I turn on maintenance, I get this message

Notice: Maintenance Mode is currently enabled, and the frontend is inaccessible to unprivileged users. View Settings

But as a admin, I would guess I am a privileged user, but I still get the "We’ll be back online as soon as possible." page, I have no frontend access. is that normal ?

Here is my settings

SSL_TYPE="certbot"
SSL_EMAIL="[email protected]"
SSL_EMAIL_ALERTS="false"
WP_MULTISITE="false"
SITE_TLD="domain.net"
SITE_DOMAIN="www.domain.net"

in ss-encrypt this if block gets called

subdomain (www is irrelevant) + no email alerts (or missing)

elif [[ "$SSL_EMAIL_ALERTS" != "true" ]] && [[ $SITE_DOMAIN == ..* ]]; then
o certbot delete --cert-name ${SITE_TLD}
o certbot delete --cert-name ${SITE_DOMAIN}
o certbot certonly --noninteractive --agree-tos --cert-name ${SITE_DOMAIN} -d ${SITE_DOMAIN} --register-unsafely-without-email --webroot -w /var/www/html/

I don't know if its de default behavior but domain.net doesn't end up with a valid SSL
the SITE_TLD ends up with no cert

when calling www.domain.net it works but domain.net has cert for www.domain.net which fire a security warning

Hi!

This is not really an issue but more a feature request.
Since most of the site I admin would never require a staging feature as they are always
updated on different machines, I would like to have an option in ss-config to disable it beside
settings its cronjob to never and wiping the staging directory.

Thanks

Needs to be updated

if [[ "${UBUNTU_VERSION}" != "20.04" ]]; then
echo -e "\e[93mSlickStack is designed for Ubuntu 18.04, but this server is running Ubuntu ${UBUNTU_VERSION}.\e[0m" >&2
exit 1
fi

Hello,

I have installed the slickstack github, all installation went ok.
In dashboard i see the following warnings in php error log.

PHP Warning: Invalid argument supplied for foreach() in /var/www/html/wp-cron.php on line 111
PHP Warning: include_once(/var/www/html/wp-content/functions.php): failed to open stream: No such file or directory in /var/www/html/wp-config.php on line 405
PHP Warning: include_once(): Failed opening '/var/www/html/wp-content/functions.php' for inclusion (include_path='.:/usr/share/php') in /var/www/html/wp-config.php on line 405

And so on everytime i click someting.

Any help is apreciated.
Thank you!

shellcheck taught me a lot

find . -type f "(" -name "*.txt" -or -name "*.sh" ")" -exec grep -Fxnl '#!/bin/bash' "{}" ";" | xargs -L1 shellcheck -e SC1091

Hi,

As I was playing with SlickStack, I found that WP Desk company along with its plugin flexible-shipping-ups was marked as blacklisted because of "poor coding, serious errors, better options exist". It so happens that I can fix this plugin.
Could you please provide me with more information on what exactly is this plugin doing wrong and what can be done to avoid being blacklisted?
Also, as far as I know, there is no other free option for UPS live rate calculation other than this plugin.

/sites-enables/default

    ## sensitive wordpress urls should always skip the cache
    if ($request_uri ~* "index.php|/account.*|/cart.*|/checkout.*|/contact.*|/dashboard.*|/login.*|/my-.*|/order.*|/profile.*|/register.*|/settings.*|/view.*|/wc-api.*|/wp-admin.*|wp-.*.php") {
        set $skip_cache 1;
    }

In french, we use panier instead of cart etc,

Is it a possibility to eventually add multilang support or a custom skip cache options for
other language than English ?

Is not possible start mysql sever.

