Search Results
AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your
Nov 22, 2008 I activated Password Protect wp-login.php and wp-admin. The site says:“Protected By AskApache” I've tried entering the FTP logon info www.askapache.com/;htaccess-plugin-blocks-spam-hackers-and-password-protects-blog.html
So my blog as been rather quiet for almost a year now and very few updates if any have been released for my Password Protection PLugin my Google 404 Plugin
Update for AskApache Password Protect Plugin that automates installation of .htaccess Server-based HTTP Basic Authentication including creating encrypted
I'm running wordpress 2.92, apache 2.2.14, php 5.2.11 and have downloaded the AskApache Password Protection Plugin latest version from wp's site.
How to password-protect, Allow or Deny a visitor based on a condition. If you are having trouble getting htaccess-based password protection to work see:
First you need to setup password protection for the directory that you want mod_security disabled for. In the case of WordPress blogs, you can use the
Password Protecting wp-admin. # BEGIN AskApache PassPro # sid900 AuthName "Protected By AskApache"AuthUserFile /askapache.com/.htpasswda1 AuthType Basic
News and Info about the Next AskApache Password Protection Plugin Update.
Apache Web Server users have problems getting Apache Authentication/password-protection in htaccess working, this is a troubleshooting guide to get Password
Web password files such as those managed by htpasswd should not be within the Web server's URI space that is they should not . htaccess password protect
This quick tutorial will show you the steps to change and reset any user password on a windows computer, and also show you how to protect your computer from
Examples of protecting your files and securing with password protection WAY TO REQUIRE SSL httpwwwaskapachecomhtaccessapachesslinhtaccessexampleshtml
AskApache Password Protection For WordPress for Apache rewritecond htaccess » wwwaskapachecomhtaccess301redirectwithmod_rewriteorredirectmatchhtml
An upgrade to Google 404 Plugin and Password Protection Plugin, thats been over a year in skunk works.
This is the php code you can use to show the decrypted password that was sent by the . Update:AskApache Password Protect Plugin ·Control htaccess Basic
Advanced Mod_Rewrite AntiHotlinking Example to Protect Files Plugin Status News and Info about the Next AskApache Password Protection Plugin Update
If it is cracked then you should change your password to include both numbers, symbols, Pen-testing Security Tools ·AskApache Password Protection,
on IP.htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog » Umask and Protection. If the users part of a symbolic mode is omitted, as an easily customizable protection against giving away more permission to
Mar 30, 2008 WordPress 2.5 Compatible – AskApache Password Protect. AskApache Password Protection, For WordPress » WordPress 2.5 Compatible
BASIC PASSWORD PROTECTION ### AuthType basic AuthName "prompt"AuthUserFile Require valid-user # password prompt for everyone else Order Deny, Allow
AskApache Password Protection, For WordPressApache SSL in htaccess examples » ·Fresh .htaccess Examples:Cookies, Variables, Custom Headers
AskApache Debug Viewer Plugin for WordPress The story behind this plugin is I took it out of my Password Protection code and made it its own plugin.
On-Demand MySQL Backup Shell Script ·Update:AskApache Password Protect Plugin Tags:Apache, askapache, Backups, bash, debugging, encryption, GET, GPG,
For each new AskApache plugin I create a folder in the . Protect Plugin ·Hacking WP Super Cache for Speed ·AskApache Password Protection, For WordPress
networks protected by WEP, solves the problem of unidirectional communication by bouncing packets cvs login (PASSWORD:anonymous);Check out the source:
AskApache.com ScreenShot - Epiphany 2.18. I've been trying to master CSS for a number . Firefox Adsense WordPress Plugin ·AskApache Password Protection,
For this example we will be creating the website www.askapache.com , which will be running Configuring PHP;Password Protection for certain areas
AskApache Liberty Policy .htaccess mod_rewrite rewrite examples ·Update:AskApache Password Protect Plugin ·Hacking WP Super Cache for Speed
Aug 26, 2007 AskApache Password Protection, For WordPress » AskApache Password Protect WordPress 2.5 Compatible - AskApache Password Protect www.askapache.com/password-protect/askapache-password-protect-screenshot-on/
Password protection. Make the user enter a name and password before viewing a directory. . AskApache Liberty Policy
Firstly is, of course, you need to password protect the page that sends that information as anyone could view it or log on to Analytics. But if you're in an
If youve read any other articles on AskApache you can see a certain . any have been released for my Password Protection PLugin my Google 404 Plugin and
