Webinoly

Optimized WebServer

Home » Documentation » Webinoly Settings

Webinoly Settings

The command “Webinoly” allows us to make some changes in the configuration, as well as to consult some aspects of the web server. We will explain in detail the use of this command.

Syntax: 

sudo webinoly <option>

Options:

  • -backup
  • blockip
  • -clear-cache
  • -conf-value_
  • -config-cache
  • -datadog
  • -db-import
  • dbpass
  • -default-site
  • -email
  • -external-db-save
  • -external-sources-update
  • -header-csp
  • -header-hsts
  • -header-referrer
  • -info
  • -login-www-data
  • mysql-password
  • -query-string-cache
  • -query-string-never-cache
  • -timezone
  • -tools-port
  • -tools-site
  • -server-reset
  • -skip-cache
  • -skip-cookie-cache
  • smtp
  • -uninstall
  • -update
  • -verify
  • -version

Examples: 

# Check for Webinoly updates
sudo webinoly -update

# SFTP Access
sudo webinoly -login-www-data=on

# Purge Cache
sudo webinoly -clear-cache

# Backups
sudo webinoly -backup=s3 -profile=mysite

# Server timezone
sudo webinoly -timezone

Tools & Updates

Very useful commands and tools. Don’t forget to keep your system updated!

How do I upgrade to the latest version of Webinoly?

It is very simple, you just have to execute the following command and it will download and install the most recent version of this application. 

sudo webinoly -update

It is important to note that this command only updates the Webinoly app, not the other packages installed in the server. You should run a server update and upgrade sudo apt update && sudo apt -y upgrade at least once a month.

Recover MySQL username and password

Webinoly saves a copy of users and passwords generated automatically during the installation of MySQL since these data are necessary to execute some commands, like the creation of the database for WordPress sites, among others. 

sudo webinoly -dbpass

The “raw” option is also supported to remove format: sudo webinoly -dbpass -raw.

Change MySQL password

We can only modify the password of the “root” and “admin” users, they are the only ones that Webinoly saves and uses to work. 

sudo webinoly -mysql-password

We can also use it in the following way: sudo webinoly -mysql-password=[user,pass].

Access to phpMyAdmin and other tools

At any time you can modify the access port (0-65535), by default we use port 22222 or the one you chose during the initial installation. 

sudo webinoly -tools-port

In the same way, you can automate the execution of the command as follows: 

sudo webinoly -tools-port=19816

It is also possible to define an existing domain for “only access” to these tools. 

sudo webinoly -tools-site=example.com

Any request from another domain will be blocked.

Now you can access your tools using example.com:19816 from your browser. If you want to reset and remove any domain previously set, use the default option: sudo webinoly -tools-site=default.

Import MySQL database

Import a MySQL database directly from the command line.

sudo webinoly -db-import
# Examples
sudo webinoly -db-import -file=/folder

# Support for external database
sudo webinoly -db-import -file=/folder -external-db=[user,pass,host:port]

In case you need to export a database you can use our own tool to make a local DB backup of your site.

NGINX & FastCGI Cache

NGINX and FastCGI Cache global configuration and management.

FastCgi Cache settings

Webinoly configures three time values for Cache retention.

  • HTTP Code 200: Successful requests.
  • HTTP Code 301, 302, 303, 307, 308, 404, 410, 451: Redirects and pages not found.
  • Inactivity time: Remove cached data that has not been accessed in the specified time.

To modify the configuration you only have to execute the following command: 

sudo webinoly -config-cache

The time parameters must be entered in the following format:

  • s – seconds
  • m – minutes
  • h – hours
  • d – days
  • w – weeks
  • M – Months
  • y – years

The command also allows to automate its execution of the following way: 

sudo webinoly -config-cache=[10d,1w,5m]

The first argument is the response for 200 codes, the second the downtime and the third for redirects.