$ sudo systemctl start mysql
Job for mysql.service failed because the control process exited with error code.
See "systemctl status mysql.service" and "journalctl -xe" for details.
$ systemctl status mysql.service
● mysql.service - MySQL Community Server
     Loaded: loaded (/lib/systemd/system/mysql.service; enabled; vendor preset: enabled)
     Active: activating (start) since Mon 2020-07-13 20:40:03 UTC; 1min 29s ago
    Process: 5916 ExecStartPre=/usr/share/mysql/mysql-systemd-start pre (code=exited, status=0/SUCCESS)
   Main PID: 5924 (mysqld)
     Status: "Server startup in progress"
      Tasks: 16 (limit: 4683)
     Memory: 391.8M
     CGroup: /system.slice/mysql.service
             └─5924 /usr/sbin/mysqld
$ journalctl -xe
Hint: You are currently not seeing messages from other users and the system.
      Users in groups 'adm', 'systemd-journal' can see all messages.
      Pass -q to turn off this notice.
-- A start job for unit UNIT has finished successfully.
--
-- The job identifier is 2.
Jul 13 19:12:52 server-two systemd[944]: Reached target Main User Target.
-- Subject: A start job for unit UNIT has finished successfully
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- A start job for unit UNIT has finished successfully.
--
-- The job identifier is 1.
Jul 13 19:12:52 server-two systemd[944]: Startup finished in 75ms.
-- Subject: User manager start-up is now complete
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The user manager instance for user 1001 has been started. All services queued
-- for starting have been started. Note that other services might still be starting
-- up or be started at any later time.
--
-- Startup of the manager took 75266 microseconds.
Jul 13 19:21:07 server-two sudo[1377]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory

Sorry for over posting.. but I can't seem to get it working,..
I try to deploy a wp multisites subdomain,

ss-config
SITE_TLD="domain.xyz"
SITE_DOMAIN="domain.xyz"
WP_MULTISITE="true"
WP_MULTISITE_SUBDOMAINS="true"
WP_MULTISITE_DOMAIN_MAPPING="false"
SSL_EMAIL="[email protected]"
SSL_EMAIL_ALERTS="false"

with these settings I get to this point

not a subdomain + does not contain www + no email alerts (or missing)

certbot delete --cert-name domain.xyz
certbot certonly --noninteractive --agree-tos --cert-name domain.xyz -d domain.xyz -d www.domain.xyz --register-unsafely-without-email --webroot -w /var/www/html/

That doesn't gives me a wildcard for multisite... it got catch by the if's before it reaches the multisites section,

to force the script to reach the 'multisites' section I added
[[ "$WP_MULTISITE" != "true" ]] &&
to all the if's before the multisites sections then I get to this

multisite (subdomains) + main site not a subdomain + main site does not contain www + no email alerts

certbot delete --cert-name domain.xyz
certbot certonly --noninteractive --agree-tos --cert-name domain.xyz -d *.domainxyz -d domainxyz --register-unsafely-without-email --webroot -w /var/www/html/
now I think it reaches the 'right' if block but here is the problem I think.. in the parsing

SITE_DOMAIN_ONE="*.${SITE_DOMAIN//**$www**./}"
SITE_DOMAIN_TWO="${SITE_DOMAIN//**$www**./}"

the "$www" gets evaluated as an empty var the the dot of the domain gets stripped

multisite (subdomains) + main site not a subdomain + main site does not contain www + no email alerts

ZZZZ
certbot delete --cert-name domain.xyz
certbot certonly --noninteractive --agree-tos --cert-name domain.xyz -d *.domainxyz -d domainxyz --register-unsafely-without-email --webroot -w /var/www/html/

if I replace by

SITE_DOMAIN_ONE="*.${SITE_DOMAIN//www./}"
SITE_DOMAIN_TWO="${SITE_DOMAIN//www./}"

without the $www

It seems to work.

I noticed the "$www." in others of block too

Hello,

I've just installed SlickStack successfully on my VPS (Ubuntu 18.04 - 4GB RAM).
It's running smoothly, but I'm getting a persistent error logged by PHP Error Log in Wordpress' dashboard.

Here you go:
PHP Warning: include_once(/var/www/html/wp-content/functions.php): failed to open stream: No such file or directory in /var/www/html/wp-config.php on line 410

"wp-confing.php" is trying to include a "functions.php" that should be inside the "wp-content" folder. The real problem is that, there should't be a functions.php file in that folder. At least, vanilla wordpress doesn't have that file.

