IIS 10.0 FTP IP Security allow list

WordPress .htaccess security best practices in Apache 2.4.6+


Apache Access Control done right in WordPress .htaccess, ‘Allow/Deny from all’ versus ‘Require All Granted/Denied’. Since Apache 2.4.6, a new module is used to configure and set up access control for websites: mod_authz_core. This means you have to use a different syntax for allowing or blocking hosts and IP addresses to your website. But unfortunately, old documentation is never updated and people even still write blog posts using that old syntax, leaving you with an unprotected website. Not what you had in mind, now is it?

Windows 11/10 and WSL 2 DevOps environment

In this post I showed you how you can turn Windows 11 and Windows 10 with WSL into a fully fledged development environment. Here are the settings and tools I use for DevOps/SysOps on Windows. It may take some getting used to, but if you’re as shortcut-Ninja as I’m (I alt-tab, ctrl-c/ctrl-v a lot), you can work pretty fast in this set up.

3 Ways of blocking sendmail.php on IIS webserver

Access blocked

Here are 3 ways of blocking access to a PHP sendmail.php script on your Windows Server IIS webserver. This comes in handy if a websites on your webserver sends out spam and you need to block access to a script on a specific website or globally in IIS. You can use a web.config file for this purpose, and here is how.

Block brute force attacks on SQL Server, block IP addresses in Windows Firewall using PowerShell

Access blocked

This PowerShell solution blocks IP addresses that are trying to brute force your SQL Server logins, by blocking IP addresses in Windows Defender Firewall with Advanced Security, using PowerShell. You can use this to create your own solution to block offending IP addresses in SQL Server’s firewall.

Windows Defender: Turn off routine remediation

Here is how to (temporarily) turn off routine remediation in Windows Defender Antivirus (WinDefend). During the transition of antivirus software to Windows Defender Antivirus (WinDefend), I don’t want Windows Defender remediation on threats it might find. Later, when I have more information about potential threats, I can always choose to remediate that threat, e.g. quarantaine or remove it.