Category: HelpDesk

  • Gallery

    Photo shoot of santa cruz streets taken 2016.02.25 Photo: David Eagle
    Photo shoot of capitola beach 2 taken 2016.02.18 Photo: David Eagle
    Sailboats Boating” by Layton Diament/ CC0 1.0
  • Recommended Hosting Providers

    Recommended Hosting Providers

    Site Administration

    I monitor all my accounts via MainWP and the Better Uptime platform.

    Cloud Hosting Interface

    Gridpane provides a control panel that lets you interface with the best Cloud service providers. You can pick companies like DigitalOcean, VULTR, Linode, or AWS Lightsail that provide Ubuntu KVM based VPS servers. You control the resources you need in any data center you choose. The managed servers belong to you and can be accessed via the cloud providers interface. You will need to have an account with each Cloud service linked to Gridpane via their API interface.Gridpane is my goto hosting provider. There service is WordPress focused and the servers they build are optimized WordPress performace and security. And there support is awesome. They also have an extensive knowledge base of technical information.FAQs for more information.

    Click Here To View Gridpane pricing wp_engine_logo_bb

    wpengine.com

    WordPress hosting for small businesses

    Fully managed WordPress hosting with speed, security, and support

    Click Here to view WPEngine pricing cloudways-logo-2068378685

    Cloudways

    Flexible cloud hosting with simple, 1-click settings (no command line, no cPanel, no wasted time). Get access to ALL FIVE of these world-class providers without having to write a single line of code. DigitalOcean, VULTR, Linode, Google Cloud or AWS. Cloudways maintains propritory control of the servers created via the Cloudways interface. 

    Click Here to view Cloudways pricing siteground-wordpress-hosting

    SiteGround

    One-click WP installs, managed updates, WP-Cli, WordPress staging and git integration. Support is good.

    NGINX-based caching, SSD-drives, PHP 7, CDN, HTTP/2 available.

    Choose GrowBig or GoGeek plan at SiteGround and you get WordPress-specific features, free SSL, priority support,

    Click Here view SiteGround pricing a2hosting

    A2 Hosting

    All WordPress hosting accounts with A2 Hosting come with WordPress preinstalled. You can also install new instances of WordPress through Softaculous’ one-click installer.I am recommending this hosting service over Bluehost because what I hear in the discussion groups about Bluehost service and downtime bothers me.

    Click Here To Get A2Hosting

    Bluehost.com — Not recommended

    Bluehost shows up on google searches for best WordPress hosting sites.Don’t be fooled…they pay for that rating.The company is one of many web companies owned by NewFold.com (formerly EIG Hosting Brands), who now control 80+ hosting companies.  The performance and support not up to my standards.  And the WordPress Install tool is to be avoided, it’s very flaky and results can be erratic. ( The who, what, when of-Endurance-international Group )Bluehost provides inexpensive hosting – if you decide to go with Bluehost, at least pick the Pro account.  They do provide Dedicated IP & free SSL for WordPress site on the Pro account. I have used Bluehost and experienced real problems with their service, including a higher amount of downtime this year. 

  • SSL certificate failure on GoDaddy

    SSL certificate failure on GoDaddy

    Securing a website with an SSL certificate should be very easy and cost-effective. It not only enhances the trust of your website for visitors, it’s essentially required now. As of December 2019, Google’s Chrome browser started blocking all mixed or non-secure content on websites.

    Today, most sites serve their content via HTTPS to provide a safer browsing experience for their users, and most hosting companies make it easy to set up and to renew.

    Unfortunately, there are still some popular hosting companies that make this process difficult.

    This is the story of a website that went offline because a renewed SSL certificate failed to load/activate on the hosting server.

    My client’s site is hosted on a GoDaddy managed WordPress server.

    The SSL cert in this case cost about $100 a year, and GoDaddy’s process is to renew the SSL cert 2 months prior to expiration.

    In this case the SSL cert was renewed but did not install on the server, so at midnight Arizona time, my client’s site went down as the SSL cert expired.

    The support process to get this server backup online took a little over 5 hours working with GoDaddy and an additional hour of my own time trouble-shooting the issue. If I were billing my client this would have cost them $600, but my client has a support contract with me, and they are a good client, so they were not billed.

    This SSL certificate is a product sold to my client by GoDaddy.

    This certificate is installed on the webserver to validate the SSL encryption, the https:// lock required by Google.

    Because the “domain” was not hosted by GoDaddy, according to their tech support the certificate is renewed 2 months prior to expiration, so there will be no delay in getting the renewed certificate installed.

    In this case, the renewed certificate failed to install on the Deluxe Managed WordPress hosting server and GoDaddy did not check to make sure the certificate was installed correctly.

    Time passes and the certificate (renewed two months prior) expired because the renewed certificate was never properly installed.

    Like most developers, I’m up late as a habit. Around midnight, I got a notice that the site was down.

    After a lengthy troubleshooting process, I noticed that the site was accessible via http:// but not via https://

    The “trouble was an SSL issue.” 

