KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

NGINX 1.11.7
Apache2 2.4.25

Use the following command to update modules.

# yum update

In this time update ,/etc/httpd/conf.d/http.conf and ssl.conf including mod_ssl package in Apache2 will rename be _http.conf and _ssl.conf
This ensures that the settings described in this file will be set as default.

There is not have any problem with excluding yum update but when install kusanagi-httpd with yum install,
depends to mod_ssl package installation, ssl.conf may automatically generated

In this case, use the following command to manually rename the file name.

# mv /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/_ssl.conf

KUSANAGI version upgrade details 8.0.2-2

KUSANAGI version upgrade details 8.0.2-2

The bug fix of KUSANAGI 8.0.2-1 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.2-2

# yum update

KUSANAGI 8.0.2-2 bug fixes

  1. Failure to register SSL certificate in CT log server
  2. Failure in DB registration or deletion

1. Failure to register SSL certificate in CT log server

We found out registration failed due to the service log server which provided by Google have been stopped even since KUSANAGI-8.0.1-1 have correspondence of transparency of SSL certificate.
In this case, some browsers such as Safari was function abnormally with using Let’s Encrypt SSL certificate.

KUSANGI-8.0.2-2

  1. Modification in CT log server
    The registration will modify to ct.googleapis.com/pilot、icarus、rocketeer、skydiver when ct.googleapis.com/aviator log service stopped
  2. Failure in processing registration into CT log server
    Error messages will show up to login to next log server when failed to register into CT log server. Empty SCT file will be delete after failed to register CT log server again.
  3. Make CT do not turn on when acquiring Let’s Encrypt SSL certificate
    Make CT do not turn on when acquiring Let’s Encrypt SSL certificate with kusanagi provision/ssl
  4. New option to prevent registration to log server when CT enabled

    Automatically registered the SSL certificate in the CT log server with kusanagi ssl --ct on, even commercial SSL certificate already registered in CT. Therefore, when specified with --noregister either --noregister option will stop the registration to log server
    Example)

    kusanagi ssl --ct on --no-register profile name

2.Failure in DB registration or deletion

There was a issue in DB deletion has been failed with kusanagi remove that DB which obtained a symbol included DB name.
This bug has been fixed in this time update.

Simply Fast WordPress [14] – Using KUSANAGI – Adding Always-On SSL and HTTP/2 (Part 2. SSL Server Certificates for Business)

This is a series of articles explaining how to speed up WordPress, the use of which is growing rapidly for CMS-based business sites and media sites. This time, we will explain how to install Always-On SSL with SSL server certificates for business, and HTTP/2.

Last time, we explained how to install Always-On SSL and HTTP/2 using free SSL certificates from Let’s Encrypt.

This time, we will explain the significance of using SSL server certificates for business-use from services like Digicert, Globalsign, Network solutions, and Symantec. We will also explain how to install them along with HTTP/2. In this article, we assume that you have provisioned WordPress with KUSANAGI, so it is recommended that you read “Using KUSANAGI – Adding Always-On SSL and HTTP2 (Part 1. Let’s Encrypt)” first.

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

PHP7 7.0.14 WordPress 4.7

Use the following command to update modules.

# yum update

KUSANAGI version upgrade details 8.0.2-1

KUSANAGI version upgrade details 8.0.2-1

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.

# yum update

KUSANAGI 8.0.2-1 Bug Fixes

  1. Error detection in rootkit check tool

1. Error detection in rootkit check tool

Detected some issues with using chkrootkit,rkhunter tools,
RH-Sharpe’s Rootkit which located in /usr/bin/wp including kusanagi-wp-cli have been detected
As a result, it’s determine as error detection from the following.

  1. chkrootkitandrkhunter
    「RH-Sharpe’s Rootkit」will check only whether the designated file exists, but does not check the contents.
  2. The RPM which created by us is same as checksum which placed in /usr/bin/wp
  3. Virus is not detected when checking /usr/bin/wp included kusanagi wp-cli with Virus Check tool

This erroneous detection will occur in the future if we continue with using “RH – Sharpe’s Rootkit” old rootkit, it’s difficult to notify multiple rootkit detection tool developers , as solution we changed the path to /usr/local/bin/wp.
After this update , it’s confirmed that rootkit is not detected withchkrootkiteitherrkhunter.

Please notice the following after update done

  1. When using the wp command as the root user, change alias of the wp command which set with .bashrc and use /usr/local/bin/wp.
    After executing yum update, please login again to make sure the alias of the new wp command is valid.
  2. Make sure to include /usr/local/bin when using wp commands as kusanagi user.

Simply Fast WordPress [13] – Using KUSANAGI – Adding Always-On SSL and HTTP2 (Part 1. Let’s Encrypt)

This is a series of articles explaining how to speed up WordPress, the use of which is growing rapidly for CMS-based business sites and media sites. This time, we will add support for Always-On SSL and HTTP/2 to our WordPress site, and explain how to get a free SSL certificate from Let’s Encrypt.

In the last issue, we verified how fast KUSANAGI, the “1000x speed tuned” virtual machine for WordPress, really is.
In this practical guide, we will enable Always-On SSL and the high-speed transfer protocol HTTP/2 on a WordPress site. We will also explain how to get a free SSL certificate from Let’s Encrypt.

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

NGINX 1.11.6

Use the following command to update modules.

# yum update

Simply Fast WordPress [12] – How fast is KUSANAGI, the “1000x speed” WordPress virtual machine?

This is a series of articles explaining how to speed up WordPress, the use of which is growing rapidly for CMS-based business sites and media sites. In his article, we will verify just how fast KUSANAGI is when operated on a public cloud.

Last time, we introduced seven merits of running a KUSANAGI, the WordPress 1000x speed-tuning virtual machine.
This time, we will launch KUSANAGI on a public cloud service, and verify its speed. We will use KUSANAGI for AWS (Amazon Web Services) and compare the results to the results from our speed-tuning efforts in articles 2-10.

KUSANAGI module update

The modules that composed KUSANAGI had been updated. The new versions are as follows.

WP CLI 0.25.0

Use the following command to update modules.

# yum update

KUSANAGI version upgrade details 8.0.1-2

KUSANAGI version upgrade details 8.0.1-2

The bug fix of KUSANAGI 8.0.0 is done.
If you are currently using a previous version, please enter the following command as root user to upgrade to 8.0.1-2.

# yum update

KUSANAGI 8.0.1-1 Bug Fixes

  1. Apache configuration when kusanagi provision/setting specifies FQDN with www
  2. Kusanagi Package update issue

1. Apache configuration when kusanagi provision/setting specifies FQDN with www

If specifies www.example.com either example.com as FQDN with kusanagi provision/setting both will be set as VirtualHost, but we defined the second FQDN is not set as ServerAlias instead ServerName in Apache configuration.
In this patch, correctly set the second FQDN as ServerAlias ​​issue has been solved in this case.

2. Kusanagi Package update issue

There was a issue that yum update freezes when updating kusanagi package. In this patch , this issue has been solved.