howto

« Posts under howto

IPv6 over an IPv4 Tunnel on a Dlink DIR-825 Rev. B

June 27, 2011 / Laslow posted in howto, Microsoft, Networking / 1 Comment

Although I missed World IPv6 Day, I was bored the other night and decided to finally setup an IPv6 tunnel. To do this, I registered a free account with Hurricane Electric’s Tunnel Broker. The process was a breeze and in no time I had a regular tunnel created. From there, it was all up to the Dlink router.

A few notes:

Make sure you have the latest firmware for your DIR-825 Rev. B. At the time of writing, it’s version 2.05(NA).
You will need to enable “WAN Ping Respond” – this can be found under Advanced -> Advanced Network. You can safely disable this after you finish complete the process and your tunnel is working. This is needed so that Tunnel Broker (TB, from here on out) can confirm your public-facing IP address and link it to your tunnel.

So, that out of the way, once Tunnel Broker has confirmed your tunnel is available, login to your router and do the following:

Under the main Setup tab, click IPv6.
Click the Manual IPv6 Internet Connection Setup button. Do not use the wizard.
For the IPv6 CONNECTION TYPE, choose IPv6 in IPv4 Tunnel.
In the Remote IPv4 Address box, enter the Server IPv4 Address provided by TB.
In the Remote IPv6 Address box, enter the Server IPv6 Address provided by TB.
The Local IPv6 Address is the Client IPv6 Address from TB.
Under the IPv6 DNS SETTINGS heading, choose Use the following IPv6 DNS servers and enter the Anycasted IPv6 Caching Nameserver provided by TB in the Primary IPv6 DNS Server box (TB did not provide me with a secondary DNS address).
Finally, uncheck Enable DHCP-PD under the LAN IPv6 ADDRESS SETTINGS heading.
Leave the settings under the ADDRESS AUTOCONFIGURATION SETTINGS heading as their defaults.
Click the Save Settings button at the top of the page and let the router do it’s thing. It will take some time to ‘measure the internet connection’ – this is normal.

You’re almost done. At this point, if you go to the Status tab and choose IPv6 from the options down the left side of the page, you should see the TB information you entered, and Network Status should say Connected.

The rest of the work depends on your operating system. I use Windows 7 on my main PC, which natively supports IPv6 (as does OS X and most *nix distros). As IPv6 is enabled by default, I simply had to open an Elevated Command Prompt and type:

ipconfig /release

ipconfig /renew

After it finished thinking, ipconfig spat out the new network configuration which included the correct IPv4 and IPv6 addresses. I opened Firefox and browsed to http://ipv6.google.com – success! Everything works! You can also confirm that IPv6 is working by using the nslookup tool from a command prompt like so:

C:\Users\Laslow>nslookup
Default Server: ordns.he.net
Address: 2001:470:20::2

> xbox.com
Server: ordns.he.net
Address: 2001:470:20::2

Non-authoritative answer:
Name: xbox.com
Addresses: 2a01:111:f009::3b03
65.55.42.140

>

As you can see, the IPv6 nameserver came back with an IPv6 AAAA record (2a01:111:f009::3b03) and an IPv4 A record (65.55.42.140) for xbox.com.

Installing Java on CentOS 5.x

May 26, 2011 / Laslow posted in howto, Linux / 2 Comments

There are a large number of articles floating around with outdated instructions for installing ~~Sun~~ Oracle Java on CentOS. I’m happy to report that the process is now very, very easier if OpenJDK doesn’t work for you.

Browse to this page: http://www.java.com/en/download/manual.jsp
Copy the URL of the “Linux RPM (self-extracting file)” link.
On your CentOS box (assuming you’re SSH’d to it), use wget to download the file (eg, wget http://javadl.sun.com/webapps/download/AutoDL?BundleId=48333)
Note that, when the file finishes downloading you may need to rename it. Due to the redirect process Oracle uses, you may end up with a filename like “jre-6u25-linux-i586-rpm.bin\?AuthParam\=1306440404_3678aad28a7b9aae044da147678b211e\&GroupName\=JSC\&FilePath\=%2FESD6%2FJSCDL%2Fjdk%2F6u25-b06%2Fjre-6u25-linux-i586-rpm.bin\&File\=jre-6u25-linux-i586-rpm.bin\&BHost\=javadl.sun.com” (this happened to me). If this is the case, rename it to “jre-6u25-linux-i586-rpm.bin“
Use chmod to allow execute permissions: chmod +x jre-6u25-linux-i586-rpm.bin
Execute the binary: ./jre-6u25-linux-i586-rpm.bin
Verify the installation worked: java -version

That’s it. No extra compiling, no need to add extra repositories. Simple. (Disclaimer: because this is done without a package manager, you’ll have to remember to manually update the installation to keep your box secure.)