Clear/Purge Cache

Options:

  • fastcgi
  • redis
  • memcached
  • opcache
  • all
  • <domain>
# Example:
sudo webinoly -clear-cache=fastcgi
sudo webinoly -clear-cache=all

# Sites with Custom Cache
sudo webinoly -clear-cache=example.com
sudo webinoly -clear-cache=example.com -subfolder=/test

Exclude URL from Cache

Exclude an URL from being cached by FastCGI.

sudo webinoly -skip-cache=/page

This group of pages is included by default in WordPress Cache (NOT apply for Custom Cache):

(/xmlrpc.php|wp-.*.php|index.php|/feed/|.*sitemap.*\.xml|/feed/|/account/|/add_to_cart/|/cart/|/my-account/|/checkout/|/logout/|/wp-admin/)

Examples:

# Exclude one page
sudo webinoly -skip-cache=/test

# Regex supported (sensitive|insensitive)
sudo webinoly -skip-cache='^(one|two)$' -regex=insensitive

# List of pages excluded
sudo webinoly -skip-cache -list

# Remove page from being excluded
sudo webinoly -skip-cache=/test -delete

The -regex option allows us to use regular expressions and on the command line must be written using single quotes, as in the example above. And it supports the following options:

  • sensitive – Case sensitive.
  • insentive – Case insensitive.
  • longest – Specifies the best option and does not continue evaluating regular expressions.

Check the official documentation and some examples about using regular expressions in Nginx.

The -list -raw option is supported.

Exclude Cookie from Cache

Cache is disabled when this cookie is present.

sudo webinoly -skip-cookie-cache=<cookie>

This group of cookies is included by default in WordPress Cache (NOT apply for Custom Cache):

comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|[a-z0-9]+_items_in_cart|[a-z0-9]+_cart_hash

Examples:

# Add a cookie to exclude
sudo webinoly -skip-cookie-cache=wordpress_logged_in

# Regex supported (sensitive|insensitive)
sudo webinoly -skip-cookie-cache='^(one|two)$' -regex=insensitive

# List of cookies excluded
sudo webinoly -skip-cookie-cache -list

# Remove cookie from being excluded
sudo webinoly -skip-cookie-cache=wordpress_logged_in -delete

The -regex option allows us to use regular expressions and the same options are supported as described above for -skip-cache.

The -list -raw option is supported.

Query-String support in Cache

URL’s that contains query-strings are never cached by default. You can specify some exceptions to be cached.

sudo webinoly -query-string-cache

Also, you can specify which query-strings (if present), should never be cached.

sudo webinoly -query-string-never-cache
# Example:
sudo webinoly -query-string-cache=one
sudo webinoly -query-string-never-cache=two

# example.com/?one=true&three=true  (Cached)
# example.com/?one=true&two=true  (No-Cached)

-----

# Remove query-string
sudo webinoly -query-string-cache=one -delete
sudo webinoly -query-string-never-cache=two -delete

# Lists supported
sudo webinoly -query-string-cache -list
sudo webinoly -query-string-never-cache -list

The -list -raw option is supported.

Block and deny IP address

To restrict access in Nginx to a specific IP or block of addresses. 

sudo webinoly -blockip=123.231.12.31

In the same way we can use the -purge option to remove it from the list of blocked addresses.

Or to list all the IP’s that have been blocked: 

sudo webinoly -blockip -list
# Tip - RAW option is supported to remove format.
sudo webinoly -blockip -list -raw

# Remove IP from the list
sudo webinoly -blockip -purge
sudo webinoly -blockip=123.231.12.31 -purge

Default Website

If you access your server from your browser using the IP of the server you will see the Welcome page of Nginx, which is the answer that is configured by default.

Webinoly allows you to customize the site or answer by default. 

sudo webinoly -default-site=<option>
  • default – Nginx default behavior.
  • blackhole – Any request that does not correspond to an existing domain in the server will return a 444 code in response or in other words, the server will not respond to those requests.
  • domain – Define an existing domain or site as default response to any request.

More complex solutions can be created according to your needs, for example: create a site with a forwarding domain configuration in Webinoly and set it as default-site, then all these request will be redirected to a different server.

