How to setup mod_security with ServerPilot

modsecurity serverpilot

Serverpilot is a hosted control panel for setting up and managing LAMP/LEMP stacks on Ubuntu servers. Just like any other control panel it can be installed with a single command. ServerPilot is simple to use and does not install unnecessary packages like other commercial control panels.

I had written an article for DigitalOcean on setting up mod_security on Apache. Since I found several DO users using ServerPilot to manage their Droplets I wanted to do a small piece on configuring mod_security on ServerPilot managed Ubuntu servers. ServerPilot supports custom .conf files for Apache making it easier load additional modules. This tutorial with be brief, for a detailed explanation please read the guide I wrote for DigitalOcean.Continue Reading…

Avast Antivirus Redistributable Download Link

avast redistributable thumbnail

The download link available on the official Avast website links to the web installer of Avast free antivirus. Installing Avast using this file requires an active Internet connection for the full package to be downloaded. Googling “Avast redistributable download” brought up a lot of spammy looking websites which hosted the file on file sharing sites.

I got hold of the direct Avast redistributable download URL:

Don’t forget to share this on your favourite social networks.

How to prevent WordPress comment Spam using JavaScript


Akismet does a great job in catching comment spam but it is still inserted into the database causing it to bloat over time. So I developed a small WordPress plugin that stops 99% of the comment spam (atleast for me). It uses JavaScript to dynamically add a “hidden” input field to the comments form. A visitor making a comment will also “POST” this value which will be verified before the comment is inserted into the database. No more pesky captchas or asking users to solve dumb calculations.Continue Reading…

Please fix your Plugin screenshots


This is a mistake committed even by people I consider the Gods of WordPress (as you’ll see in the screenshot below) and plugins with a million downloads. Even the plugin’s created by the plugin reviewers weren’t spared. Rather than a mistake I would say they all overlooked this minor setting that can ruin a plugin hunter’s experience.

The plugin repository has (or rather had) an annoying feature, when you click on a plugin screenshot on the hopes of viewing it larger the browser pops up the download box like this:
Continue Reading…

How to fix connect() to php5-fpm.sock failed (13: Permission denied) while connecting to upstream Nginx error

nginx php5 fpm socket permission denied thumbnail

I encountered this problem after updating PHP to 5.5.12. I use Nginx with PHP5 FPM and after the updating PHP I was seeing 502 Gateway Error pages. Nginx’s error log file (/var/log/nginx/error.log) had the following in it:

2014/05/08 06:22:24 [crit] 24538#0: *292759 connect() to unix:/var/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream, client:, server:, request: "GET /wordpress-custom-403-401-error-page/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: ""

It was clear that Nginx couldn’t access PHP FPM’s socket file due to insufficient permissions. But everything was working fine till I updated PHP so something had changed in version 5.5.12.Continue Reading…