ADMT: What I Learned

March 29, 2011 / Laslow posted in howto, Microsoft, Networking, Servers, Troubleshooting, Windows / No Comments

Years ago, long before I started working at my current job, management launched a new contract in a office building just across the street. At the time, wireless network connections were still in their infancy and not to be trusted, so the new office was set up with a pair of servers, a nice new Active Directory Forest and Domain (DomainB), and a VPN to access resources on the primary network, DomainA.

Fast forward to three years ago, just before I was hired. The then-sysadmin was getting flak for the VPN being slow, so he installed a pair of wireless routers on the roofs of the buildings and linked the two networks. However, instead of getting rid of DomainB, he simply left it in place.

Fast forward to now. Due to cost issues, the contact in the remote office was physically moved to our main building. As such, their network equipment and servers came with them, which created cramped quarters in an already cramped space. As such, I set about doing what should have been done years ago – migrating users from DomainB to DomainA.

There was a group of client computers that needed to go through a round of updates anyways, so those were simply re-imaged and joined to a separate, restricted network (DomainC) used for our clients only (this had been another pet peeve of mine – due to costs, the clients in that office were put on the same network and although they had their permissions restricted, it was still a concern in my mind). The main problem, though, was the staff workstations. Not only were they setup on DomainB, put PrimaryDC.DomainB was also an Exchange 2003 server, and TertiaryDC.DomainA was our primary mail server running Exchange 2007. The first step was to manually export the mail for the twelve staff members and create their DomainA accounts, and then get them setup on the DomainA Exchange server. Once that was up and running, the Exchange 2003 install was shutdown. Although it took a while to manually transfer the mail by exporting to .PST files and then importing it again, it was the cleanest way to do the move (and also encouraged users to clean out their mailboxes).

The last step was to actually get the users logging in to DomainA rather than DomainB. That’s where ADMT (Active Directory Migration Tool) comes in.

ADMT comes in a few ‘current’ versions. 3.0 if the server it’s running on is Server 2003, 3.1 if it’s Server 2008, and 3.2 if it’s Server 2008 R2. The source domain (B) was running on Server 2003 boxes, but the target domain (A) was running mostly on Server 2008 boxes, so I installed ADMT 3.1 on one of those.

After getting it installed and playing around with it on a test VM, I learned a few things that helped me get all of the staff workstations migrated with minimal issues:

Setup a Two-Way Trust between the domains first, but be aware that if users are already authenticating on both domains by using store credentials, that may break unless you also setup permissions for users of both domains on effected shares.
Double-check your DNS configuration. If both domains have separate Forward Lookup Zones (which they probably do), make sure that the DNS servers in both domains are setup to perform Zone Transfers between each other, and then check to make sure that all A and PTR records are actually correct and current.
Make sure that the user you are logged in to on the server running ADMT is in the Domain Admins group on the target domain, and the Administrators group in primary DC on the source domain.
Change the DNS servers that the computers to be migrated are using to the servers on the target domain. This is important, or after the computer migrations are complete you may run in to issues when logging in (for me, Active Directory decided to continually lock out user accounts of migrated users because of a missing A record in the source domain’s DNS zone).
If you have any local firewall software running on the workstations that are to be migrated, either temporarily disable it or add exceptions for the Netlogon Service, File and Printer Sharing, and Windows Management Instrumentation (although the last may not strictly be needed – it was hit-or-miss for me).
Run the following command on the workstations that you’re migrating: net localgroup “Administrators” “DomainAdomain admins” /ADD (changing DomainA to your target domain). This is important, as local admin rights are needed for the computer migration steps.
If users from your source domain are using resources on your target domain and using stored credentials to authenticate, delete those stored usernames/passwords from the workstation (in most cases, open Control Panel, then User Accounts, and click ‘Manage Network Passwords’ on left). Then, once you have migrated the user accounts, give those accounts permission to access the required resources.
During the migration, if you are trying to migrate a computer account and you continually receive an error like ERR2:7666 Unable to access server service on the machine ‘computer.domain’. Make sure netlogon and workstation services are running and you can authenticate yourself to the machine. hr=0×80070005. Access is denied., and you’ve run the command above on the machine to give Domain Admins from the target domain local admin rights, you may need to remove the computer from the source domain, rejoin it to the source domain to re-establish the trust relationship, and then try the migration again.
After the migrations are done, make sure to go back to the DNS servers on your target domain and verify that the migrated computers’ PTR records reflect the new domain suffix (eg, changed from ‘workstation1.domainB.’ to ‘workstation1.domainA.’ (and leave the trailing . in, or you’ll have trouble!).

