Category: Sysadmin

System administration topics — Linux, OpenLiteSpeed, MySQL, monitoring.

DevOps, Industry News, Sysadmin

pgBackRest is no longer maintained: a calm migration plan for production Postgres operators

| by admin | Leave a Comment on pgBackRest is no longer maintained: a calm migration plan for production Postgres operators
Close-up of an open mechanical hard drive showing the spinning platter and read/write actuator arm — physical-storage context for backup discussion (photo: Amalia Digital / Pexels)

The pgBackRest GitHub repository was archived this week — the maintainer announced that the project is no longer being actively developed. For anyone running production PostgreSQL backups via pgBackRest (and that’s a lot of people; it’s been the de facto …

Continue reading "pgBackRest is no longer maintained: a calm migration plan for production Postgres operators"
Security, Sysadmin, Tutorials

SSH ProxyJump: reach private servers through a bastion without copying keys to it

| by admin | Leave a Comment on SSH ProxyJump: reach private servers through a bastion without copying keys to it
Close-up of fiber optic patch panel with yellow and white connectors plugging into blue ports — visual metaphor for ProxyJump tunneling traffic through one server to reach another (photo: Brett Sayles / Pexels)

You have a private server in a VPC that’s only reachable through a bastion host. The “obvious” way to SSH there is the wrong way: copy your private key onto the bastion, then SSH from bastion to the private box. …

Continue reading "SSH ProxyJump: reach private servers through a bastion without copying keys to it"
Security, Sysadmin, WordPress

Get WordPress off MySQL root: per-site users in one Python loop

| by admin | Leave a Comment on Get WordPress off MySQL root: per-site users in one Python loop
A single key resting in a locker door, symbolizing per-site database credentials with no shared master key (photo: Jakub Zerdzicki / Pexels)

If you run more than one WordPress site on a single server and every wp-config.php has DB_USER = 'root', your eight sites are effectively one site as far as a compromise is concerned. One vulnerable plugin on any of …

Continue reading "Get WordPress off MySQL root: per-site users in one Python loop"
Sysadmin, Tutorials

~/.ssh/config power user features: ProxyJump, ControlMaster, IdentitiesOnly, and a starter file

| by admin | Leave a Comment on ~/.ssh/config power user features: ProxyJump, ControlMaster, IdentitiesOnly, and a starter file
Close-up of a code editor displaying syntax-highlighted Python — visual stand-in for editing a config file (photo: Godiatima / Pexels)

Most people use ~/.ssh/config as a glorified shortcut file: Host server with a HostName and a User, save five seconds of typing. That’s the entry point, and it’s fine. But the file is a much more powerful configuration system …

Continue reading "~/.ssh/config power user features: ProxyJump, ControlMaster, IdentitiesOnly, and a starter file"
Sysadmin, Tutorials, WordPress

Recovering a malformed wp_options.active_plugins: the SQL REPLACE() trap and how to rebuild

| by admin | Leave a Comment on Recovering a malformed wp_options.active_plugins: the SQL REPLACE() trap and how to rebuild
A nearly-complete white jigsaw puzzle with one piece sitting outside its slot, exposing the blue surface beneath — visual metaphor for one wrong byte breaking the whole serialized array (photo: Mike Van Schoonderwalt / Pexels)

You have a WordPress site that’s returning HTTP 200, the homepage renders, but something’s quietly off. WooCommerce features aren’t loading. LiteSpeed Cache settings page is empty. The Mailpoet sender isn’t sending. None of these would normally fail at the same …

Continue reading "Recovering a malformed wp_options.active_plugins: the SQL REPLACE() trap and how to rebuild"
Security, Sysadmin, Tutorials

Hide the OpenLiteSpeed admin panel: bind 7080 to 127.0.0.1 + reach it via SSH tunnel

| by admin | Leave a Comment on Hide the OpenLiteSpeed admin panel: bind 7080 to 127.0.0.1 + reach it via SSH tunnel
Linux ls -la output showing /bin, /boot, /etc, /home, /lib, /sbin and other root directories — typical first view after SSHing into a server (photo: Pixabay / Pexels)

OpenLiteSpeed’s admin panel runs on port 7080 by default and binds to *. That means anyone with your server’s IP can hit https://your-ip:7080/ and reach the admin login form. The form has authentication, sure — but having a login …

Continue reading "Hide the OpenLiteSpeed admin panel: bind 7080 to 127.0.0.1 + reach it via SSH tunnel"
macOS, Sysadmin, Tutorials

Keep tmux sessions alive across Mac sleep + Wi-Fi changes: ServerAliveInterval vs autossh vs mosh

| by admin | Leave a Comment on Keep tmux sessions alive across Mac sleep + Wi-Fi changes: ServerAliveInterval vs autossh vs mosh
A hand resting on a laptop keyboard outdoors at a wooden table with trees in the background — visual for the 'close lid, move, reopen, reconnect' workflow that mosh and autossh are designed to make seamless (photo: Jose Hermes Furtunato / Pexels)

You SSH into a server, start a long-running build inside tmux, close the laptop lid to walk to lunch, come back fifteen minutes later — and your terminal greets you with Connection to server.example.com closed by remote host. The …

Continue reading "Keep tmux sessions alive across Mac sleep + Wi-Fi changes: ServerAliveInterval vs autossh vs mosh"
macOS, Sysadmin, Tutorials

macOS launchd: the actual replacement for cron when you want a recurring task on your Mac

| by admin | Leave a Comment on macOS launchd: the actual replacement for cron when you want a recurring task on your Mac
Vintage black twin-bell alarm clock next to a blank notebook on a colorful background of scattered wooden numbers — visual for time-based scheduled tasks (photo: Black Ice / Pexels)

You write a Python script that needs to run every fifteen minutes on your Mac. You add a line to crontab -e, save, walk away. Two days later you check and notice it never ran. The cron file is …

Continue reading "macOS launchd: the actual replacement for cron when you want a recurring task on your Mac"
Sysadmin, Tutorials

Per-vhost PHP versions in OpenLiteSpeed: keep one site on 7.4 while everything else moves to 8.2

| by admin | Leave a Comment on Per-vhost PHP versions in OpenLiteSpeed: keep one site on 7.4 while everything else moves to 8.2
Close-up of PHP source code displaying version_compare("5.2", PHP_VERSION) check and require_once includes — typical PHP version handling code (photo: Pixabay / Pexels)

Modernizing the PHP runtime on a multi-tenant LSWS box is rarely an “all sites at once” affair. Some sites are on a custom theme that uses PHP 4-style class constructors. Some have a plugin still calling create_function(), removed in …

Continue reading "Per-vhost PHP versions in OpenLiteSpeed: keep one site on 7.4 while everything else moves to 8.2"