The post Top 8 Common WordPress Errors and how to fix them appeared first on HostArmada Blog.
]]>The benefits of going for a WordPress website are countless, and the downsides are relatively small. However, that doesn’t mean that there are no hiccups along the way. Even WordPress users may find themselves in a troublesome situation, as the platform is not immune to errors. This being said, it’s essential to know what the errors mean, why they appear, and, most importantly, how to fix them. Thus, as usual, we are here to help. We’ve prepared a handy crash course on the eight most common WordPress Errors you may encounter.
This is one error no one wants to see. It’s hands down the most disturbing issue you may encounter. The White screen of death (WSoD) basically replaces your entire website with a blank page – a vast nothingness. There are no error messages, no notifications, nothing. Just a white screen telling you you are screwed.
Most often, WSoD means your website memory limit is exhausted by a script. Thus, your hosting provider either times out the script or, as a more radical solution, kills it altogether. That’s why you don’t get any message whatsoever. Sometimes, the problem might come from a poorly performing plugin. In rare cases, this may even be caused by a coding error in the theme itself.
The toughest thing about the WSoD error is that a number of reasons can cause it, so the solutions are not as simple and straightforward as some other errors on our list will have. So, if you stumble upon this traitorous error, don’t despair. The fixes are quite easy. The hard part is determining what the problem is.
WordPress dashboard is, without a doubt, the single most important asset of your website. This is the main panel where you can change, add, or delete content, functionalities, or copy from your website. Needless to say, having constant access to the dashboard is instrumental in having an operational WordPress website.
However, there are some issues that may lead to getting locked out of your WordPress admin dashboard. Now, don’t panic. This is troublesome indeed, but as usual, there is a solution.
But why would WordPress lock you out of your own website? Well, there are various reasons. You may have unintentionally messed something up if you have touched the website’s code recently. Some plugins may also be behind this issue, as well as a theme update. If the problem occurred after a recent change, you would have a pretty good idea of where to start looking.
As you can imagine, your website is nothing more than a sequence of files stored in a database. So, to be able to access your website, you must have a connection with the database at all times. Naturally, sometimes your website loses that connection, and it’s most often due to a single file on your website – wp-config.php. This is the file that contains all the information about the website’s database. Thus, if there is a problem with the database connection, this file is most likely the perpetrator.
As you can imagine, the solution to this problem lies in precisely this file. First, you must find it within your website’s files. The wp-config.php file usually lies in the root folder. When you find it, right-click on it and select View/Edit. Now, you would want to check if all credentials are in order. This includes the database name, the My SQL database username, the password, and the hostname. These are the lines you should be looking after.
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');
/** MySQL database username */
define('DB_USER', 'username_here');
/** MySQL database password */
define('DB_PASSWORD', 'password_here');
/** MySQL hostname */
define('DB_HOST', 'localhost');
If the credentials are not correct, fixing them should solve the problem.
However, if the problem is still at large, you will need to add an additional line to your wp-config.php file:
define('WP_ALLOW_REPAIR', true).
Make sure to place it separately within the file and to designate it properly. Once you’ve added the line, go to http://www.yoursite.com/wp-admin/maint/repair.php. There, you will be able to repair your database. Note that any user will be able to get to this link, so once you’ve finished fixing the problem, don’t forget to delete the added line (1 define(‘WP_ALLOW_REPAIR’, true))
Now, this is one problem that’s definitely not a huge deal, but it does cause inconvenience. You must keep your WordPress up to date, and if your Auto-update is not working, you will have to do it manually. This is tedious, to say the least, and may pose some serious security issues as well. You can check if there is such an error in the update menu on your dashboard right under Current Version.
Various reasons may stay behind this problem. Losing an internet connection during the update is the most common one. Still, the problem may occur due to losing connection to the WP main files or having some incorrect permissions.
