Dhaka city – Only one main road connecting North & South

Commuters from Uttara to Motijheel know what it takes for them to reach their destination in rush hours. It is hard to believe that our urban planners couldn’t make a parallel lane to the Uttara – Motijheel road. Yes there are branch roads one through Kuril Bishwaroad and another one through Mohakhali Tejgaon – but still – Uttara to Kuril – ONLY ONE CONNECTING ROAD.

There was probably no need to write this article – but one recent incident on 14th & 15th October – Chinese President’s visit to Bangladesh is an eye opener for our urban planners. Chinese President was staying at Le Méridien Dhaka – which is located on this road. It is understandable that to ensure security for this VVIP – the security agencies needed blocking this road. But what is not understandable is that – this road is the only road through the city which connects the Northern and Southern part of the city. Not only that – the road is vital as Country’s largest Airport is located by this road. This road also connects few other Highways – such as:

  • Dhaka – Mymensingh Highway
  • Dhaka – Sylhet Highway
  • Dhaka – Jamuna Bridge Highway

Blocking this road entirely – means blocking these highways and blocking the way of Airport goers as well as blocking the commute from Uttara to Southern part of the city. This is insane!! The whole city had to suffer on those two days (14, 15 October 2016). Please have a look at the following map:


The problem on those two days were not only for North to South commuters. Since this road divides the city in two parts – East and West and people from both side needs to use this road to go to other sides – blocking this road means blocking East West crisscrossing too.

What on our policy makers’ minds go through when they plan to reside Chinese President Le Méridien Dhaka??? Couldn’t they imagine the consequences?? The VVIP not only stayed on that hotel – he had to use the road to attend all the programs and most of them were in the middle of the city.

Now this incident is an eye opener for our Urban planners to think seriously about the issue. It is understandable that not every day VVIPs will stay in Le Méridien Dhaka – but some other incidents may take place (For example, PM or VVIP Leaders are welcomed when they return from foreign trip) which can cause the road block. Moreover, in few years time twice the number of people will start living at Purbachol – so add those people in the number who will be using this road!!

It is time Government should take this issue seriously and try to build more roads connecting North to South. We have seen building flyovers are not even working since those do not have enough connecting roads which will make room for the transportation. There are still some less occupied areas through which roads can be built. These roads will definitely help reduce the pressure on the Airport road and moreover act as redundant connectivity from north to south.

Hasibul Islam


How to change default SSH port 22 to something else

Internet connected Linux servers are always vulnerable to exploitation by the hackers/intruders. One of their common attack is through SSH. By default SSH servers are configured to listen to port 22 for SSH connection. Changing the port to something else will definitely add an additional measure in securing the server.

How to Change Default SSH port 22 to something else:

  1. Connect to your server via SSH (your ssh port is still 22) as the root user.
  2. Run this command: # vi /etc/ssh/sshd_config
  3. Find out this line: # port 22
  4. Delete the hash “#” sign from the beginning of the line and change the port to something else. Note down this new port very carefully. You’ll need to use this port for the SSH connection from the next login.
  5. Save the file and exit.
  6. Restart the SSH service by executing this command: # service sshd restart 

Now disconnect and try reconnecting with the new SSH port. Make sure you memorize the new port number or note it down somewhere.

PRISMA App for Android – Official download link in Google Play

People all around the globe are posting their photos with cool effects applied through a cool application named Prisma. The app was initially released for IOS – which means iPhone users were the ones to use it. Well – although late but Android users can use the app too.

You may find it hard finding the real Prisma app (By Prisma Labs, Inc.) in Google play – as there are a lot of fake Prisma apps there. Here is the official download link of Prisma:  https://goo.gl/JqAoUC

How to check numbers registered (Biometric) against your NID

If your curious mind wants to be sure no one else has used your NID to register their mobile number – you need to do the following:

Robi Users: Dial *1600*3#
Banglalink Users: Dial *1600*2#

GrameenPhone, Airtel, Teletalk and Citycell has not yet announced this feature.

Restrict Search Engines from finding your website

While everybody is busy getting their website more and more exposed to the search engines (SEO) – you might want to restrict search engines to crawl your website.

