How to SSH In To Change Server Php Ini

[Wolfindustriesinc]

I can seem to find any IP to ssh in to change the PHP ini to allow more than 2mbs for upload, is this just pigeonholed to be used as is or is there any room to customize. I was looking for the bastion ip to be able to up the limit server side. Also to change the wp-config without the use of a plugin, becuase that can get shaky at times.

[RGuilfoyle]

From the EC2 console you should find the bastion Auto Scaling group. Edit the configuration to set min=1 and an instance should be launched. After a minute you can inspect the properties of the new instance in the console to find the public IP of the bastion that you can ssh into.

[Wolfindustriesinc]

And will that reflect the changes across the board?

[RGuilfoyle]

That will get you the ability to ssh to the WordPress server(s). I recommend trying this (and let me know how you get on);

1. Set the minimum and desired capacity of the WordPress Auto Scaling grout to 1
2. after a few minutes, only one WP instance should be running, make your changes here and test the site.
3. When you are happy you can create a new Launch Configuration for the WP Auto Scaling group (ASG) so that all future instances have this new config. see the docs here; http://docs.aws.amazon.com/autoscaling/latest/userguide/change-launch-config.html

Over the next weeks we will consider the best way to allow users to override some of these parameters. The above steps should do the trick in the meantime. (also, see Jimmy's steps in https://github.com/awslabs/aws-refarch-wordpress/issues/6)

Regards Ronan

[RGuilfoyle]

I apologise, I hadn't meant to close the issue. I have not tested this, but it appears that the setting can be configured on a per-directory basis (http://php.net/manual/en/ini.core.php#ini.upload-max-filesize)

Therefore an easier option might be to modify the .htaccess file, adding; php_value upload_max_filesize 20M

Please let me know if this works for you.

[darrylsosborne]

Right now I'm testing a new version that will allow you to configure this as a part of the cloudformation parameters. It will allow you to use a php.ini file that overrides the php.ini defaults. This will be available Monday (12/18).

[darrylsosborne]

Let me know if this is urgent and I'll get this fix pushed later today.

[Wolfindustriesinc]

I may just leave this till the 18th Ill try the per .htaccess its for a platform that will be funded so nothing is broken I am just getting things launched at this point and set up. But ran into this snag, which seems to be the someone you run into any cloud formation template, No one really gives you the option to set WordPress or server parameters like the ini. I mean all the power lifting is done and you can set up such a amazing infrastructure in a few clicks. So ill have to redeploy the Autoscaling group?

[darrylsosborne]

You'll have to create a new launch configuration with your changes and associate that with the ASG. All new instances that launch will use the new launch config. Existing instances are not changed. You could double the number of desired instances and allow the ASG to launch new instances (which will by launched using the new launch config). Once those are launched you can change the ASG desired instances back to the original value and it will terminate the older instances first (if using the default termination policy). It will drain the instances first before terminating, so it could take some time depending on the load on your site. Hope this helps.

[Wolfindustriesinc]

Rather than wrestling with this I think I'll wait and relaunch on the 18th I might try above suggestions but honestly at this point I am having trouble finding the config for php. I am used to AWS Ami but I am not seeing the PHP ini or the htppd.config, I checked the etc and var and even opt folders.

[darrylsosborne]

php.ini is in /var/www/wordpress/<<'WPDirectory'>> Other ini's are in /etc/php-7.0.d/ (if running PHP 7.0)

[Wolfindustriesinc]

For some reason Ill take a screenshot but my var has no www

[Wolfindustriesinc]

[darrylsosborne]

The 10.0.200.0/24 subnet is the public subnet for the bastion host. From the bastion host, did you SSH to one of the web instances? They should be in one of the 10.0.0.0/22 to a 10.0.20.0/22 subnets. I think you're still on the bastion host.

[Wolfindustriesinc]

I just followed the instructions above and puttyed in.

[darrylsosborne]

Ok.

Follow these steps (some you may have already done):

1) Set the desired & minimum instance count of the Bastion ASG to 1. 2) On your local machine, add the private key of your EC2 key pair to the ssh agent. Use these instructions https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/ 3) SSH to the bastion host by running "ssh -A ec2-user@{EC2-public-DNS-name}" 4) Once on the bastion host, ssh to a web instances by running "ssh ec2-user@{EC2-private-ip-address}"

[Wolfindustriesinc]

Keeps giving me Permission denied (publickey). And I followed the steps to adding the key and forwarding agent.

On Sat, Dec 16, 2017 at 4:14 PM, darrylsosborne notifications@github.com wrote:

Ok.

Follow these steps (some you may have already done):

1. Set the desired & minimum instance count of the Bastion ASG to 1.
2. On your local machine, add the private key of your EC2 key pair to the ssh agent. Use these instructions https://aws.amazon.com/blogs/ security/securely-connect-to-linux-instances-running-in-a- private-amazon-vpc/ https://aws.amazon.com/blogs/security/securely-connect-to-linux-instances-running-in-a-private-amazon-vpc/
3. SSH to the bastion host by running "ssh -A ec2-user@ {EC2-public-DNS-name}"
4. Once on the bastion host, ssh to a web instances by running "ssh ec2-user@{EC2-private-ip-address}"

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-352221414, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvL5AE2aY8TYSZdr4rr5eWEkXNFXiiks5tBFzSgaJpZM4REdPF .