If this is a one-time occurrence, you can simply do it manually. Download the WordPress zip file, extract the downloaded files, and prepare for installation. This includes deactivating all plugins, as they may cause an issue during the installation process. Also, you may want to delete old wp-admin directories from your web host and the wp-includes. The new upload will replace them.
Then simply transfer the new files into your wp-content folder and overwrite the old ones. It’s important not to delete any files in that folder or the folder itself.
Finally, upload all loose files from the root directory of the updated version to your old root directory. Do not delete anything from the root directory, and avoid overwriting any customization files or plugins if that’s not crucial.
Then, delete the .maintenance file from your WordPress directory by using FTP.
Next, you must update your installation. You simply must visit your admin page and log in. WordPress will provide a link to the upgrade.php if the update is required. All you need to do is follow the instructions.
After all of this is done, reactivate your plugins and clear the cache.
Syntax errors typically happen after you’ve made some changes to your website. For example, you may have added some custom code to your website, or you may have installed a new plugin or theme. The problem occurs when a syntax error is introduced to the website’s code.
The syntax error is courteous enough to show you precisely where the error is, or at least show you the line that’s causing the issue. Naturally, the solution is quite simple.
To fix the problem, all you need to do is to fix the error in the shown line. If someone else did the changes and you’re uncomfortable messing around with your website’s code, reverting to a backup is the easiest solution.
If a plugin or a theme causes the problem, deleting them will resolve it immediately. Or you can use an SFTP to find the problematic line and fix it yourself. It’s up to you.
This is one problem that can really be nerve-wracking. You’re just about to post your new blog post and can’t upload your image. Now, the size would hardly be a problem if you are uploading an image. WordPress allows you to upload files with a maximum size of 512 MB. The most common issues are incorrect file permissions or plugin interference.
This is definitely the most frustrating issue you can stumble upon, especially when you haven’t saved your work, and you are in the middle of configuring vital settings. The worst part is that this issue is caused due to negligence and oversight by the person configuring the website.
The issue is often caused by placing a different URL in the site address and the WordPress address boxes in your website’s settings. Every time you log in to your website, WordPress will set a cookie to your browser that will authenticate your login session. The cookie is set for the WordPress address stored in your settings menu. So, if there is a difference between the site address and the WordPress address, the login session can’t be authenticated.
The worst part is that in 99% of cases, the problem is that you added www in one of the boxes. For example:
WordPress Address (URL) : https://yourwebsite.com
Site Address (URL) : https://www.yourwebsite.com
Frustrating indeed, but easily solvable.
The solution is as simple as going to your dashboard –> settings–> general and making the WordPress address and the Site address the same. Don’t forget to hit “save changes” at the end.
Finally, we have the connection timed-out error. Usually, this issue appears when the server gives up trying to recover your website’s data. Naturally, this happens for a variety of reasons. The most common is within your server. It simply lacks the resources to load your website. This can be caused because you reached your bandwidth limit, because too many users are trying to enter simultaneously, or you reached your visitors limit, set by some hosting companies. Moreover, if you are using shared hosting, another website could be hogging all the server’s resources.
So, if you want an easy and cost-efficient solution to the connection time problem, all you need to do is check our plans and choose the best fit for your needs. On top of that, you will receive a lightning-fast loading time and top-notch security.
Knowing how to deal with these issues will help you mitigate sudden problems with your WordPress website without the need for a professional. Still, if the issues prove to be more severe, we highly recommend seeking the help of someone with experience dealing with WordPress. Those issues may be easily solvable, but touching the database of your website is not a joke and it may easily destroy your entire work if not done with precision. So, if you think you are not ready to solve those issues on your own, there is no shame in simply asking a professional for help. It will certainly save you a lot of time and trouble.
The post Top 8 Common WordPress Errors and how to fix them appeared first on HostArmada Blog.
]]>The post In the search for the best PHP framework: Laravel vs Symfony appeared first on HostArmada Blog.