And that’s it! ADMT worked like a charm, and after using it to migrate and merge user accounts, and then migrate the computer accounts, everyone was off DomainB with out the hassle of needing to manually join DomainA and reconfigure the user accounts. By performing both the user account and computer account migrations, once the process was done users just had to login to their computers using ‘DomainAUsername’ instead of ‘DomainBUsername’ and everything was left exactly like it had been, right down to the desktop wallpaper.

And now I’m free to decommission two old servers.

Folder Redirection to Mapped Network Drives: Fracking Stupid

March 8, 2011 / Laslow posted in "It's a Feature", howto, Makes Sense, Microsoft, Networking, Servers, Troubleshooting, Windows / 1 Comment

While updating a set of public computers to have private file shares (making use the Home Directory account property in AD to automagically map the drive), I ran in to an issue with folder redirection. I wanted to redirect all of the standard personal folders (Documents, Pictures, Music, et al…) to the same share, so I setup folder redirection in a Group Policy Object to point those folders to the users home drive (for this example, we’ll say drive Z: was mapped to \serversharefolder).

I gave the user full rights to the share, and assigned it Owner status as well (all through the Security tab, as standard), and then configured the GPO as appropriate. After rebooting the client computer, however, I checked the Documents folder only to find that it was still pointing at the default location. A quick peek in to Event Viewer revealed the following error:

Failed to apply policy and redirect folder “Documents” to “\serversharefolder”.

Redirection options=0×80009211.

The following error occurred: “Can not create folder “\serversharefolder”".

Error details: “Access is denied.”.

Which was very strange indeed, as a brief check confirmed that yes, the domain user did in fact have full access to both the folder and the share.

Then, something I saw (and stupidly, ignored) when setting up the GPO came back to me. I fired up the GPO editor and and browsed back to the Documents folder redirection section (User ConfigurationPoliciesWindows SettingsFolder Redirection). After double-clicking the Documents option, and then switching to the Settings tab (shown below), I noticed the top two boxes (“Grant User Exclusive Rights to Documents” and “Move the Contents of Documents to the New Location”) were selected by default. Given that this was an ‘Access Denied’ error, I figured one of these two settings must be at fault, so I unchecked them.

After rebooting the client computer, the Documents folder redirected to the Home Drive as expected.

Here’s where it gets stupid, though. On the ‘Target’ tab in the Documents properties window (visible in the screenshot above), if you have the ‘Target folder location’ set to ‘Redirect to the users home directory’, it explicitly adds a note that says “This settings ignores the value of the ‘Grant User Exclusive Rights to Documents’ option on the settings page.

Apparently not, Microsoft. Apparently not.

TL;DR Version: If Folder Redirections aren’t applying correctly, Event Viewer is showing ‘Access Denied’ messages, and you’re using Home Folders specified in the user account, disable ‘Grant User Exclusive Rights to Documents’ option on the settings page of the GPO.

Cheat: How to get Custom Routes on Google Maps for Android

December 16, 2010 / Laslow posted in "It's a Feature", Android, Google, Hack, howto, Short / No Comments

One of my few complaints about the Maps app on Android, even the newly released 5.0 version, is that if you use the Directions feature there is no Alternate Route option. There isn’t even an option to manually re-draw the route, or to enter a second destination like in the web version.

