Category Archives: How-to

Migrating WordPress to Amazon Lightsail

What is Amazon Lightsail?. If you are new to AWS and looking to… | by Kunal  Yadav | Level Up Coding
Amazon Lightsail Logo

I’ve recently migrated this blog to Amazon Lightsail along with moving some of my domains to AWS Route 53. Since I’ve started this blog I had it hosted in different places – Synolgy NAS device at my home, SiteGround, Gandhi… As I recently dived into AWS certifications it gave me extra incentive to use and explore AWS services and in course of preparation for AWS Certified Cloud Practitioner I had to look at Amazon Lightsail and realized that that was exactly I was looking for while struggling with excessive complexity and enterprise level pricing of AWS service offering.

Amazon Lightsail intended use case is to offer AWS for developers who need to start quickly and have no expertise nor desire to deal with complexity and plethora of functions of standard AWS service offering which can scare away any newcomer by sheer number of services and additional features. So for AWS exams test takers this service shows up only in scenarios where they ask you which service you need to recommend for developers who don’t have AWS expertise or any advanced AWS features. So it is kind of “AWS made easy”.

I was not following AWS offering to closely, as I worked for MSFT-house company where everything was run either with on-premise MSFT stack or with Azure with a tiny bit of exposure/use of AWS stack, so I’ve missed this service, which was announced back in 2016, until I stumbled on it while preparing to AWS exams.

Actually to name things properly Lightsail is, basically VPS offering from AWS, and it features its own, separate, management console which will look somewhat familiar to you if worked with DigitalOcean or Linode:

Amazon Lightsail – Create an Instance

But as you can imagine this VPS offering powered by ginormous and battletested AWS infrastructure which ensures that console is super streamlined and responsive, instances can be provisioned in just a few clicks and, no surprises there, price tag is very good, and not only if compared against running the same workload using EC2 or Elastic Beanstalk. IMO pricing is compelling enough to consider migration from other VPS services (especially if you have just small/individual instances scattered across different VPS providers). I guess after migrating my blog to Lightsail, I’ll soon be migrating my Django app VPS which so far is hosted on DigitalOcean.

Just a few notes on WordPress migration experience. I don’t have time to write comprehensive step by step guide, so I just jot down some points / steps I did:

  • I’ve created Amazon Lightsail WordPresss 5.6.0 instance (WordPress Certified by Bitnami and Automattic 5.6.0) with desired specs (instance plan) and assigned a static IP to it.
  • For migration itself I used All-in-One WP Migration plugin which allows you to download your WordPress blog as a single file and later on import it to a newly created WordPress blog on your new server.
All-in-One WP Migration plugin
  • Main problem which blocks some people to do migrations with this plugin is a default 40 MB upload limit which some people try to resolve through installing different versions of plugin. Actually all you need to do is to connect to your VPS instance and adjust PHP File Upload Limit in php.ini file (see some details on how to do this here) but it is basically as simple as running sudo nano/opt/bitnami/php/etc/php.ini command and increasing post_max_filesize and upload_max_filesize settings and restarting services with sudo /opt/bitnami/ restart command. After that you should be able increased limit value in plugin UI.
All-in-One WP Migration plugin – PHP File Upload Limit set to 400 MB
  • I’ve also migrated my domain names to Route 53 and for WordPress domains all you need to do is create a hosted zone for domain and next create A record which will resolve domain name into Lightsail instance static IP along with CNAME record which translated into (be sure to also update name servers to AWS ones in case you did domain transfer).
  • I was a little bit confused as to whether it is possible to use Route 53 SSL certificate for Lightsail WordPress instance (it didn’t work for me after first attempt) so I end up using Bitnami bncert-tool to provision SSL certificate from Let’s Encrypt for my instance. Some details on how to do that can be found here and here.
  • Another little adjustment I did is removal of Bitnami banner. which can be done by running sudo /opt/bitnami/apache2/bnconfig –disable_banner 1 and restarting Apache with sudo /opt/bitnami/ restart apache command.
Bitnami Banner

There were probably some other minor config changes I did, but all in all migration was fast and easy and it seems that my blog become a bit more responsive now, and if I need to improve its performance I still can leverage Lightsail CDN and load balancing features.

One confusing thing about AWS services is their naming prefix – some of the services names are prefixed with Amazon and other with AWS, and while Lightsail tries to be a bit differentiated from all the other AWS services, and it is natural to call it Amazon Lightsail and not an AWS Lightsail because of that, I see that all the other AWS services are prefixed either with “Amazon” or with “AWS” without any apparent logic. But for a company with 175 services portfolio naming system is more than OK, as I saw much more confusing and disorganized naming employed by a vendors with less than 10 products or services 🙂 Luckily enough cloud services do not get that major/minor versioning in their names which sometimes gets too creative for on-premise products where version plays an important role of vehicle to wrap up certain number of features into it and make a “new product” which client supposed to buy/or upgrade to. I guess in that interim period between “boxed”/COTS/buy once software and cloud/SaaS that recurring major version concept went too far in attempt to ensure recurring revenue for software vendors 🙂

So that was just an announcement of this blog hosting change along with a few notes on WordPress migration process and Lightsail in general, I hope that it may come in handy/interesting for some of my blog readers too.