]]>A PHP framework is a platform for building PHP applications whose primary goal is to cut short your delivery time, help you with coding, implement a layer of security, and integrate basic standard functionalities effortlessly. To achieve that, a PHP framework consists of vast libraries with codes that can be implemented, and the developer won’t need to write already established codes from scratch.
PHP coding is not an easy task, and while you can do it all on your own, it will take a lot more time. Furthermore, you can and probably will make a small typo or another coding mistake, affecting your whole code. You won’t worry about errors using a PHP framework since the code was tested and verified before adding it to the used libraries. Furthermore, it will save you time and energy since, without it, you will still have to write the same code that’s already been provided.
As the world’s most popular programming language, with 45.4% (in 2021) of people using it, PHP has a wide variety of frameworks to choose from. Having said that, it’s not hard to test many of them until you discover that only a few are the real deal. Among them, Laravel and Symfony are, without a doubt, the best ones. So today, we will compare these head to head!
Symfony is an open-source, free-to-use PHP web development application framework, which was first introduced in late 2005. The platform gained some popularity, but what really made it a hit was the release of the 2.0 version in 2011. Over 32,000 websites use Symfony as their foundation. The framework was used to build some notable governmental websites in France, including the Cultural ministry’s web portal. Furthermore, the Interpol website was also created using this framework.
Symfony has one major advantage over other frameworks – you can use any Symfony component outside the framework, and it will still do a tremendous job. This makes work with Symfony much more beneficial, and you can also use it in other projects. This framework can be of help when building e-commerce websites, content management systems, and even sending emails via Symfony.
Just like with Symfony, what truly made Laravel a PHP framework superstar is version 4.0, which was introduced in 2013. This modification was a complete rewrite of the framework, which decoupled the functionalities into separate components. These components are then managed with Composer.
What really makes Laravel a top PHP framework is the syntax’s simplicity, which is extremely easy to learn, write, read and maintain. Over 387,000 websites use Laravel, among which are Weebly, Epik, Snapwidget, and others. Most users are in the US, but the framework is used worldwide. A huge recognition came in 2016 when Laravel was announced as the most popular framework of the year.
There are many similarities between the two frameworks, but what really counts are the differences. Let’s review these!
As far as the installation procedure goes, both Symfony and Laravel are fairly straightforward. However, you will need to install a dependency manager beforehand, and since both frameworks work with Composer, we’d suggest using it.
Symfony offers an alternative installation method via installing a new binary in your system. This will give you several advantages and nifty commands, which can help you greatly, especially when there is a missing dependency.
Laravel also allows for different installation methods, but there aren’t any advantages to that. In fact, sticking to the default composer method is your best option.
Winner: Symfony – Although both are pretty straightforward, Symfony’s additional advantages can’t be overlooked.
When it comes to configuration, Laravel is much easier to use. The framework uses the default PHP syntax. It has .env files as a base, and the application configuration is saved as .php file. Laravel separates the basic and the special configurations, making the use more organized and easy.
Symphony’s configuration is entirely different and much more complicated at first glance. This framework separates the environment configuration and the bundle configuration. The former is stored as .env, where the essential information is held. The latter uses YAML files predominantly. They determine how the website will behave in any environment.
Winner: Laravel – Symfony’s configuration is much more complex. Although it allows you to create different files for different environments, the complexity of the YAML syntax and the need to learn it altogether makes the familiar PHP syntax of Laravel the better choice.
There are no significant differences between Symfony’s Twig and Laravel’s Blade templating engines. The latter is typically considered to be easier to use, but syntax aside, there are no major differences in functionality, and both have fans.
Both allow the usage of “for” loops and “if” statements, work fast, and generate their templates into PHP codes. Most importantly, they are great at preventing XSS attacks due to escaping output by default.
There are some minor differences, though. Symfony’s Twig allows users to filter, while with Laravel’s Blade, you can directly add PHP code to your templates. Furthermore, Blade makes functionality extensions simpler.