HTTP Headers Configuration

Custom HTTP Headers supported:

  • Referrer-Policy
  • HTTP Strict-Transport-Security (HSTS)
  • Content-Security-Policy
These headers are also added but cannot be customized:

X-Frame-Options SAMEORIGIN
X-Content-Type-Options nosniff
X-XSS-Protection "1; mode=block"

Referrer Policy

Please, read the oficial documentation before any modification: Referrer Policy

sudo webinoly -header-referrer

Supported values:

  • no-referrer
  • no-referrer-when-downgrade (default)
  • origin
  • origin-when-cross-origin
  • same-origin
  • strict-origin
  • strict-origin-when-cross-origin
  • unsafe-url

HTTP Strict Transport Security

Please, read the oficial documentation before any modification: HTTP Strict Transport Security

sudo webinoly -header-hsts

Supported values:

  • <number>
  • preload
  • default
  • off
# To test before preload (Any number less than 1y)
# Strict-Transport-Security: max-age=300; includeSubDomains
sudo webinoly -header-hsts=300

# Preload option enabled
# Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
sudo webinoly -header-hsts=preload

# To restore the default value
# Strict-Transport-Security: max-age=31536000
sudo webinoly -header-hsts=default

After “preload” is enabled you should submit your site here: HSTS Preload

Content Security Policy

Please, read the oficial documentation before any modification: Content Security Policy

sudo webinoly -header-csp

Supported values:

  • reload
  • off

The content of this header can be long and complex, so it is not supported on the command line as it is usually done in Webinoly.

# Enter this command and then you will be asked to enter the custom content for this header.

sudo webinoly -header-csp

Another option for unattended scripts you can create a file /opt/webinoly/templates/source/csp_webinoly.data and then use the reload option. In one line, without double-quotes, only the first line of the file will be readed and loaded.

Example:

default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'

And then, just run: sudo webinoly -header-csp=reload

For testing you can use the Content-Security-Policy-Report-Only instead. To enable this feature use the -csp-report-only=on parameter.

Server Management

Server management tools and configuration.

Allow SFTP access to www-data user

Very useful for uploading files through SFTP, this user has very limited access permissions and can only be used to log in through SFTP and with access only to the file folders of your websites. 

sudo webinoly -login-www-data=on

You can block the access at any time. 

sudo webinoly -login-www-data=off

* In case you are using SSH keys, www-data user will use the same SSH Keys as the main user.

Set Timezone

This command will set the timezone in PHP and in Ubuntu operating system. 

sudo webinoly -timezone

You can also directly pass the data in the following way: sudo webinoly -timezone=America/Mexico_City. Check the supported timezones.

SMTP setting for sending emails

Postfix is always installed with Webinoly for sending emails, for instance, all your WordPress sites notifications, and now you can also configure it to send emails using an external SMTP provider such as Amazon SES, Mandrill, Mailgun, SendGrid or any other provider. 

sudo webinoly -smtp

All the server outgoing emails from any of your websites will be sent through this service.

# Test the SMTP service from command line:
echo "Subject: test" | sendmail user@example.com

# Remove the SMTP configuration and use the Postfix default configuration
sudo webinoly -smtp -purge

# Tip for Unattended Scripts
sudo webinoly -smtp=[smtp_host,user,password,mainhost]

The “mainhost” refers to the domain that will be used by default to send emails when this data is not provided and it must be an existing domain on the server.

Backups

Webinoly has support for automated backups:

  • Export/Import server or site
  • Local WordPress database backup
  • Backups to S3 (AWS)
sudo webinoly -backup

* You can manually configure any backup supported by Duply and Duplicity: Amazon S3, Backblaze B2, DropBox, FTP, GIO, Google Docs, Google Drive, HSI, Hubic, IMAP, local filesystem, Mega.co, Microsoft Azure, Microsoft Onedrive, par2, Rackspace Cloudfiles, rsync, Skylabel, ssh/scp, SwiftStack, Tahoe-LAFS, WebDAV.