[darrylsosborne]

I just pushed out 2.0.1 that includes the ability to upload a php.ini override file from S3. Lets do a screenshare session on Monday so we can get you connected to your web instances. Send me your contact info @ darrylo@amazon.com

[Wolfindustriesinc]

Sounds good, My ultimate goal was S3 to work on the media element stuff so that's perfect.

On Sat, Dec 16, 2017 at 7:33 PM, darrylsosborne notifications@github.com wrote:

I just pushed out 2.0.1 that includes the ability to upload a php.ini override file from S3. Lets do a screenshare session on Monday so we can get you connected to your web instances. Send me your contact info @ darrylo@amazon.com

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-352229310, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvL1A4CX-wOaHbVGCuVnGq4y9XH2Deks5tBIt1gaJpZM4REdPF .

[lfreneda]

@Wolfindustriesinc see: https://github.com/awslabs/aws-refarch-wordpress/issues/6

[lfreneda]

@darrylsosborne php-7.0.ini is not being override with cloudformation s3 configuration :(

[darrylsosborne]

Does the public has read access permissions on the ini override file?

[darrylsosborne]

Make sure you can download the ini file from any browser. This will verify that the EC2 instance can access the file and download it to the local /etc/ PHP version directory @ boot time.

[Wolfindustriesinc]

Will do and thank you again.

On Mon, Dec 18, 2017 at 12:56 PM, darrylsosborne notifications@github.com wrote:

Make sure you can download the ini file from any browser. This will verify that the EC2 instance can access the file and download it to the local /etc/ PHP version directory @ boot time.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-352555092, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvLz9i0i9PE5IgraLEhXD1OFPgmgmVks5tBtGOgaJpZM4REdPF .

[Wolfindustriesinc]

For some reason it keeps creating and termating instances and giving me a 502 at time, What did I screw up?

On Mon, Dec 18, 2017 at 1:22 PM, Dustin Lillard wolfindinc@gmail.com wrote:

Will do and thank you again.

On Mon, Dec 18, 2017 at 12:56 PM, darrylsosborne <notifications@github.com

wrote:

Make sure you can download the ini file from any browser. This will verify that the EC2 instance can access the file and download it to the local /etc/ PHP version directory @ boot time.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-352555092, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvLz9i0i9PE5IgraLEhXD1OFPgmgmVks5tBtGOgaJpZM4REdPF .

[darrylsosborne]

The Elastic Load Balancer (or the application load balancer) runs a health check against each instance in the ASG. The ping path is /wp-login.php and is configurable in the Target Group associated with the ASG. If it doesn't get a successful response (HTTP 200) from this healthcheck within the threshold (unhealthy threshold, timeout, interval) then it will terminate the instance and launch a replacement. Verify apache is running on each instance, that the security groups still allow HTTP traffic to the web servers from the ELB, and each instance can access /wp-login.php.

[Wolfindustriesinc]

It has something to do with when I switched it to multisite, for some reason when it gets a 302 on the /wp-login.php Becuase its a network redirect.

On Wed, Dec 20, 2017 at 6:15 AM, darrylsosborne notifications@github.com wrote:

The Elastic Load Balancer (or the application load balancer) runs a health check against each instance in the ASG. The ping path is /wp-login.php and is configurable in the Target Group associated with the ASG. If it doesn't get a successful response (HTTP 200) from this healthcheck within the threshold (unhealthy threshold, timeout, interval) then it will terminate the instance and launch a replacement. Verify apache is running on each instance, that the security groups still allow HTTP traffic to the web servers from the ELB, and each instance can access /wp-login.php.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-353073977, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvL4-Xxk0EOVF7DVO8dZKvrLcY6VU-ks5tCRaagaJpZM4REdPF .

[RGuilfoyle]

You can configure the ALB health checks to accept 200-399, thereby allowing the redirects. This can be configured in the templates. Try modifying the file aws-refarch-wordpress-03-publicalb.yaml as below; Find the section that creates "PublicAlbTargetGroup" and add; Matcher: HttpCode: '200-399'

Watch out for the correct whitespace/indents, the editor here removes them. http://docs.aws.amazon.com/elasticloadbalancing/latest/application/target-group-health-checks.html

[Wolfindustriesinc]

Worked perfectly thank you

On Thu, Dec 21, 2017 at 10:39 AM, Ronan notifications@github.com wrote:

You can configure the ALB health checks to accept 200-399, thereby allowing the redirects. This can be configured in the templates. Try modifying the file aws-refarch-wordpress-03-publicalb.yaml as below; Find the section that creates "PublicAlbTargetGroup" and add;

Matcher: HttpCode: '200-399'

Watch out for the correct whitespace. http://docs.aws.amazon.com/elasticloadbalancing/latest/ application/target-group-health-checks.html

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-refarch-wordpress/issues/14#issuecomment-353425363, or mute the thread https://github.com/notifications/unsubscribe-auth/AcSvLz4cEa854olwPjg-IHK9zK4sg40Kks5tCqXTgaJpZM4REdPF .

[samnangsokgit]

Hi Everyone, since PHP version is 7.2 right now, how to install/upgrade to the latest PHP version, can we change the template to be dynamic install php version based on "latest" like wp-install do?

Thanks.