Winner: Tie – While many consider Laravel’s engine to be more user-friendly, the differences between Twig and Blade are way too small to claim that either one is better.
The coding style is another difference between the two frameworks. Symphony is entirely based on coupled classes created by dependency injections. This makes the entire process of long-term maintenance and testing a whole lot easier.
Laravel, on the other hand, automatically scans for dependencies and resolves them automatically, making the dependency configuration redundant. Naturally, this means that the whole process is a lot easier, which is turning into a theme for Laravel’s use. However, while Laravel is, without a doubt, easier to use in this case, it may result in some issues with maintenance and testing in the long run.
Winner: Symfony – The long-term solution is always better than the easier short-term one.
The object-relational mapping (ORM) feature is essential for both frameworks, and while they have some differences, their main objective remains the same.
Symfony integrates a third-party ORM – Doctrine, while Laravel uses its product, Eloquent, to interact with its database. Doctrine entities can be used outside a specific scenario, which gives them greater flexibility. It implements DataMapper patterns, which know nothing about the database, but they can use the data itself. The information about all interactions between the models and the database is stored in a separate layer called Entity manager. Thus this manager does all the operations. One of the most significant advantages of this ORM is the database operation optimization abilities because the processes are queueing rather than running simultaneously.
Laravel’s Eloquent, on the other hand, implements the ActiveRecord pattern, where all models are aware of the database and work directly with it. It allows the ORM to update, create and delete a record. Furthermore, Eloquent is much more PHP developer-friendly and can be learned much quicker.
Winner: Symfony – While Eloquent is the easier option, Doctrine has more valuable features and helps the database processes to be better organized and run smoother.
Security is essential in all PHP frameworks, and both Symfony and Laravel are among the top choices in this regard. Symfony has one genuinely robust security system, but it’s a bit complicated to set it up. On the other hand, it’s pretty sophisticated, with several authentication methods and a well-designed permission model.
Laravel’s security is less complicated and lacks many of Symphony’s features. However, for most projects, Laravel’s basic protection is quite enough, and the easy set-up makes it a preferred security model for many.
Winner: Symfony – despite being the more complicated option, Symfony’s solution has better features and is more tightly secured. This being said, Laravel’s protection is by no means weak, but it simply can’t hold a candle against Symfony.
The lifecycle is probably the single most important thing when choosing the right framework for your project. This is the process of converting a request into a response and is essential for your project.
Symfony uses a system called Event Dispatcher. It fires different events and event listeners to handle them. Events follow strict steps and the event listeners follow closely. Typically the listeners are related to CSRF token validation, security checks, and the entire signing process. The best thing about Event Dispatcher is that you can add functionality by creating custom event listeners and assigning them to the correct event.
Laravel has an entirely different way of converting requests into responses. Middleware, as the method is called, is once again a much easier solution with some limitations. A request has to go through different stages or layers, if you will, on its way to the controller. These layers are basically the equivalent of Event Listeners in Symfony and are responsible for the security and other features. Once the controller gives the response, it has to go through the same layers. Naturally, if you want to add new features, you need to create a new middleware.
Winner: Laravel – as with almost everything else, Laravel has a more straightforward approach, making the whole process far less complicated.
Picking up a winner is not an easy task. Both frameworks are extremely good and have their strengths and weaknesses.
Symfony is better if you’re building a complex application for a huge company, as it’s easily scalable, effortlessly maintained, and comprehensively structured. This framework is perfect if you are searching for a long-term solution, as it has a predictable release schedule for the next few years. Thus surprises are highly unlikely.
Laravel, on the other hand, is a gateway framework, as it’s easy to learn and has a far simpler syntax than Symfony. Furthermore, there are tons of learning materials online. This makes Laravel developers easier to find, which is perfect for start-ups or small companies with lower budgets.