I hope there's a solutions to it.
If you need further info, I'm available

Hello,

Since yesterday I see this new warning in the error log:

PHP Warning: Use of undefined constant https - assumed 'https' (this will throw an Error in a future version of PHP) in /var/www/html/wp-content/mu-plugins/xxx-notices.php on line 68

I think you can fix the problem using quotes:

instead of $prod_link = home_url( $path = '', $scheme = https ); use
$prod_link = home_url( $path = '', $scheme = 'https' );

Thank you!

Thanks for sharing this great stack.

Can you please provide more details on which Cloudflare API key and permissions are needed to get Cloudflare running. I am using a Cloudflare account for multiple websites with a different TLD.

I currently used the ZONE ID token, however within the Wordpress settings i get an invalid request header error. Therefore, I like to set up an API token with specific permissions instead of using the Global API Key.

What permissions does the slickstack needs when creating a custom API token?

Thank you for helping me out on this.

Greetings from Berlin ;)

WP_ALLOW_REPAIR found within the wp-config.php file should be set to false unless it's specifically being used. Any visitor can run database repairs and optimizations on a site with it enabled, regardless of whether or not they are logged in.

Try it by visiting yoursite/wp-admin/maint/repair.php

define('WP_ALLOW_REPAIR', false);

First several attempted installs was on Vultr droplet with 2048 MB Memory using Ubuntu 18.04, but the nginx install seemed to fail and service wouldn't start. I followed the instructions on the readme and did a "sudo reboot" after the install. I reattempted 3x on separate droplets and got this error in nginx log:

2019/05/23 01:03:39 [emerg] 15746#15746: invalid number of arguments in "return" directive in /etc/nginx/sites-enabled/default:21

I fixed some lines with ";" issues in that default file, but then got this error:

2019/05/23 04:00:27 [emerg] 1542#1542: BIO_new_file("/etc/ssl/nginx.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/nginx.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

After that I decided to try installing on Vultr droplet with 2048 MB Memory using Ubuntu 16.04, This time, there was no nginx error during the installation! On restart, it didn't look like the nginx service started, so I started it "service nginx restart" Once started, the site is now showing a 502 Bad Gateway error. Here is the nginx error logs:

from /var/log/nginx/:
2019/05/23 04:26:10 [info] 14999#14999: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:184
2019/05/23 04:27:10 [info] 25663#25663: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:184
2019/05/23 04:30:31 [info] 2308#2308: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:184
2019/05/23 04:30:46 [info] 2338#2338: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:184
2019/05/23 04:36:58 [info] 2297#2297: Using 32768KiB of shared memory for nchan in /etc/nginx/nginx.conf:184

from /var/www/logs/:
2019/05/23 04:30:55 [crit] 2347#2347: *5 connect() to unix:/run/php/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: xxx.xxx.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "xxx.xxx.com"
2019/05/23 04:31:03 [crit] 2347#2347: *5 connect() to unix:/run/php/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: xxx.xxx.com, request: "GET /wp-admin/ HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "xxx.xxx.com"
2019/05/23 04:37:09 [crit] 2304#2304: *5 connect() to unix:/run/php/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: xxx.xxx.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "xxx.xxx.com"
2019/05/23 04:47:01 [crit] 2304#2304: *11 connect() to unix:/run/php/php7.2-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: xxx.xxx.xxx.xxx, server: xxx.xxx.com, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.2-fpm.sock:", host: "xxx.xxx.com"

Other info:
ss-config updated following comments in file and made sure to set up Cloudflare api as well as point cloudflare to vultr droplet

Any suggestions?

Hi!
SFTP_DETAILS_PORT seems to be hardcoded in the wp-config.php
since it doesnt reflect the SSH_PORT in ss-config
define('SFTP_DETAILS_PORT', '6969'); // ss = 6969

sftp-details' info in wp-admin always show 6969

On http://mirrors.slickstack.io/ubuntu/
the link http://mirrors.slickstack.io/ubuntu/sysctl-conf.txt
should be http://mirrors.slickstack.io/ubuntu/sysctl.txt

The default for a UDS is 128 connections.

After 128 concurrent connections between nginx and php-fpm, you start getting errors.

(replicate with using apachebench, ab -n 10000 -c 150 localhost/some_simple.php)

I suggest setting the net.core.somaxconn to 4096 as a minimum with the current nginx config, or 65535.