Export/Import server or site

Export server settings and sites:

sudo webinoly -backup=local -export

Options to import on a new server:

  • full – Configuration and sites.
  • stack – Only configuration.
  • sites – Only sites.
sudo webinoly -backup=local -import=full

When configuration is imported, all the packages will be installed and configured based on the exported configuration. For example, you can install Webinoly using the option “0” on a new and fresh server and build (import) your stack based on an exported configuration.

# Export server
sudo webinoly -backup=local -export

# Import on a new server
sudo webinoly -backup=local -import=full -file=/folder/name

To export/import a specific site:

# Export a site
sudo webinoly -backup=local -export=example.com

# Import a site
sudo webinoly -backup=local -import -file=/folder/name

# Import and overwrite an existing site
sudo webinoly -backup=local -import -file=/folder/name -overwrite=on

Due to Let’s Encrypt (certbot) limitations, it is not possible to export/import an SSL certificate from a particular site. However, when a complete server is exported/imported we can move all of them.

When export/import you can use the -skip-db to not include the database. Also, a custom file name and path can be defined for the exported output file: -filename=test.bkp -destination=/folder.

WARNING: The –subfolder=/test parameter is still not supported for exporting one particular site or for local WP database backups. Also, you will find some errors when exporting sites with -cache=custom enabled. This is not an issue when exporting/importing the whole server. It will be fixed soon!

Local WP database backup

At any moment you can make a database backup of any database or WordPress site and it will be saved locally in your server storage.

sudo webinoly -backup=local
# Examples for WP sites
sudo webinoly -backup=local -wp=example.com -destination=/folder

# Default destination: $HOME/webinoly-backups/example.com
sudo webinoly -backup=local -wp=example.com

# Limit the number of backups to keep (-max) and send it to S3
sudo webinoly -backup=local -wp=example.com -destination=/folder -max=5 -bucket=bucketname/folder

* The “max” option deletes any file in the destination directory.

In case of your WP site is connected to an external database, you will be asked to enter the username and password. To skip these questions you can use the -external-db=[user,pass] option.

# Example using DB name
sudo webinoly -backup=local -dbname=db_name

# External Database
sudo webinoly -backup=local -dbname=db_name -external-db=[user,pass,url:port]

To save the backup file with a specific name you can use the -filename=db.sql parameter.

Backups to AWS S3

Incremental backups of any folder and send it to S3.

Create as many profile backups as you need.

sudo webinoly -backup=s3

There are some similar services that offer S3 compatibility. Webinoly is configured to accept only names that comply with the official bucket naming convention. If you want to use a service compatible with S3 and you need to enter the URL, you can do it by creating the profile and later editing the profile configuration file to modify the bucket name manually and enter the desired URL.

Before you can make a backup, you need to have your IAM Credential with full access to S3 service.

sudo webinoly -aws-s3-credentials
# To skip questions (unattended)
sudo webinoly -aws-s3-credentials=[aws_access_key_id,aws_secret_access_key]

sudo webinoly -backup=s3 -profile=name -bucket=bucketname/folder -source=/folder -max-age=2M

# For AWS EC2 instances linked to an IAM Role
# This way it is not necessary to save credentials on the server.
sudo webinoly -aws-s3-credentials=awsiamrole

The -max-age argument is optional and is the time frame for old backups to keep, the default value is 1M and format is (s, m, h, D, W, M, Y).

To run a new backup:

sudo webinoly -backup=s3 -run

Delete an existing profile:

sudo webinoly -backup=s3 -delete

List profiles:

sudo webinoly -backup=s3 -list

Display info about an existing profile:

sudo webinoly -backup=s3 -info

Restore or recover the most recent backup:

sudo webinoly -backup=s3 -restore

If you are restoring your data in a different server, just create the same profile with the same data pointing to the same S3 bucket.

# Backup recover one file
sudo webinoly -backup=s3 -restore=/folder/file.exe -destination=/folder/file.exe

# Backup recover one specific folder
sudo webinoly -backup=s3 -restore=/folder -destination=/folder

# Backup recover from an specific date
sudo webinoly -backup=s3 -restore -destination=/folder -date=2020/4/27

# Date format supported:
2020-01-25T07:00:00+02:00 (full date time)
2020/3/5 (YYYY/MM/DD)
12D (12 days ago)
1h78m (1 hour 78 minutes ago)

You can always use -profile=name to skip questions and -list -raw is supported to remove format characters.

