Miscellaneous, Personal, Tips & Trick

In this article we will learn how to secure our wordpress blog using some .htaccess technique. Of course there is no system perfect in this world. Everything should have bug, no matter it’s high or low risk. When last time you have seen blog with wordpress got hacked? Well, This happen to me 3 times on one of my crazyp**n blog. The hackers always controlling my admin panel and it’s happen 3 times until I playing with my new toys to stop this guy.

What is .htaccess? In several web servers (most commonly Apache), .htaccess (hypertext access) is the default name of a directory-level configuration file that allows for decentralized management of web server configuration. Read full in wikipedia. Back to the topic what should we do to stop hackers controlling our admin area?

There is lots of technique, what I write in here just some technique using .htaccess files:

    1. Protected your wp-login.php files.

<Files wp-login.php>
Order deny,allow
Deny from All
Allow from xxx.xxx.xxx.xxx
</Files>

Where xxx.xxx.xxx.xxx is your IP, if you meet problem to know your IP just look on IPchicken.com

    1. Protected your wp-config.php

Wp-config is vital configuration files for wordpress, it should secured to stop people viewing it’s content.

<files wp-config.php>
order allow,deny
deny from all
</files>

    1. Protected your wp-comment-post.php

Even if you’re using Akismet plugins, to reduce spambot post via remote access you can use this code. (Change yourblog.com with your own domain name)

RewriteEngine On
RewriteCond %{REQUEST_METHOD} POST
RewriteCond %{REQUEST_URI} .wp-comments-post\.php*
RewriteCond %{HTTP_REFERER} !.*yourblog.com.* [OR]
RewriteCond %{HTTP_USER_AGENT} ^$
RewriteRule (.*) ^http://%{REMOTE_ADDR}/$ [R=301,L]

    1. Protected .htaccess file.

This code will protect all files with “.hta” string on it.

<Files ~ “^.*\.([Hh][Tt][Aa])â€>
order allow,deny
deny from all
satisfy all
</Files>

After using this tips the hackers can’t controlling my wordpress admin panel again hahaha! he try to inject using wordpress bug but when I limited IP to access admin panel he’s cry *lol* yay, I win! finally I beat this noob *lol* 😛

    Digg Del.icio.us StumbleUpon Reddit Twitter RSS
Miscellaneous, Personal, Tips & Trick

Good day, after a few months I was looking for best script to make my online store. I found some useful and free script but of course their SEO are worst, The premium one has better looks but they not guarantee on SEO result. Lucky, I was found one plugins can integrated wordpress become online store in just minutes. Take a look on this beauty wp store…

e-commerce-demo

Why I choose wordpress? as we all know wordpress are simple CMS in management but powerful after we added some SEO plugins and other plugins it will become great CMS, in other option almost all paid hosting allowed wordpress to used.

To build your online store using WP e-Commerce plugins follow this step :

  • Install your wordpress.
  • Download WP e-Commerce plugins.
  • Extract it and upload it into yours plugins directory.
  • Activate WP e-commerce plugins.
  • Customize it including your theme and other module you need.
  • Done.

Simple right? fast and effective. The problem you will faced is maybe on the customized theme and module, it’s not easy to make a good theme for online store to take people attention on it.

Of course you can add optimize your wordpress SEO, said permalinks, title tag, keyword, sitemap, and other SEO technique you know.

Meet any problem? Discuss it! leave a comment and I will response back, have a nice day 🙂

    Digg Del.icio.us StumbleUpon Reddit Twitter RSS