You may have your own development website or may have your company’s web based HR system – which you don’t want to expose to the world. Search Engines will find your website if you do not restrict them. If you want to restrict the complete website just upload a file named “robot.txt” in the root folder and add the following line in it:

User-agent: *
Disallow: /

If you want to restrict a specific part (files in a specific directory) – add the following line:

User-agent: *
Disallow: /yourdirectory

If you want a certain Search Engine to be restrcited – (for example Google): add the following line:

User-agent: googlebot
Disallow: /yourdirectory

Some of the other Search Engine Bots are as follows:

MSN/Bing: bingbot
Yahoo: Yahoo Slurp (Currently using bingbot).
Baidu: Baidu Spider

How to Clear bash / SSH / Terminal command history in Linux

You might need to wipe off the command history that you’ve executed in your linux system for various reason. Normally when logged into the bash / SSH terminal – if the Up Arrow key is pressed – previously executed commands are shown. To completely delete the history type the following command:

# history -c
# history -w


How to remove Malware from WordPress sites

WordPress has made the web designers’ lives easier. It has reduced the web development time & cost drastically. The CMS is so powerful that more and more people are converting/migrating their sites to WordPress. With ease comes the danger of being compromised. If compromised – your site will not function properly. It may leak your confidential information, give access to spammers and use your hosting account for spamming, give access to hackers who may upload files to run phishing attack.

Let us first know why a wordpress website gets hacked – gets infected to malware.

WordPress website becomes vulnerable due to the following reasons:

1. WordPress is not updated
2. Plugins are not updated
3. The administrator username passwords are too easy.
4. The computer used to administer the wordpress site (Admin area & cPanel/FTP) is itself infected to viruses.
5. Use of nulled / pirated templates or Plugins – in which codes are embedded which gives the hacker the access.
6. Presence of other hacked script/website in the same hosting account.
7. Unsecured Web hosting. (Poorly configured server, easy guessable passwords etc).

How to identify your WordPress website is hacked or have malware in it?

The website will start behaving abnormally. The website may go blank, break or become very slow. The hackers may get access of your web hosting account and may upload their own scripts and start spamming or create phishing pages. Your web hosting account will be exhausted and your hosting company may suspend your account for resource over usage and spamming. These are some of the symptoms your WordPress is being hacked. If you dig deeper and want to be sure – you need to check the files of your WordPress system. You may find unknown folders (Directories) and files. That’s not it!! Many of the php files (Mostly theme & Plugin files) may contain malicious code in those.

How to clean the WordPress website:

1. First and most important step is – make your computer / work station secured. This includes – having a very good antivirus / Internet security system. Get one (Kaspersky, Bitdefender, AVG, Norton … bla bla bla) if you do not have it yet. Make a full system scan and get rid of any threats (viruses, Trojans).

2. Download the WordPress website in your computer (using FTP or Control panel File Manager). To reduce the time – you may Zip (compress) the full site if you have a control panel in your hosting and if it allows compressing.

3. Extract the folder – if you’ve downloaded a zip copy. Keep the zip file as backup and do not delete it – so that you can use it if anything goes wrong when you try to fix the site. Take a backup of your database too. Now, go into the extracted WordPress folder.

4. The next part is cleaning the malicious code. This is a bit tricky part. There may be hundreds of hundreds of files which may contain malicious code (hacker embedded code). Mostly the php files in the Themes and plugins get infected. But php files in other directories may get infected to. I will show you a trick which will help you get rid of these codes within few seconds.

a. You’ll need Adobe’s Dreamweaver tool or something with similar features. You can download Adobe Dreamweaver Trial from this link.

b. Now you need to find a file which contains malicious code. Go to the active theme folder under “wp-content” >> “Themes”.. Then open the index.php file using Dreamweaver. The malicious code should be either at top or at the bottom and should look like this:

malicious code in wordpress php files

Malicious Code

All the infected files should contain the same code. If you carefully look in the picture above you’ll notice that the malicious code starts and ends with “//###==###”. The code can vary from what you see in the above picture – but it will be something like this. You’ll need to remove this chunk of code from all the files.