I think conventional wisdom is that at high concurrency, you really want to be using loopback instead of the domain socket for php-fpm at the level you are setting nginx at.

Appreciate all the work you've done combining all the various nginx settings together and citing the sources!

-zardoz

I am seeing this error repeat over and over in the PHP Error Log snap-in in the dashboard. Any idea on what could be causing this? I literally just installed and haven't really done anything beyond that.

PHP Warning: Invalid argument supplied for foreach() in /var/www/html/wp-cron.php on line 117

Hey,

Trying to get my head around this simple question and don't want to mess with any permission etc. on this clean ss installation.

I am trying to replace the file apple-developer-merchantid-domain-association within the directory www/html/.well-known. However, the sftp user doesn't have writing permission to that file since it's owner is www-data.

Stripe asks me to replace this file in order to get the Apple Pay feature activated on my WordPress and WooCommerce installation.

What is the best way to replace this file?

Once again, thank you for this stack and your work. I really appreciate it!

Best,
Dennis

in ss-perms
ss-perms:96:mkdir touch /var/www/meta/.ssh

I beleive mkdir should be removed

I am still too unexperimented to fork and submit work. I have a few codes suggestions

• Possibility to enable / disable SSH _PORT on ipv4 and/or ipv6
• Possibility to restrain which IPs are allowed to ssh / sftp
• Letting ufw generate user.rules and user6.rules by itself to prevent faulty rules

The code seems to work fine though a review is highly recommenced.

ss-config

SSH_ALLOW_IPV4="true"
SSH_ALLOW_IPV6="false"

SSH_IPV4_LIST=""
SSH_IPV6_LIST=""

ss-install

####################################################################################################
#### SS-Install: Configure UFW Firewall + Set UFW Rules ############################################
####################################################################################################

## delete tmp files ##
rm /tmp/ufw*
rm /tmp/user*

## install ufw ##
apt install ufw

## ufw force disable in case something goes wrong ? ##
ufw --force disable

# Getting rid of possible faulty rules
echo '' > /etc/ufw/user.rules
echo '' > /etc/ufw/user6.rules

# Deny all incoming
ufw default deny incoming

# Allow all outgoing
ufw default allow outgoing

# Allow http
ufw allow http

# Allow https
ufw allow https

# SSH ipv4 allowed ?
if [[ "${SSH_ALLOW_IPV4}" == "true" ]]; then

  if [[ -z "${SSH_IPV4_LIST}" ]]; then
    ufw allow proto tcp to 0.0.0.0/0 port $SSH_PORT
  else

    for sship in ${SSH_IPV4_LIST}
    do
      ufw allow from $sship to any port $SSH_PORT
    done

  fi

fi

# SSH ipv6 allowed ?
if [[ "${SSH_ALLOW_IPV6}" == "true" ]]; then

  if [[ -z "${SSH_IPV6_LIST}" ]]; then
    ufw allow proto tcp from ::/0 to any port $SSH_PORT
  else
    for sship in ${SSH_IPV6_LIST}
    do
      ufw allow proto tcp from $sship to any port $SSH_PORT
    done
  fi

fi

# retrieve latest versions ##
wget -O /tmp/ufw http://http://mirrors.slickstack.io//ufw-firewall/ufw.txt
wget -O /tmp/ufw.conf http://http://mirrors.slickstack.io//ufw-firewall/ufw-conf.txt

## copy files to their destinations ##
cp /tmp/ufw /etc/default/ufw
cp /tmp/ufw.conf /etc/ufw/ufw.conf

## reset permissions ##
chown root:root /etc/default/ufw
chown root:root /etc/ufw/ufw.conf
chmod 0664 /etc/default/ufw
chmod 0664 /etc/ufw/ufw.conf

## delete tmp files ##
rm /tmp/ufw*
rm /tmp/user*

# Restart ufw
service ufw restart
ufw --force reload
ufw --force enable

ss-update

####################################################################################################
#### SS-Update: Configure UFW Firewall + Set UFW Rules (In Case Apt Overwrites UFW Files) ##########
####################################################################################################

