The behind story of restarting this blog

[Originally written in Feb. 20th, 2024]
As I mentioned before, I wrote some posts in the end of 2022 and didn’t manage blog more than 1 year. There were some issues when I restarted this blog. (It is very usual case, I think.)

1. I ALMOST couldn’t start this blog again

Actually, I visit the blog once for every quarter even I didn’t write any post. Because I had to renew my SSL certificate. When I decided to restart the blog, it is not so difficult to manage. BUT, by managing the blog – such as modify user data and post categories – while sleeping, I lost the password for my wordpress blog user.

Losting user password is usual event for blog management. The wordpress program can reset the password as a matter of course. And the program reset the password and sent information by e-mail. But, I couldn’t receive any e-mail from wordpress program. Maybe the host provider blocked sending e-mail, because I had so small right for my hosting service. (Yes, I subscribed a cheap course.) It is very understandable. If my service can mail easily, the hosting service can be used as spam mail server. Sending e-mail should be allowed for some specific user.

I was little confused because I couldn’t reset my password by e-mail, but I thought there should be some other method to modify my wordpress user password.

Reset WordPress Password: 3 Ways To Do It Manually

The best way was, I visit my wordpress’ DB directly and modify ‘users’ table data. And it should be inserted with encrypting the word by MD5 method. (I am not sure it is easy or not, but I think it is best way and very direct solution for my problem.)

The next step was entering my DB. But I couldn’t enter the my DB, because I can’t remember the DB password. I renewed my SSL certificate several times, but the process didn’t request my DB password. So I didn’t use my DB password more than one year. Maybe me in the past should made the password very complicated to avoid hacking issue. Me in the past maybe made my DB password as ‘more than 12 characters including all of uppercase, lowercase, number and special character’. I couldn’t recall the word of course. (So I am f***ed)

What I should recover was DB password of my account. In usual case, reset the DB password can be performed by web hosting provider. It is not difficult at all. My hosting service can reset DB password after verifying the owner of account. But I realized that I didn’t know my account password so I couldn’t verify the owner of my hosting account. (When I manage my blog, I didn’t need to know hosting service account password.) I made my account in the year of 2018, and I didn’t visit hosting provider’s page directly for 5 years.

To summarize again, I didn’t know my wordpress user’s password. I didn’t know my DB password. I didn’t know the password of my hosting service account. (I am not sure what I knew about this blog. lol) I reset all of these in the late night, by verifying my identify based on my cellular phone information.

But if I have same problem, I can prove very simply.
DB name and password is stored in ‘wp-config.php’. The DB data should be stored some ‘file’ in the blog because the data is necessary to entering the DB and the program should store outside of that DB. After entering DB, user data can be modified by phpMyAdmin. (If someone are not familiar to phpMyAdmin, using other SQL administrator tool, or querying SQL directly can solve the issue.) So what I should to know is just ‘the SSH password of my web space’.

2. Worries about wordpress admin.

WordPress is most widely used web page generation tool in the world. So I should take care of security, not to be hacked. (Many hackers attack the security weakness of wordpress.) The most dangerous space is administration page of blog and web root directory. If someone sees ‘the content of wp-config.php and the location of phpMyAdmin’, everything of this blog can be hacked.

The world of wordpress can do everything with plugin, so I changed the admin page by plugin.

There are several plugins. I choose WPS Hide Login plugin, because ‘manged wordpress’ service of CAFE24 adopt that plugin. So I install it in this blog.

The admin user can change login url in easy. The default url of this plugin was ‘login’, which is considerd as easier url than ‘wp_admin’. How dangerous! I changed to my own url right away. 🙂

3. I want to blow away revisions

I think the wordpress is not for the blog. It saves new revision every 60 seconds! It has advantage when I have some mistakes on my post. (I can recover to my revision in detail.) But I think it is somewhat waste of my SQL database.

So I searched for ‘how to stop saving post revision’, but I can’t stop in the setting of wordpress blog. (But there are several plugins deleting revisions.) I feel anxious for ‘deleting my post’ with plugin. So I searched how to perform, and I got the answer.

The revision is saved data in SQL DB. So SQL query can do. (Link)

DELETE FROM wp_posts WHERE post_type=”revision”;

Yes, That’s all. the temporary revisions have same post_type. (The final versions are ‘post’, the rivisions are ‘revision’. It is very intuitive difference.) So deleting ‘revision’ post_type data in wp_posts table is the what I want.