Our pick leans toward Syomfny due to its versatility, scalability, and overall adoption level by the development community. But no matter which one is right for you, your business and your website would need excellent hosting service. Here at HostArmada, we offer precisely that. So give us a call, and let’s help you choose the best hosting for your needs.
The post In the search for the best PHP framework: Laravel vs Symfony appeared first on HostArmada Blog.
]]>The post Hackers exploit the PHP Git repository adding backdoor to PHP’s source code appeared first on HostArmada Blog.
]]>HostArmada continues to be a reliable source of news. After our latest blog post about cybersecurity, we continue the trend of reporting the major news that our clients and other interested parties should keep an eye out for. Please keep reading to find out more about this incident as it develops!
Here are the two referenced commits that we are talking about in this blog post:
Everything points towards a compromise of the git.php.net server. Hackers pushed the backdoored code on the server under the guise of a very minor and inconspicuous edit. The malicious attackers pushed the two commits to the php-src repo for the popular scripting language. This backdoor would have allowed them to perform remote code execution (RCE), PHP maintainers revealed in an official statement. These unknown chaos agents would have used the backdoor for the remote takeover of any website that uses PHP. Maintainers are now reviewing the repositories for any signs of further compromise.
The security incident can be described as a supply-chain attack. Threat actors will target an open-source project, library, or another component that is relied upon by a large user base. By compromising one core target, it may be possible for malicious code to trickle down to a wide-reaching number of systems.
A recent example is the SolarWinds fiasco, discussed in our previous blog post, in which the vendor was breached, and hackers planted a malicious update for its Orion software. Once malicious users deployed this malware, tens of thousands of organizations were compromised, including Microsoft, FireEye, and Mimecast.
An investigation is still underway with no confirmed reports pointing to the identity of the attacker.
The malicious code includes reference to ‘Zerodium,’ a US company known for buying zero-day exploits. The company has so far denied involvement. In a tweet Zerodium CEO said:
While preliminary investigations are still underway, PHP maintainers have decided that maintaining their own git infrastructure is an unnecessary security risk at this time. In the interest of cybersecurity and to prevent other hackers from interfering, they will discontinue the git.php.net server. As of right now and indefinitely. Instead, the repositories on GitHub, which were previously only mirrors, will become canonical. This means that in the future, they should push changes directly to GitHub rather than to git.php.net.
Previously the write access to repositories handles through their home-grown karma system. You will now need to be part of the PHP organization on GitHub. If you are not part of the organization yet or don’t have access to a repository you should have access to, contact Nikita Popov at nikic@php.net with your php.net and GitHub account names, as well as the permissions you’re currently missing. Membership in the organization has to have 2FA turned on. This change also means that it is now possible to merge pull requests directly from the GitHub web interface.
Hackers may indeed have exploited the PHP repository itself. However, PHP maintainers found the backdoor left by the attacker(s) early. This was way before its malicious code could have reached the latest PHP release. This means that no released versions of PHP included this backdoor. This has prevented what could have been a major disaster for the global online community. According to a Web Technology Surveys study, PHP is thought to underpin almost 80% of all websites. This includes all WordPress sites, which are built on PHP.
The PHP team is currently reviewing the repositories to ensure that no other modifications were made by the attacker(s), but nothing has been found up to now. HostArmada will continue to monitor the situation further to provide you with updates as it develops further. We are quite eager to hear the results of the investigation!
This wasn’t the only cybersecurity alert that has happened for Github in the recent past. After security researcher Nguyen Jang posted a proof-of-concept exploit on GitHub that abuses a Microsoft Exchange vulnerability revealed earlier, GitHub, which is Microsoft-owned, removed the code to the alarm of security researchers worldwide.