So I found myself faced with an issue – I was about to go on a fairly long trip, however I was planning on taking a route different from the one Google had suggested. While I could use the web version of Google Maps on my phone, I wanted to use the actual app. The solution, as it turns out, is very simple.

The trick is to set everything up on the web version of Maps first. This gets tricky, depending on how sever the changes to the route are. I my case, I only needed to drag one route marker to change the route to go where I wanted it. Here’s the before route, and the after (not my real start and destination, just an example).

So the cheat is actually very straight forward – after finalizing your route in web Maps, copy the link for the map (don’t use the address bar – use the Link button in the top-right corner of the map) and paste it in to a URL shortener like Is.Gd, then enter that URL on your Android phone. The browser will ask if you want to open the link in Maps or another program, so just choose maps and your custom route will appear, with full directions, right before your eyes.

Edit: I should clarify that Google Navigation for Android has a ‘Recalculate Route’ option, however if you aren’t planning on using it, or it isn’t available in your area, this is the solution.

Fedora 14: Framebuffer and Xorg in 1680×1050 with Nvidia Drivers

December 11, 2010 / Laslow posted in howto, Linux / 3 Comments

So out-of-box, Fedora 14 does a pretty good job handling graphics, but if you want to run with Nvidia’s drivers you need to do a little leg work. Fortunately, it’s very, very easy if you know your way around the system even a little.

First off, you should download the driver binaries from Nvidia’s site. Save them in an easy-to-access place and then do a quick ‘chmod 777′ on the package so you can execute it later. Also, make sure you have the kernel-headers and kernel-devel packages installed, plus gcc so the Nvidia installer can make the kernel module.

Now that the driver is downloaded, we need to disable the Nouveau driver that comes with Fedora. This is a two-step process.

As root, edit ‘/etc/modprobe.d/blacklist.conf’ and add the following lines to the bottom:

# Nouveau
blacklist nouveau

Now edit ‘/boot/grub/menu.lst’ and add the following to the end of the kernel line:

nouveau.modeset=0
e.g, “kernel /vmlinuz-2.6.35.9-64.fc14.x86_64 ro root=UUID=00311e4e-0043-498c-8532-7301b19eae76 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet nouveau.modeset=0“

With that done, reboot. As your computer boots, press the Tab key repeatedly before the Fedora splash screen appears to get the Grub Menu to appear. Press ‘a’ to do a one-time edit of the kernel options (you’ll see the line above appear) and add the number ’3′ (no quotes) to the end, like so:

kernel /vmlinuz-2.6.35.9-64.fc14.x86_64 ro root=UUID=00311e4e-0043-498c-8532-7301b19eae76 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet nouveau.modeset=0 3

This will do a one-time boot to Run Level 3, much like adding ‘single’ to the end of the above line would put you in to Single User Mode. Once you’re at the text-mode long prompt (at a really low screen resolution, I might add), login as root and browse to the folder you saved the driver binary to, then run it. Let it go through it’s process and create the files it wants to, and when it finishes, you’re almost done.

The last thing to do is make the framebuffer work on the correct resolution. In my case, my monitor uses 1680×1050 as it’s native resolution, so that’s what I want to set it to.

Reboot the computer again, and do the Tab key trick to get back to the Grub Menu. Once again, press ‘a’ to edit the kernel options and this time add ‘vga=ask’ in addition to the number ’3′ to the end of the line, and then press enter. You should get a list of the framebuffer modes. Find the one that matches your resolution, enter it (and make a note of it), and then press enter. When you get to the login prompt, you should see that everything is the correct size and resolution. If not, try again. For reference, 1680×1050 in 32bit colour for my GeForce 260 is mode 369.

Once you have the correct mode, we’re ready to make it permanent. Login as root and edit the ‘/boot/grub/menu.lst’ file again. Now add the following to the end of the kernel line:

vga=873 video=nvidiafb

eg, kernel /vmlinuz-2.6.35.9-64.fc14.x86_64 ro root=UUID=00311e4e-0043-498c-8532-7301b19eae76 rd_NO_LUKS rd_NO_LVM rd_NO_MD rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet nouveau.modeset=0 3 vga=873 video=nvidiafb

Where 873 is the the mode you entered above converted from hex to decimal (369 hex == 873 dec).

