Thank you, Tony. On Thu, Oct 19, 2017 at 11:23 AM, Tony White via kictanet < [email protected]> wrote:
From apache documentation at: https://httpd.apache.org/docs/2.4/howto/access.html
" The Allow, Deny, and Order directives, provided by mod_access_compat, are deprecated and will go away in a future version. You should avoid using them, and avoid outdated tutorials recommending their use."
So, a more future-proof answer would be:
<RequireAll> Require ip xx.xx.xx.xx yy.yy.yy.yy </RequireAll>
Cheers, Tony
On 19/10/2017, Michael Pedersen via kictanet <[email protected]> wrote:
For those who have asked here is the more technical details of how I set this up (It's really just a quick hack).
1. inside the wp-admin folder I have a .htaccess file which forbids access from almost every IP - something similar to:
Order deny,allow Deny from all Allow from 41.212.36.170
2. Within the main web-root I have a file (see attached php code) in this example it's called "kictWP.php". When I need access to the admin I then simply goto http://www.mydomain.com/kictWP.php - enters my "secret" password - this then updates the .htaccess file so wp-admin can be accessed from my curent IP.
Thats it really..
Regards Fundi-Mike
On 10/18/17 12:02 PM, anyega jefferson via kictanet wrote:
thats a fascinating fix , Michael, please share a resource i can read on to learn how to do that,
Thank you.
On Wed, Oct 18, 2017 at 11:47 AM, Michael Pedersen via kictanet <[email protected] <mailto:[email protected]>> wrote:
I agree with George's sentiment on wordpress security - I have had the (un)pleasant experience of helping/cleaning several wordpress setups which had been hacked.
That said I am sure the pro's and con's was considered when the choice of CMS was made.
In my experience many attacks on wordpress is targeted on the /wp-admin/ folder, and making that inaccessible to all but explicitly white-labeled IP's seems to remove a lot of grief.
I am personally running only one wordpress installation which has no (customer) critical data and hosted on a separate hosting setup. On that setup the admin can on be access from one specific IP - but you can access a custom (non wordpress based) system to change the current allowed IP to whichever IP you are currently on. It takes 30seconds extra to login/access the admin but in my opinion it reduces a lot of problems.
.. Mike
On 10/15/2017 11:29 PM, george sidney ralak via kictanet wrote:
I like some of the responses to my questions. Still, I have to wonder, was security even considered before going for WP, which is one of the most targeted by hackers.
When considering time and cost, I might consider WP, but then, do you consider extra plugins that you might have to purchase, how about updating issues.
Also, I believe the client has the right to be specific with what they want. I just found it ironic that KICTANet, the platform with people and institutions in Technology in the country uses wordPress.
As to the websites that use Wordpress, not one of these sites uses WP out of the box – there is considerable custom development to make these sites work the way they do, development costing a lot of money. Those sites are not ‘wordpressbeginner’ grade.
On Sun, Oct 15, 2017 at 9:19 PM, Odhiambo Washington via kictanet <[email protected] <mailto:[email protected]>> wrote:
+1
The choice of a CMS or an OS, is purely personal to a developer or a SysAdmin. From where I sit, it's not questionable unless STRICTLY specified by a client.
On 15 October 2017 at 09:05, Ali Hussein via kictanet <[email protected] <mailto:[email protected]>> wrote:
George
On the question of why Wordpress?
First it’s an open source Content Management System (CMS), its free to install, deploy, and upgrade. Then it has thousands of plugins and templates that power a flexible and simple interface, which reduces development costs and deployment time. The dev team was also informed by the fact that millions of websites use Wordpress. Some of he most notable brands that use Wordpress include Microsoft and Bloomberg. See link below:-
name-brands-that-are-using-wordpress/
name-brands-that-are-using-wordpress/>
Hope this answers your question or concerns?
*Ali Hussein* *Principal* *Hussein & Associates* +254 0713 601113
Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim <http://ke.linkedin.com/in/alihkassim>
"We are what we repeatedly do. Excellence, therefore, is not an act but a habit." ~ Aristotle
Sent from my iPad
On 14 Oct 2017, at 1:23 PM, george sidney ralak via kictanet <[email protected] <mailto:[email protected]>> wrote:
Looks great.
A few issues though. Quick links on the footer are not really leading someone anywhere.
And a question: Why Wordpress?
On Fri, Oct 13, 2017 at 6:11 PM, Francis Monyango via kictanet <[email protected] <mailto:[email protected]>> wrote:
I love it. Looks really good.
On 13 October 2017 at 16:55, Keith Andere via kictanet <[email protected] <mailto:[email protected]>> wrote:
Liz,
Mobile optimization is fantastic. Looks fresh and easy to navigate.
Barrack and team, cheers!
Regards,
Keith
Please consider the environment before printing this e-mail.
On 13 Oct 2017 01:03, "anyega jefferson via kictanet" <[email protected] <mailto:[email protected]>> wrote:
Great job, looks good,
On Thu, Oct 12, 2017 at 11:55 PM, Liz Orembo via kictanet <[email protected] <mailto:[email protected]>>
wrote:
Dear listers,
Greetings,
KICTANet has just finished working on the first phase of the new website and would now like to invite you to give comments/suggestions. Especially on how it can serve as an ICT policy engagement platform and as an Information resource for stakeholders.
Here's the link: https://www.kictanet.or.ke/. <https://www.kictanet.or.ke/> You can send your comments either on/offlist, or on the website itself.
KICTANet owes a lot to the brilliant team that worked on this website (Amos Ochieng from pixels Kenya, Barrack Otieno, Mike Musya and Washington Odhiambo) Special thanks to Washington who developed and maintained the old website from the early days of the
network.
As always, we thank you for your continued feedback and we hope you will enjoy the new look and feel. --
Best regards. Liz.
PGP ID: 0x1F3488BF
-- Anyega M Jefferson
[email protected] <mailto:[email protected]>
0703824326
Start where you are,use what you have and do what you can.
_
-- Francis Monyango
Lawyer | ICT Policy and Legal Consultant www.monyango.com <http://www.monyango.com>
-- George Sidney Ralak UI/UX Designer Tell: +254716909815 Skype: Sidralak
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft."
_
-- George Sidney Ralak UI/UX Designer Tell: +254716909815 Skype: Sidralak
-- Anyega M Jefferson
[email protected] <mailto:[email protected]>
0703824326
Start where you are,use what you have and do what you can.
-- Tony White
_______________________________________________ kictanet mailing list [email protected] https://lists.kictanet.or.ke/mailman/listinfo/kictanet Twitter: http://twitter.com/kictanet Facebook: https://www.facebook.com/KICTANet/
Unsubscribe or change your options at https://lists.kictanet.or.ke/ mailman/options/kictanet/jeffersonanyega%40gmail.com
The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-- Anyega M Jefferson [email protected] 0703824326 Start where you are,use what you have and do what you can.