Posts Tagged ‘WordPress’

WordPress install on Win 2008 R2

I’ve installed WordPress websites several times on various Linux distros w/o issue but today I needed to install WordPress on a Windows 2008 R2 Server for the first time. Thankfully WordPress.org had an entire webpage up on just how to do it. Looks like they’re using a Microsoft publishing site called Web App Gallery or Web Platform Installer to install not only WordPress but also any dependencies and also do the initial configuration. The only problem I had was getting WordPress to update itself via FTP. Not only do you need to install the FTP server under the IIS additional roles but you need to explicitly give that FTP user account modify & write permissions to your wwwroot folder which is housing your WordPress files.

WordPress IIS page:
http://codex.wordpress.org/Installing_on_Microsoft_IIS

Microsoft’s Web App Gallery page:
http://www.microsoft.com/web/downloads/platform.aspx

WordPress password recovery for when things go horribly wrong

  One of my relatives, whom I’m hosting a WordPress site for, recently forgot their administrator password and couldn’t get into their WordPress Dashboard. I of course being the server provider was able to see the actual user table where their account was stored inside of MySQL but wasn’t able to interpret the password since it’s stored as a hash. We tried several times to retrieve the password using the “Lost your password?” option on the user login screen but I guess his work was filtering the emails. So, I started doing some digging around. A number of folks said to use PHPMyAdmin to manipulate the database that’s connected to the WordPress blog and change it that way. To that I reply, “Over my dead body.” I refuse to install PHPMyAdmin on a production machine since it simply opens up yet another attack vector. So digging a little bit deeper past the PHPMyAdmin recommendations I found the emergency.php script for WordPress. Essentially this is a drop-in PHP page that you FTP to your website, use it once and quickly delete it! It allows you to reset your WordPress admin account password for those times when you’ve forgotten the password. Again, I can’t say it enough, remove the file afterwards else someone else stumbles upon your emergency.php page and resets your password w/o your authorization!

Couple of links that might be helpful:

http://lorelle.wordpress.com/2009/02/06/the-agony-of-the-lost-wordpress-password/
http://codex.wordpress.org/Resetting_Your_Password
http://codex.wordpress.org/User:MichaelH/Orphaned_Plugins_needing_Adoption/Emergency

Return top