Using the -add-db-pre option allows you to configure an automatic backup of a database immediately before executing the selected S3 profile.

sudo webinoly -backup=s3 -add-db-pre=example.com
# Example
# DB backup every time S3 profile backup runs.
# Limit to 5 files to keep in DB local backup folder.
# Also, send the DB backup to a different bucket.
# DB is now backed up in 3 different locations: local folder (default), S3 backup profile and S3 bucket for DB.

sudo webinoly -backup=s3 -add-db-pre=example.com -max=5 -bucket=bucketname/folder

If your site is connected to an external database, the -add-db-pre option can only be used if your DB credentials are saved with -external-db-save.

# List PRE backups configured
sudo webinoly -backup=s3 -add-db-pre -list

# Remove all the PRE backups
sudo webinoly -backup=s3 -add-db-pre -purge

The -list -raw option is supported to remove format characters.

Send file to S3

Send a single file to AWS S3.

sudo webinoly -backup=s3 -send-to-s3=/file -bucket=bucketname/folder

Datadog integration

Datadog is an external service for monitoring servers and applications, through a SaaS-based data analytics platform.

sudo webinoly -datadog

You only need an API key and Webinoly will automatically install and configure the Datadog agent on your server, including integrations with Nginx, PHP-FPM, MySQL and Redis, in addition to the logs of each service and each site hosted on your server.

# Examples:
# Full installation
sudo webinoly -datadog

# Install only the agent, without integrations or logs.
sudo webinoly -datadog=123456789 -integrations=off -logs=off

# Set up an integration (nginx, fpm, mysql, redis)
sudo webinoly -datadog -integrations=nginx

# Remove an integration
sudo webinoly -datadog -integrations=nginx -purge

# Configure the logs of an integration (on/off)
sudo webinoly -datadog -integrations=nginx -logs=on

Remember that in order to see the integrations data from your server, you need to manually install each of them in your Datadog account (Integrations menu). Also, for “Logs” you need to have an active plan with “Log Management” included in your Datadog account.

To completely remove Datadog from your server:

sudo webinoly -datadog -purge

Update, modify or reset server settings

This is an advanced function and you only have to make this type of modifications if you know the impact and result that could cause in the behavior of your server, otherwise we recommend to keep the configuration set by default.

The Webinoly configuration file is located in /opt/webinoly/webinoly.conf and only the following variables can be updated manually, you must be careful not to modify any other values.

  • max-mb-uploads
  • redis-max-mem
  • swap-mem
  • php-max-mem
  • php-max-time
  • php-max-child
  • php-pm
  • php-info
  • fd-ratio
  • nginx-fd-ratio
  • nginx-ppa
  • xmlrpc
  • dbrole
  • log-lines
  • debug

To modify a variable in the configuration file you can use the command -conf-value_<variable>=<value> as follows: sudo webinoly -conf-value_max-mb-uploads=100.

Server Reset

After any modification to the Webinoly configuration file, you should do a -server-reset to changes take effect, this command can update the configuration of a specific package (nginx, php, all) in the following way: sudo webinoly -server-reset=php. If the packages (stack) have not been installed yet, the values will be loaded automatically when you do the installation, if they are already installed, the current configuration will be updated and any changes made manually by the user will be lost.

Also, the -server-reset option can be used in many different situations when you want to restore the default configuration or remove unwanted changes you probably made manually.

For example, when you update your hardware specs, more RAM was added, you can update your server configuration with server-reset to take the new values. Also, the permissions (755 and 644) and owner (www-data) on the folders and files of your sites will be restored.

The size of the SWAP file is calculated according to the amount of RAM available, if you need to force Webinoly to recalculate this value, you must use the parameter -recalculate=on.