    Saturday morning, I contacted GoDaddy support and after a lengthy wait they began the discovery process on their servers. Finally, we do get the determination that the SSL cert did not install and they blamed this on the client as the “managed WordPress server” was their old version and the SSL renewal requires that the client manually go into the SSL product management dashboard and manually renew the SSL which should reinstall the certificate. [At this point fumes are slowing escaping from my brain cells]. What a crock of BS.

    But responding calmly, I allowed the tech support to walk me through the process and, after waiting an appropriate length of time, we determined that the process failed.

    Next: THE UPSELL. The solution that will fix the “problem” involved upgrading to their newest version of WordPress managed hosting.  Of course, I’d have to migrate the site myself or pay an $100 fee for them to migrate. Also this would take a few days to happen.

    In my experience, GoDaddy always offers an UPSELL as the solution to most issues.

    This new hosting would resolve the issue. Pay us more money for new service and magic happens.

    Apparently, there is a new “managed WordPress service” which was put into place because this SSL manual process was such a problem.

    A BIG issue for me is that GoDaddy recognized they had a problem with the “old” deluxe managed WordPress hosting and fixed it by creating a “new” deluxe managed hosting, but never a mention to my client, even though this new service was in place prior to the client’s last renewal of service.

    The new service included a free SSL certificate, an automated renewal process and the cost would be  significately  less per year.

    With this new service at the ready, how does GoDaddy justify having my client renew their “old” hosting plan last year (with known issues) instead of offering the new improved hosting plan? Why was it not made known to the client that there was a better cheaper hosting option prior to renewal, or better yet why didn’t they automatically upgrade the client to the new service.

    Hearing about this new hosting plan frustrated me.

    My reply- no, thank you, just fix the server.

    Also of note, there were no backups listed in the backup dashboard… even though the tech support verified that there were indeed daily backups available on the file server but would require a server admin to restore if needed, a known GoDaddy issue (a software bug) with the backup API (actually a very old issue, as I have seen this before).

    A known bug

    In addition, the PHP version on this managed server topped out at 7.3. This meant their special “Managed WordPress Hosting” couldn’t even update to the PHP version recommended for WordPress.

    We tried several more times to renew the certificate and finally the tech support concluded that he needed to escalate to hosting support admins and transferred my call to them… and after waiting for a response for 40 minutes, I hung up and recalled support.

    Again, a lengthy wait, and now a new support person, who basically walked me through the same processes several more times and then got in touch via chat with an admin.

    GoDaddy support came to the conclusion that the problem was the use of Cloudflare as the clients name servers and that I needed to add a CAA record (Certification Authority Authorization) to authorize GoDaddy to issue certificates for the domain. Strange that this CAA record was not required previously to issue the certificate for the site or renew in the past. 

            CAA record →   0 issue “godaddy.com” 

    The reason given by support was that this GoDaddy CAA record wasn’t in the DNS records as reported by DNS lookup (https://www.whatsmydns.net). Therefore, Cloudflare was the problem. 

    Okay, I installed the CAA record, and we attempted the renewal process and another process to alter the verifying authority just in case. Nothing worked.

    The tech support determined at this point we had to wait for DNS “propagation” and that I needed to wait an hour for the new DNS CAA record to propagate, then we could try again to renew the certificate.

    Keeping my calm, I agreed. At least this support person didn’t attempt to upsell me. A first for GoDaddy support.

    I waited two hours and called support again…

    This time, we tried the same renewal process (a few times, then another server admin was called. This time the question asked was had I tried re-keying the CSR for the certificate?  Why in the world would I do that? My client paid GoDaddy to manage the SSL, which includes steps like handling the CSR requirements for the SSL certificate.

    I was having a hard time understanding why the services the client paid were now my problem and the client’s.

    Back to the story, the admin re-keyed the CSR or whatever, a process that was explained to me as “activating the SSL cert”.

    The final explanation was that the certificate was never “activated” and so the renewing process did not work. Once the admin activated the SSL cert, and I once again stepped through the manual renewal process, the certificate did indeed install and the site was restored.

    It took over 6 hours and 5 support persons to solve this issue. Amazing.

    And yes, once again, I got the upsell pitch to solve/prevent the problem by upgrading to the new WordPress managed hosting.  

    At this point, I knew I had to move my client to a new hosting service – NOT GoDaddy hosting.

    An interesting side note…

    When the SSL renewal failed, GoDaddy modified the WordPress settings changing the Home URL and Site URL to http:// instead of https:// thus allowing access to the site without encryption even though the site was set up to force SSL.

    Once the SSL was re-installed, GoDaddy restored the home URL and Site URL to https:// and the site was back in business.

    Article by Eagle, with editing assistance by Dave Goff…thank you sir.

  • WordPress WP-CLI, Command Line Interface

    WordPress WP-CLI, Command Line Interface

     
    As a freelance wordpress developer, one of the tools in available to me the wp-cli terminal commands used to manage wordpress sites.
     
    Today I learned a new wp-cli  command.
     