The PoC code, something short of an actual functioning exploit, consisted of a 169-line Python file. It took advantage of CVE-2021-26855, a Microsoft Exchange Server flaw that allows an attacker to bypass authentication and act with administrative privileges. The bug, referred to as ProxyLogon, was one of four Microsoft Exchange zero-days that Microsoft patched in an out-of-band release on March 3, 2021. It’s part of the “Hafnium” attack that prompted a US government warning last week, which we’ve also discussed in our previous blog post.
Jang posted a write-up of his work, in Vietnamese, with a link to the code on GitHub. And a few hours later, the link to the code on GitHub no longer functioned.
It is safe to say that this bodes some concern over Microsoft’s ability to handle cybersecurity threats and its ability to hold wholesome interactions with cybersecurity researchers and experts. We’ll have to monitor how the giant techno-corp will react and adapt to this uncertain and dangerous climate. We wish them luck and success in this endeavor!
Expect us to be following the trends in cybersecurity in future blog posts as well. There is a lot to cover and currently happening across the world. The timing isn’t great either, given the rest of the issues the denizens of Earth are currently experiencing as a global society and the Covid-19 pandemic. The last thing we need is an unstable world wide web filled with threat actors looking to exploit big corporations and regular internet users in criminal and malicious ways. Unfortunately, that is what the current climate is showing us. Regardless this is an opportunity for companies such as HostArmada to raise awareness about these issues and be part of our global efforts to innovate and adapt to these new challenges.
Furthermore, we here at HostArmada, want to assure you that we have not been impacted by these cybersecurity threats as of now and are only reporting them to make sure our clients are well-informed about the state of the digital world.
If you have further questions, suggestions, or concerns, you can always reach us. HostArmada remains ready to be deployed 24/7!
The post Hackers exploit the PHP Git repository adding backdoor to PHP’s source code appeared first on HostArmada Blog.
]]>The post PHP 8 available on all HostArmada services appeared first on HostArmada Blog.
]]>PHP version 8.0 is a significant update over the 7.4 branch of the PHP programming language. There are many new features and optimizations, including named arguments, union types, attributes, constructor property promotion, match expression, nullsafe operator, and JIT. It introduced improvements in the type system, error handling, and consistency. According to the PHP 8 roadmap, many long-expected, exciting features and enhancements have arrived with the release.
It adds much more clarity, transparency, efficiency to the development workflow and gives developers a chance to build better, faster, and safer websites and applications. Many built-in functions are now pickier about the input they accept, and PHP 8 itself is more stringent about how that information is passed to functions. Issues that previously resulted in notices directly result in warnings. And issues that resulted in warnings now result in errors. In other words, PHP 8 is not as lenient as previous versions. It will not try quite as hard to make code work no matter what.
Should you upgrade your online projects immediately? Probably not. First of all, you should confirm that everything is working with PHP version 7.4. Because of the many new features and improvements, there’s a higher chance you’ll need to make some changes in your PHP code to get it fully adapted to the new PHP 8. If you’ve maintained your code up to date with the latest releases, though, the upgrade shouldn’t be too hard since most breaking changes that could occur were deprecated before in the 7.* versions.
Here are some of the most important major features PHP 8 introduces:
The cPanel service offered with our Shared Hosting solutions has an easy-to-use feature known as “PHP selector”. That is what you can use to change your PHP version to PHP 8. Please bear in mind this update to the arrangement will affect all the websites hosted on the cPanel. For the convenience of our clients, we have published a HostArmada PHP selector tutorial where you can find a step-by-step guide on changing your PHP version, as well as additional information on how to use it effectively and manage your PHP extensions.
If you are a client of our Cloud SSD VPS or Dedicated CPU solutions, the PHP 8 is available on demand. The only thing you will need to do is to submit a ticket via your Client Area with HostArmada and request the installation and configuration of PHP 8.
If you still have questions or encounter issues with this process, despite our guide, there is nothing to worry about because our expert support team is here to help at any time as we are available 24/7.
The post PHP 8 available on all HostArmada services appeared first on HostArmada Blog.
]]>