Unable to connect over SSH to EC2 instance from Linux

Common issue which occurs when trying to connect to AWS EC2 instances from Linux machines is the following error:


As you can see on the screenshot octal representation of pem file permissions is 0644 and it means that everyone has read-only access to the file while security best practice requires to limit access to private key files more strictly. This 0644 permission translates into RW for Owner, R for Group, and R for other/word (Everyone counterpart of Windows ACLs).

If you want to view file permissions in Linux shell you have 2 couple of commands for that ls -l %filename% and stat %filename% and the latter will show you octal permissions value as shown below:

Checking file permissions using ls -l and stat commands

Actually AWS EC2 console indicates recommended pem file permissions configuration and gives us a command to set them:

Command to ensue that your key is not publicly viewable

So just run this command and you will be able to connect (be sure running all the commands after switching directory to the one which contains your pem file and make sure that you use correct pem file name – AWS will give you command specific for EC2 instance and uses access key name based on selection you’ve made for specific EC2 instance).

Adjusting pem file permissions and connecting to EC2 instance over SSH

Although this is not a big problem and all the explanations/solutions are given to you by respective commands output and AWS console I just decided to jot this down in case someone will get stuck with this and switches to googling bypassing reading error messages and instructions 🙂

Windows Update error 0x80240023 (WE_E_EULAS_DECLINED) on Windows 10 (feature update 2004)

Recently I was cleaning up some malware from Asus Windows 10 laptop. It took using AV software boot disk to remove malicious software and after that I upgraded Windows 10 to the latest feature update/build (2004). Windows Update was working pulling some more update but finally stuck with 0x80240023 (WE_E_EULAS_DECLINED) error and it took a bit too long for me to solve this problem, so taking a note of resolution here.

As machine has been infected I was suspecting that I might not had cleaned up it completely but in the end it was a problem of rare combination of Windows 10 2004 with Office 2007. There was basically one specific update for Office 2007 which was failing to be installed without being able to properly say so (it was Microsoft Office File Validation Add-in update). I went for using “Show or hide updates” troubleshooter package which allows you to hide/prevent specific update from installing. Once I launched it I saw this one pending update and hide it which cleared up the error. It seems that as an alternative solution you may try to install it manually locating in C:\Windows\SoftwareDistribution\Download, extracting it and running OFV.msi. As I understand there is some unexpected request for user input on installation of this thing, but I end up just hiding this update, although not without trying bunch of other solution like rebuilding Software Distribution directory and so on.

Another issue with this laptop was random waking up from sleep state, which user saw as random power on, that was resolved through disabling wake up timers on all Windows power plans as well as ensuring machine being shut down instead of put to sleep (hiding Sleep option from power off menu etc.).

WhatsApp Desktop Windows – app window cannot be resized

I’ve recently run into issue on my Windows 10 machine with WhatsApp Desktop app – it was keep running in maximized window mode without possibility to resize window/make it smaller. I was ignoring/tolerating that for quite some time, next looked for a setting in app GUI which could have trigger this (there is none) and checked if my app is of the latest version (it is). So it was time to google a bit to find a solution which I’ll just share below.

In case you cannot minimize your WhatsApp Windows app window and it keep running in maximized mode, you should do the following to get back an ability to perform window resize:

  1. Navigate to %appdata%\WhatsApp folder and open settings.json file located here in text editor.
  2. Change “isFullScreen” setting value from true to false and restart WhatsApp app.

Just writing this down to have a record of the fix 🙂

How to identify an empty K2 role

In some scenarios you may have empty K2 roles with no users added, and in the past it was possible to create new role in K2 Management without adding any users into it or delete all users from the role (this is not the case in current versions of K2). When you have K2 role with no users K2 will be logging error shown below on each attempt to resolve this role (look at Interval configured for this role in DestQueue table to get an idea about error frequency, and the same will be logged every time when role used as a destination etc.):

“1 The 2003 Destination Queue SecurityLabel provider ” does not exist at K2DestQueue.RunDestQueue(Object obj)”

To address/remove that error you need to identify empty role first which can be done with help of the following SQL query run against K2 DB:

Once empty role identified you either delete it or add some user into it to get rid of error message, or as a third option you can increase its refresh interval in DestQueue table to decrease frequency with which this error will be logged in K2 host server logs.