    The latest version of WordPress intoduced a new widget editor, a block editor for widgets. I wanted to learn more about this editor and set myself to the task of upgrading one of my development sites to the latest version 5.8.
     
    To my surprise the site didn’t update, would update, reporting that an update was already in progress. In all my years of working with WordPress, i’ve never had this happen that a site would not update.
     
    I tried various tricks and even other management software to encourage the site to update, but no not happening.
     
    Desperate to upgrade this site, I attempt to update the site using the wp-cli commands via SSH remote login to the server.
    (NOTE: apparently there is a timeout on this lock – which should release automatically – Default: 1 hour from line 852 in the code below).
     
    wp core version 
    (to confirm the current version)
    wp core update 
    (to trigger the update), but again the report
    Error: Another update is currently in progress.
     
    I even tried:
    wp core update –version=5.8 –force
     
    Still not updating. So i ran the command 
    wp core update –help
     
    This produces a listing of options and attributes that can effect the command. In the listing was a mention that if the update fails to happen, I should run this command:
     
    wp option delete core_updater.lock
    Which produced the results:
    Success: Deleted ‘core_updater.lock’ option.
     
    And now I could run my update command again
    wp core update
    and now I have a version 5.8 WordPress site with the widget editor to work with.
     
    There is a plugin in the repository to deal with the issue, but it hasn’t been updated in the past year.
    I took a look-see at the code in that plugin, but believe me using wp-cli commands was way easier and now I have a new command in my arsenal of commands.
     
     
    The WordPress file that governs this lock is:
    ./wp-admin/includes/class-wp-upgrader.php
     
     
    At line #845 of that file we find…
     
    845          /**
    846         * Creates a lock using WordPress options.
    847         *
    848         * @since 4.5.0
    849         *
    850         * @param string $lock_name       The name of this unique lock.
    851         * @param int    $release_timeout Optional. The duration in seconds to respect an existing lock.
    852         *                                Default: 1 hour.
    853         * @return bool False if a lock couldn’t be created or if the lock is still valid. True otherwise.
    854         */
    855        public static function create_lock( $lock_name, $release_timeout = null ) {
    856                global $wpdb;
    857                if ( ! $release_timeout ) {
    858                        $release_timeout = HOUR_IN_SECONDS;
    859                }
    860                $lock_option = $lock_name . ‘.lock’;
    861
    862                // Try to lock.
    863                $lock_result = $wpdb->query( $wpdb->prepare( “INSERT IGNORE INTO `$wpdb->options` ( `option_name`, `option_value`, `autoload` ) VALUES (%s, %s, ‘no’) /* LOCK */”, $lock_option, time() ) );
    864
    865                if ( ! $lock_result ) {
    866                        $lock_result = get_option( $lock_option );
    867
    868                        // If a lock couldn’t be created, and there isn’t a lock, bail.
    869                        if ( ! $lock_result ) {
    870                                return false;
    871                        }
    872
    873                        // Check to see if the lock is still valid. If it is, bail.
    874                        if ( $lock_result > ( time() – $release_timeout ) ) {
    875                                return false;
    876                        }
    877
    878                        // There must exist an expired lock, clear it and re-gain it.
    879                        WP_Upgrader::release_lock( $lock_name );
    880
    881                        return WP_Upgrader::create_lock( $lock_name, $release_timeout );
    882                }
    883
    884                // Update the lock, as by this point we’ve definitely got a lock, just need to fire the actions.
    885                update_option( $lock_option, time() );
    886
    887                return true;
    888        }
    889
    890        /**
    891         * Releases an upgrader lock.
    892         *
    893         * @since 4.5.0
    894         *
    895         * @see WP_Upgrader::create_lock()
    896         *
    897         * @param string $lock_name The name of this unique lock.
    898         * @return bool True if the lock was successfully released. False on failure.
    899         */
    900        public static function release_lock( $lock_name ) {
    901                return delete_option( $lock_name . ‘.lock’ );
    902        }
    903
    904 }
    905
     
  • Backups, Migrations & More

    Backups, Migrations & More

    Need to backup your WordPress site, or, moving to a new domain/host, then these are the tools for you!

    • UpdraftPlus Premium – * recommended * — Backup, Dropbox integration, Migration
    • BackUpBuddy – The most popular plugin for backing up or moving a WordPress site.
    • VaultPress – Backup, and security for your WordPress site from the developers of WordPress.com.
    • Serialized Search and Replace – Carry out database-wide search/replace actions that don’t damage PHP serialized strings or objects.

    Our Monthly Web Care Includes Backup Service

    Drop us a line today for a free quote!


    Learn More

  • What Makes a Website Work?

    What Makes a Website Work?

    • Basic Information/Introduction.
    • Compelling dialog to attract customers.
    • Clarification of what service is provided.
    • Listing of products available and why the customer “must” have them.
    • Contact information/Point of Contact.
    • A few FAQs.
    • Relevant articles with regard to products and services.
    • Explanation of why your business is the better choice; what differentiates your services/products, what makes you stand out.
    • Recommendations, successes, endorsements, testimonials.