## at least one case reported where ss-update resulted in UFW config being overwritten ##
## therefore we include this reinstallation of UFW to ensure no port lockouts ##

## delete tmp files ##
rm /tmp/ufw*
rm /tmp/user*

## install UFW firewall ##
apt install ufw

# Getting rid of possible faulty rules
echo '' > /etc/ufw/user.rules
echo '' > /etc/ufw/user6.rules

# Deny all incoming
ufw default deny incoming

# Allow all outgoing
ufw default allow outgoing

# Allow http
ufw allow http

# Allow https
ufw allow https

# SSH ipv4 allowed ?
if [[ "${SSH_ALLOW_IPV4}" == "true" ]]; then

  if [[ -z "${SSH_IPV4_LIST}" ]]; then
    ufw allow proto tcp to 0.0.0.0/0 port $SSH_PORT
  else

    for sship in ${SSH_IPV4_LIST}
    do
      ufw allow from $sship to any port $SSH_PORT
    done

  fi

fi


# SSH ipv6 allowed ?
if [[ "${SSH_ALLOW_IPV6}" == "true" ]]; then

  if [[ -z "${SSH_IPV6_LIST}" ]]; then
    ufw allow proto tcp from ::/0 to any port $SSH_PORT
  else
    for sship in ${SSH_IPV6_LIST}
    do
      ufw allow proto tcp from $sship to any port $SSH_PORT
    done
  fi

fi



# retrieve latest versions ##
wget -O /tmp/ufw http://mirrors.slickstack.io/ufw-firewall/ufw.txt
wget -O /tmp/ufw.conf http://mirrors.slickstack.io/ufw-firewall/ufw-conf.txt

## copy files to their destinations ##
cp /tmp/ufw /etc/default/ufw
cp /tmp/ufw.conf /etc/ufw/ufw.conf

## reset permissions ##
chown root:root /etc/default/ufw
chown root:root /etc/ufw/ufw.conf
chmod 0664 /etc/default/ufw
chmod 0664 /etc/ufw/ufw.conf

## delete tmp files ##
rm /tmp/ufw*
rm /tmp/user*

# Restart ufw
service ufw restart
ufw --force reload
ufw --force enable

zardoz-bzar/clearlinux-ecommerce@92e31b3#diff-4aab37fabb3b33d71273effeab104bb7

Gave you a shout out in the commit message. Check my bits at the bottom below line 83 for removing an running the actual commands mysq_secure_installation runs, but is more reliable due to not using expect (in case the patterns change in a release).

Cheers!

Hello,

I see this warning in the error log file, but I don't know what is generating it, could you tell me if slickstack is interacting in someways with this wordpress file?

Anyway it looks something related to permissions:

PHP Warning: chmod(): Operation not permitted in /var/www/html/wp-admin/includes/class-wp-filesystem-direct.php on line 168

Thank you!

Here is what I noticed when I run ss-dump

this line ---> mysqldump --user=root --host="$DB_HOST" --protocol=tcp --port=3306 --dump-date --flush-privileges --force "$DB_NAME" > /var/www/meta/wp.sql

root@localhost:/var/www# ./ss-dump
Dumping the live MySQL database to /var/www/meta/wp.sql...
mysqldump: Got error: 1045: Access denied for user 'root'@'127.0.0.1' (using password: YES) when trying to connect
SUCCESS! The MySQL database was dumped to /var/www/wp.sql.

I got this error,
if I remove --host="$DB_HOST" --protocol=tcp --port=3306
it dumps well no warning.
./ss-dump

Dumping the live MySQL database to /var/www/meta/wp.sql...
SUCCESS! The MySQL database was dumped to /var/www/wp.sql.
root@localhost:/var/www#

Example : I use a custom blacklist because I need to white-list a plugin, say 'easy-wp-smtp'
PLUGIN_BLACKLIST_SOURCE="path to my custom blacklist.txt"

Within ss-clean there is a hardcode
rm /var/www/html/wp-content/plugins/easy-wp-smtp* ## blacklist risk (smtp)

Should not there be instead a

for blacklisted_plugin
rm blacklisted_plugins

This would enforce the blacklist and permit custom blacklist.

during the installation I received these errors and then it stops, wordpress is installed but without the SSL certificate.