Save, reboot, and watch as both the framebuffer and Xorg now work at the proper resolution for your monitor. You’ll also now be able to turn on Desktop Effects in Gnome if you so choose.

Solution: Fonts Not Available in Adobe Products

November 5, 2010 / Laslow posted in howto, Short, Software, Troubleshooting, Windows / No Comments

Last month our in-house web-dev/graphic-designer moved across the country and I ended up taking over most of her responsibilities. This afternoon our General Manager asked me to put together a news paper ad, so I fired up Adobe Illustrator and grabbed a copy of our branding guide. After figuring out that I needed a few variants of Helvetica, I proceeded to hunt through the metric ton of fonts in Illustrators type menu, only to find all of my Helvetica fonts were missing.

Thinking this odd, I popped in to Microsoft Word and saw that yes, all of my fonts were there. Photoshop, though, wouldn’t show a number of them either. In fact, all of the missing fonts were Type 1.

As it turns out, Adobe doesn’t play nice with Type 1 fonts, and requires that you place them in following folder:

C:Program FilesCommon FilesAdobeFonts

Important: If you’re using a 64-bit version of Windows, place them in:

C:Program Files (x86)Common FilesAdobeFonts

Once you’ve copied the fonts to that folder (note that if you already have them in another folder, you can just add a shortcut to them instead), restart the Adobe product and it should show all of your fonts!

A PHP-Based Server Monitor

October 22, 2010 / Laslow posted in Hack, howto, Servers / No Comments

The other day I decided that the little ‘Network Monitor’ desktop gadget I was using to monitor my few servers just wasn’t cutting it. Instead, I wanted to make use of a spare iMac and have something a little flashier. A Google search for Server Monitors brought up a plethora of options that were either horribly ugly, platform specific, or just didn’t work the way I needed (most required that the target server be running some form of web server, such as IIS or Apache to retrieve headers to see if the server was up – most of my servers don’t run those). As such, I decided to write a small script from scratch.

I figured the easiest way to accomplish my goal of a platform-independent monitoring script was to use PHP. After enabling Apache2/PHP5 on my Snow Leopard-running iMac (a topic for another blog post later), I searched through the PHP.net function list until I found fsockopen(). This function is quite ideal, as it will work with any open port. The first step was to make a quick function to utilize fsockopen and return some testable results:

function checkServer($ip,$port)

{

$fp = fsockopen($ip,$port,$errno,$errstr,1);

if (!$fp)

{

return ‘Down’;

} else {

return ‘Up’;

}

}

I added this to a <?php ?> block in the <head></head> of the document – to call the function and perform the test, I used the following line below:

$servername = checkServer(’192.168.1.100′,’53′);

In this example I’m checking the availability of a DNS server, so I use port 53. When this runs, the $servername is set to either ‘Up’ or ‘Down’ depending on whether or not a connection can be opened on that port.

The only thing left now was to display this output. I made a fancy table-based page with graphics where each server is a cell and the background changes between green and red depending on the $servername value. However, all you really need is the code below in a <?php ?> block in the body of the page:

echo(‘Server Example Status: ‘.$servername);

Changing Example to the name of your server. If you have more than one server to check, just make another variable, use the checkServer function to give it a value (make sure to change the IP address and use an open port!), and then add another echo line.

That’s it! To be fancy, you can add a javascript automagic page refresh to – just change the <body> tag to:

<body onLoad=”Javascript:timedRefresh(30000); display();”>

And put the following in the <head></head> section:

<script type=”text/Javascript”>

<!–

function timedRefresh(timeoutPeriod) {

setTimeout(“location.reload(true);”,timeoutPeriod);

}

// –>

</script>

And you’re done! If the server is up, every 30 seconds your page will refresh and show:

Server Example Status: Up

IPTABLES Logging on a VPS

October 11, 2010 / Laslow posted in howto, Linux, Networking, Servers, Troubleshooting / 2 Comments

When you manage a *nix-based server, there are a few general guidelines that most admins follow; Doing things like setting a strong root password, changing SSHD to a non-standard port, and setting up logging are usually firsts. However, if you’re on a VPS, you may run in to a few issues (note that these instructions are for CentOS 5.x and may vary depending on your distro).

