Apache Access Control done right in WordPress .htaccess, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’. Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?
When you have just installed your new Windows Server, with or without IIS as web server, it is important to take a few extra security … Read More
An article explaining why .htaccess files should not be used to secure sensitive data. In many cases it is wrong to impose security restrictions using .htaccess files.
In this post I showed you how you can turn Windows 11 and Windows 10 with WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows. It may take some getting used to, but if you’re as shortcut-Ninja as I’m (I alt-tab, ctrl-c/ctrl-v a lot), you can work pretty fast in this set up.
Here are 3 ways of blocking access to a PHP sendmail.php script on your Windows Server IIS webserver. This comes in handy if a websites on your webserver sends out spam and you need to block access to a script on a specific website or globally in IIS. You can use a web.config file for this purpose, and here is how.
Here is how to bulk add IP addresses in the Windows Firewall, list an IP address and remove all IP addresses from Windows Defender Firewall with Advanced Security. In Windows 11, 10 and Windows Server
Here is how to (temporarily) turn off routine remediation in Windows Defender Antivirus (WinDefend). During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it.
Learn how to enable HSTS (HTTP Strict Transport Security) in Linux Apache .htaccess