I also lose FTP and SSH access even using the username and password that I put in the configuration.

About redis: Is it necessary to use a plugin for it to work?

Thank you in advance

The user `www-data' is already a member of `wordpress'.
chown: cannot access '/var/www/4-cron-daily': No such file or directory
chown: cannot access '/var/www/5-cron-weekly': No such file or directory
chown: cannot access '/var/www/6-cron-monthly': No such file or directory
chown: cannot access '/var/www/7-cron-sometimes': No such file or directory
chmod: cannot access '/var/www/4-cron-daily': No such file or directory
chmod: cannot access '/var/www/5-cron-weekly': No such file or directory
chmod: cannot access '/var/www/6-cron-monthly': No such file or directory
chmod: cannot access '/var/www/7-cron-sometimes': No such file or directory
find: ‘/var/www/html/uploads/’: No such file or directory
mkdir: cannot create directory ‘/var/www/html/wp-content/temp’: File exists
chown: cannot access '/var/www/html/wp-content/blacklist.txt': No such file or directory
chmod: cannot access '/var/www/html/wp-content/blacklist.txt': No such file or directory
mkdir: cannot create directory ‘/var/www/logs’: File exists
mkdir: cannot create directory ‘/var/run/php’: File exists
mkdir: cannot create directory ‘/var/www/cache’: File exists
chown: cannot access '/etc/nginx/cache': No such file or directory
chmod: cannot access '/etc/nginx/cache': No such file or directory
find: ‘/etc/nginx/cache/’: No such file or directory
find: ‘/etc/nginx/cache/’: No such file or directory
chown: cannot access '/etc/ssl/nginx.pem': No such file or directory
chmod: cannot access '/etc/ssl/nginx.pem': No such file or directory
chown: cannot access '/etc/php/7.0/fpm/php.ini': No such file or directory
chown: cannot access '/etc/php/7.0/fpm/php-fpm.conf': No such file or directory
chown: cannot access '/etc/php/7.0/cli/php.ini': No such file or directory
mkdir: cannot create directory ‘/var/run/mysqld’: File exists
mkdir: cannot create directory ‘/var/run/redis’: File exists

After many attempts to install, the furthest I can get is too many redirects.

Trying to add Beaver Builder support for cache clearing as we have a customer who has installed this but after 3 hours battling with this ive had to give up and create a ticket.

Willing to share logins for debugging, its a temporary VPS anyway.

Hi,

I figured out that this cron job 5-cron-half-daily keeps on deleting a file from a theme my site uses.
find /var/www/html/ -name "stats.php" -type f -delete

Every delete, the site will be unaccessible and I will have to manually upload the stats.php file on my themes folder. Is there a way for me to exclude this stats.php from getting deleted?

Thank you so much.

======
Works great with $ sudo chattr +i stats.php

Hello!
ss-install:218:mkdir touch /var/www/meta/.ssh
mkdir should not be there I beleive
and ufw allow @SSH_PORT should be ufw allow $SSH_PORT
no big beal also because users.rules override this

Also
in ss-check dos2unix change de permission of ss and cron files
I dont think its a big deal, but ss-perms and ss-check fight for their permissions :)

Hey,

I tried installing this three or four times but in every case, I couldn't connect back to the instance on port 22 using SSH window system of Google Cloud.

It says Connection Failed: We are unable to connect to the VM on port 22. [Learn more](https://cloud.google.com/compute/docs/ssh-in-browser#ssherror) about possible causes of this issue.

In my earlier tries, I was unable to run sudo reboot after the installation, but then I fixed it by creating a password before beginning the installation.

I tried sudo reboot and service ssh restart, but to no avail.

I am doing it on Google Cloud and accessing the terminal by clicking on SSH button which opens the terminal in a new popup window.

Thanks.

Hi!
I have a VM that I try to always keep up to date with ss so I can make sure when I roll updates
on production VMs everything is ok..

Here is a problem I encounter
when I run ./ss-update & reboot
I be getting 403 everywhere.

The work around I have found is running ./ss-perms and then ./ss-restart upon reboot
And it seems to fix it.