For example, when I was setting my the nice new VPS that I’m running this site from I attempted to enable IPTABLES logging to monitor attempts to get to the standard SSH port (22), and the port that I actually use for SSH (I won’t post the real one, but for the example I’ll use port 1234) with the following lines in “/etc/sysconfig/iptables”:

<Snip other rules>

-A INPUT -m state --state NEW -p tcp -m tcp --dport 1234 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "SSH Attempt on port 1234: "
-A INPUT -p tcp -m tcp --dport 1234 -j ACCEPT

<Snip even more rules>

-A INPUT -p tcp -m tcp --dport 22 -j LOG -m limit --limit 20/m --log-level warn --log-prefix "Dropped SSH on port 22: "

-A INPUT -j DROP

Note that you need to add the LOG lines before the ACCEPT and DROP lines. Only 20 lines will be logged per minute to prevent file sizes from going nuts in case of an attack.

After restarting IPTABLES with service iptables restart, I made a few access attempts and checked /var/log/messages — no log lines appeared, though. Then I realized I was missing something.

In “/etc/syslog.conf” I had to add the following to the end:

kern.=warn /var/log/firewall

I opted to log to firewall instead of messages simply to keep the file clean.

I restarted SYSLOG with service syslog restart, made a few more attempts, and still nothing was appearing in “/var/log/firewall” or “/var/log/messages”. However, typing dmesg showed the relevant lines:

SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0

So I knew that SYSLOG was working, however it wasn’t going all the way. Then I decided to see if KLOGD was running:

[root@vps ~]# ps aux|grep klogd

root 13632 0.0 0.1 7188 788 pts/0 S+ 00:07 0:00 grep klogd

So that means that KLOGD isn’t running, which is the cause of the problem! I checked “/etc/rc.d/init.d/syslog” and found that the KLOGD lines were commented out, as such:

<snip>

passed klogd skipped #daemon klogd $KLOGD_OPTIONS

<snip>

passed klogd skipped #killproc klogd

In the “start()” and “stop()” areas respectively. I simply removed the “passed klogd skipped #” parts, saved and ran service syslog restart and presto, KLOGD was up and running:

[root@vps ~]# ps aux|grep klogd

root 7542 0.0 0.0 3808 424 ? Ss Oct11 0:00 klogd -x

root 15402 0.0 0.1 7188 788 pts/0 S+ 00:13 0:00 grep klogd

I made a few more connection attempts and verified that now everything was working correctly:

[root@vps ~]# cat /var/log/firewall

Oct 11 23:47:06 vps kernel: SSH Attempt on port 1234: IN=venet0 OUT= MAC= SRC=10.0.0.1 DST=10.0.0.2 LEN=48 TOS=0×00 PREC=0×00 TTL=116 ID=28979 DF PROTO=TCP SPT=35291 DPT=1234 WINDOW=8192 RES=0×00 SYN URGP=0

Oct 12 00:13:03 vps kernel: Dropped SSH on port 22: IN=venet0 OUT= MAC= SRC=110.77.129.166 DST=10.0.0.2 LEN=60 TOS=0×00 PREC=0×00 TTL=45 ID=59383 DF PROTO=TCP SPT=33846 DPT=22 WINDOW=5840 RES=0×00 SYN URGP=0

Done and done! IPTABLES now properly logs to “/var/log/firewall” when someone attempts to hit port 22 or 1234.

TL;DR Version: If you want IPTABLES logging enabled on your VPS, follow the normal steps to enable IPTABLES logging and then make sure KLOGD is enabled in ”/etc/rc.d/init.d/syslog”.

Fixed: Can’t Resize Uploaded Images in WordPress

August 19, 2010 / Laslow posted in howto, Servers, Software, Troubleshooting / No Comments

Here’s one with an easy fix. If you’ve just installed WordPress on your server and can upload images but WordPress doesn’t let you resize them in the same form, SSH in to your server and do the following:

yum install php-gd

service httpd restart

And you’re done! …At least, as long as you’re using an RHEL-compatible Linux distro. If not, use your package manager of choice, or manually find and load the php-gd extension!

« Older Posts

LaslowNET