Configuration File

max-mb-uploads – Defines the maximum size of an uploaded file, by default a value of 50 (MB) is declared.

redis-max-mem – It establishes the memory limit that Redis can use and is a percentaje of the total RAM available, default value is 10.

swap-mem – Webinoly automatically creates a SWAP memory partition, the size is determined based on the amount of RAM installed on your server.

php-max-mem – It establishes the memory limit that a PHP script can use, it is a direct adjustment to the memory_limit variable in the php.ini file.

php-max-time – It directly affects the PHP variables max_execution_time and request_terminate_timeout, the default value is 300.

php-max-child – Determine the maximum number of max_children processes in PHP, also known as “PHP Workers”. Webinoly automatically adjusts this value according to the resources available on the server. Modifying this value can have serious consequences on server performance, it is not recommended to modify it.

php-pm – Webinoly automatically adjusts this value according to the resources available on the server. Modifying this value can have serious consequences on server performance, it is not recommended to modify it. You can force one of the options (ondemand, dynamic or static).

php-info – By default, all PHP Webinoly sites created from version 1.12.0 have support for PATH_INFO. With the value “false” you can remove the support in the newly created sites. WordPress sites do not have support for PATH_INFO as it is not required.

fd-ratio – Linux automatically configures the “file descriptors” limit based on system RAM. More or less it is based on 10% of the RAM taking 1kb for each file to calculate that value. This variable in the configuration file modifies the percentage of RAM taken to perform this calculation.

nginx-fd-ratio – From the total of file descriptors calculated in the previous variable, the percentage assigned or allowed to be used or available for Nginx is calculated. That is, this variable is a percentage of the previous total.

nginx-ppa – We can choose the option “mainline” or “stable”. This option only works before Nginx is installed.

xmlrpc – You can completely block or have limited access to this WP file (blocked, limited, open), default is “limited” that means that only 1 request per second is allowed.

log-lines – It establishes the number of lines that the output of the log command will have, the default value is 10.

dbrole – Default DB user privileges when a site with MySQL is created. By default we use “full” and “limited” is the minimun necessary for WP sites (basic, limited, complete, full, all). The “all” privileges option is not allowed in some external services like AWS RDS.

# Numeric value in Megabytes
max-mb-uploads:100
php-max-mem:256

# Numeric value in Gigabytes
swap-mem:2

# Numeric value in % percentage
fd-ratio:50
nginx-fd-ratio:80

dbrole:limited
nginx-ppa:mainline
xmlrpc:blocked
log-lines:20
debug:true

Use debug:true to create SSL certificates in testing environments (Let’s Encrypt Staging Enviroment).

Integrity test

At any time you can verify the integrity of the files related to Webinoly and your web server. 

sudo webinoly -verify

This will run a scan for all the main files and check some basic aspects of your configuration.

System information

To see all the information regarding the installation, configuration and optimization made by Webinoly on your server. 

sudo webinoly -info

Normally we use it to debug and detect any errors if necessary.

You can also check the Webinoly version: sudo webinoly -version (-v, -V).

  • Webinoly Version – This is the official version, with each improvement to the Webinoly commands a new version is released.
  • Stack Version – This is the version of your web server configuration, we regularly improve the Webinoly commands, but on very few occasions we modify or update the configuration we use for Nginx, PHP or the server in general. Although it is not recommended, if you made any manual changes to the server configuration, it is very likely that it will be lost or overwritten during this update.

Uninstall Webinoly

Although we regret that you make this decision, the following command will completely remove Webinoly and all its files from the server. 

sudo webinoly -uninstall

Notes:

  • This action will not delete your websites.
  • The configuration of your server, as well as the installed packages will not be affected or uninstalled.
  • The Webinoly commands to create and manage your server and websites will be removed and will no longer be available for use.

If you want to reinstall Webinoly your previous configuration will be recovered, in case you don’t want to generate this recovery file during the uninstall process you can use the -no-recovery parameter.

For a complete removing Webinoly guide, check our FAQ section.

If you have any suggestions, ideas, or comments, or if you (gasp!) found a bug, join us in the support forum.