Thanks

UPDATE

this line find /var/www/html/ -type f -exec chmod 6664 {} \; remove the 403 but the site is blank,
I dont know exactly which other blocks is responsible to restore the site.. I will investigate a little later

Hi! I have been able to reproduce the problem with /etc/ufw/user.rules

here, I just ran ufw reload and the user.rules get wiped
and I believe I found out why,
it doesn't pass the sanity check because it doesn't contain the comment

tuple ### ...

ref : https://askubuntu.com/questions/1006834/ufw-rules-disappear-after-manually-adding-them-to-user-rules-ubuntu-16-04

(topic migrated from : https://spectrum.chat/slickstack/general/hello-there-is-false-positive-in-one-script~791c073b-3119-452a-9ee4-e7a16138135a )

Hi.
I am maintainer of our firm plugins (Puvox.Software), and I've seen that SlickStack markes it's files as "malware".
I think if on our websites, blogs and in all our plugins, we announced that SlickStack is malware and malicious software - you would feel offended. Would it be nice?

None of our plugins are malware and neither their containing parts. Especially the main library file, which is marked as "known malware".
Please, show us any case or code part that it's malware (even in revision history of any file).
I hope that was done non-deliberately. So, please revert that and denounce our plugins are "malware".

1. if you search for "default_library_puvox.php", it's accused of being "malware":
   http://mirrors.slickstack.io/ss-clean.txt

Please provide proof for the accusation, it is a simple lie. If you don't know what is the term "malware", then you shouldn't be such easily using that against of what you don't like.

2. here if you search for word "wp-phpmyadmin-extension", it's accused of instability or like that:
   http://mirrors.slickstack.io/ss-clean.txt

That's totally false, as there is no HOOK in plugin that hooks into wordpress. the plugin is only executed if user enters in separate Dashboard settings page of plugin.

and also in :
http://mirrors.slickstack.io/wordpress/blacklist.txt

Personally me, I've put enormous time to develop those plugins (especially integrating PhpMyAdmin into wordpress, primarily taking care of it's security), and it was bad when I saw your software-parts with mentioned glitches.
So, if you ever found any problem with plugin (moreover security concerns) then if you want to take care of users really, then at first you should report to plugin author, before declaring it as unsecure/malware.

Hi! First of all, I would want to thank you for a great work.

It was working perfectly fine, but I had to reinstall ss.

After which, I noticed that my uploads url are not correct -
https://i.imgur.com/OAGUmAm.png

Removing the following fixed it.

define('WP_CONTENT_URL', 'https://truelocal.ph/wp-content/');
define('WP_PLUGIN_URL', 'https://truelocal.ph/wp-content/plugins/');
define('UPLOADS', 'https://truelocal.ph/wp-content/uploads/');

Hi again, thanks for the amazing updates to slickstack!

I have a question, is there a way to whitelist some plugins that are on the blacklist on a per site basis? There are a few plugins that I would want to use on one install, but just don't know how to whitelist - maybe just by forking?

And curious as to why Studiopress/Genesis themes are not recommend?

====
Oh and what are your thoughts on upcloud.com? We are using it + slickstack, I encountered a lot of installation errors, because of their firewall, but it got sorted out, and works perfectly fine.
They claim to be

World's fastest cloud servers

WooCommerce Wholesale Prices (https://wordpress.org/plugins/woocommerce-wholesale-prices/) inserts a single scheduled event on activation. The cron event in question is scheduled once when activating the plugin for +1week.

It fires an admin notice on the person's dashboard asking for a review.

There is a button on the admin notice to "remind me later" which potentially can schedule a cron for another couple weeks out.

These are the only ways this cron can be scheduled in WooCommerce Wholesale Prices unless something non-standard is happening.

In SlickStack, it appears that at one of these two points (most probably the second), the notice does not get dismissed and on each page reload the cron is scheduled again and again.

This cron code has been in place since 2017 and 10,000+ other active installs don't have this problem (otherwise we'd be flooded with support requests) so I suspect the issue is in SlickStack.

Happy to work with you on this to get our plugin (and all the others you banned) removed from your banned list as we have mutual customers relying on this for their stores (via your host).