Copy malicious code in wordpress php files

Copy Malicious Code

c. You have to use the Find & Replace function in Dreamweaver. Copy the malicious code (starts and ends with “//###==###” in this case). Now press “CTRL + F” and the Find & Replace option should appear.

d. Paste the malicious code in the “Find” box and keep the “Replace:” Box empty. Now you have to choose “Folder..” option from the drop down menu “Find in” and “Source Code” option from the drop down menu “Search:”.

search and replace malicious code in wordpress php files

Find and Replace malicious code with empty box

Now you have to choose the search Destination Folder:

search and replace malicious code in wordpress php files in destination folder

Selecting the folder in which it will search for malicious code.

Choose the root directory of wordpress site from your local machine. Now press the “Replace All” as shown in the “Find and Replace malicious code with empty box” image. This will wipe off the malicious code from all the files. Now you need to save all the files from “File”>> “Save All” option. You are done with Malicious code removal!! Congrats…

5. The next step is cleaning all the hacker uploaded folders. Your basic wordpress website should have 3 folders in the root folder. wp-admin, wp-content and wp-inlcude. You might have a look at other folders in the root directory and consider removing those if you are sure those doesn’t belong to your website. You can replace all the files and folders from a fresh copy of WordPress except the wp-content folder and wp-config.php files. Remember, If at any stage the website breaks – you have the zip file (mentioned in step 3) as backup.

6. Now you’ll have to prepare your hosting account for re-uploading the cleaned website.
a. The first thing you need to do is – delete all the files of your wordpress site from your hosting account.
b. Change the password of your hosting accounts and change the password of any other FTP accounts in that hosting account.
c. Upload the cleaned WordPress files.

7. After re-uploading the site if it runs properly do the following:
a. Update the wordpress to the latest version.
b. Remove any unnecessary plugin. If you are unsure about which ones are unused – you may skip this step.
c. Update all the plugins & Templates.
d. Change WordPress username and password to a complex one. Do not keep “admin” your username.

8. You need install some third party plugin to harden the site security. For example, you may consider installing ALL IN ONE WP SECURITY & FIREWALL. It will require me to write another similar post to describe the features and performance of this plugin – For now, let me assure you that this is one plugin which will make your website very secure.

all in one wp security and firewall for wordpress protection

It will show you, protect your site and will keep your sites and plugins updated automatically. It can also change the admin directory of your wordpress site changing the admin login link– which will reduce the Admin login attack in your site. There may be other similar plugins with same functionalities. You need to implement this kind of plugins to make and keep your site secured.

9. Take help from professional WordPress malware solution provider: You can take help from professionals who provide WordPress malware removal solutions. WPMalwares is such a provider. These guys are wordpress security specialists and can solve your problem at a very low price. You can save your time for something more important and leave your headache to these guys. They will fix your site and will provide you free support for one year. Moreover, they will add extra layers of security on your website.

wpmalwares.com WordPress Malware removal

For details – please visit:  WordPress Malware removal

Feel free to comment if you think I have missed any point or if there are better ways to clean and protect wordpress websites. I will include your suggestions in the main post with your name and link.

wp-goodluck!! 🙂

How to find the IP addresses of a Linux system

The following command in a linux based system will show all the IPs assigned to that system:
# ip addr show

Or alternatively, if you’d like to know the IP address(es) of a certain port (for example eth0) type the following:
# ip addr show eth0

Sample output:
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:30:67:b4:b7:4d brd ff:ff:ff:ff:ff:ff
inet brd scope global eth0
inet6 ef80::120:67ef:deb4:f74e/64 scope link
valid_lft forever preferred_lft forever

The IPv4 assigned to the system are:  ( – = 6 IPs)
The IPv6 assigned to the system are: ef80::120:67ef:deb4:f74e/64

Check your Mobile Balance – GrameenPhone, BanglaLink, Robi, Airtel, Teletalk, Citycell

Grameenphone: *566# (Prepaid), 12115 (Postpaid) or sms: 2000 (Postpaid)
Banglalink: *124#
Airtel: *778#
Robi: *222# or *222#1 or 222
Teletalk: *152#
Citycell: *8111