Auto-Login to Google Analytics to impress ClientsAskApache Password Protection, For WordPress » ·PHP Sessions/Cookies On The Fly
Hacking WP Super Cache for SpeedUpdate:AskApache Password Protect Plugin » ·Preload flash .flv files into browser cache. Adobe Flash Positioning
Then a password is auto-generated and emailed to you to verify your email. . Update:AskApache Password Protect Plugin ·Delete extra wordpress files
AskApache Password Protection, For WordPress. Saturday, March 29th, 2008 AskApache Password Protect adds some serious password protection to your
Check Password Strength. Changing Any Password On XP ·AskApache Password Protection For WordPress ·Fetch Feed Subscribers from Google Reader with CURL
Aug 14, 2007 AskApache Password Protect WordPress Plugin – A Wall.www.askapache.com/password-protect/askapache-password-protect-wordpress-plugin-a-wall
YOu can move these files to a directory 'above Web root'or simply place them in a subdirectory that is password-protected or made HTTP-inaccessbile using www.askapache.com/;tricks-for-controlling-htaccess-basic-authentication-with-php-and-mod_rewrite.html
Aug 13, 2007 AskApache Password Protect ScreenShot 1. AskApache Password Protection, For WordPress » AskApache Password Protect ScreenShot 1 www.askapache.com/password-protect/askapache-password-protect-screenshot-1/
Adding Akismet Anti-Spam Protection Anywhere ·Top 5 Vulnerability Port Scanners ·Story by Author of PING for UNIX ·AskApache Password Protection,
Password Protection Plugin StatusHtaccess SEO Trends by Google » . If you are using WordPress, I'm sure you are using my AskApache Google 404 Plugin,
New Version of Password Protection Plugin ·Mod_Rewrite Variables Cheatsheet ». My Picks AskApache Liberty Policy. Support Freedom or Die www.askapache.com/;online-compression-tool-compares-packer-jsmin-dojo-and-yui-compressor.html
How To Add Akismet Anti-spam protection to your php forms. Fight Blog Spam with Apache .htaccess Plugin Blocks Spam, Hackers, and Password Protects Blog
http://www.askapache.com/ 2010-06-12T07:21:04+00:00 daily 1.0 monthly 0.2 http://www.askapache.com/htaccess/password-protection-plugin-status.html
AskApache Liberty Policy . Apache Authentication in htaccess ·Manipulating HTTP Headers with htaccess ·New Version of Password Protection Plugin
1 question – how does one ask apache to log performance metrics of an system which I might release when I finish with this password protection upgrade.
AskApache ~. You may find this hacker ezine interesting. Tony ~ Arp Packet Hacking ·AskApache Password Protection, For WordPress ·Want to know how to
Aug 13, 2007 AskApache Password Protection, For WordPress » AskApache Password Protect AskApache Password Protect WordPress Plugin - A Wall www.askapache.com/password-protect/askapache-password-protect-screenshot-2/
#### No https except to wp-admin -
# If the request is empty ( implies fopen or normal file access by a php script )
RewriteCond %{THE_REQUEST} ^$ [OR]
# OR if the request if for wp-admin or wp-login.php
RewriteCond %{REQUEST_URI} ^/(wp-admin|wp-login\.php).*$ [NC,OR]
# OR if the Referer is https
RewriteCond %{HTTP_REFERER} ^https://www.askapache.com/.*$ [NC]
# THEN skip the following rule, basically all this does is force https or badhost to be redirected
# BUT because of the above 3 rewritecond's, this won't break poorly written admin scripts
RewriteRule .* - [S=1]
RewriteCond %{HTTPS} =on [OR]
RewriteCond %{HTTP_HOST} !^www\.askapache\.com$ [NC]
RewriteRule .* http://www.askapache.com%{REQUEST_URI} [R=301,L]
RewriteCond %{THE_REQUEST} ^[A-Z]{3,9}\ /(wp-admin/.*|wp-login\.php.*)\ HTTP/ [NC]
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L]
Tags: AddHandler, Apache, Backups, Block IP, Cache-Control, cheatsheets, developers, errordocument, etag, htaccess tricks, http cookie, indexes, Mod_Security, open source, password protection, real world, rewritecond, rewriterule, Source Code
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Server Administration, Web Hosting, Webmaster | Published on 04/17/2010 |4 Comments »
Learn how to setup, configure, secure, optimize, and create a low-maintenance website the AskApache way. I’m piecing together all the hacks, tricks, methods, and ideas discussed throughout this blog and all across Netdom and glueing them all together to show you how to have the most optimized, crazy fastest, and best website setup I can think of.
Tags: 301 Redirect, admin, Advanced, Ajax, Apache, apache server, askapache, Backups, Bandwidth, bleeding edge, blog, Cache, Cache-Control, caching, ColdFusion, compression, CSS, Dig, DNS, errordocument, Etags, Examples, expires header, feed, File Permissions, Flash, GET, Hacking, hacks, Htaccess, htaccess files, Htpasswd, HTTP Error, HTTP Headers, HTTP Status Codes, HTTPS SSL, Javascript, Linux, Login, Logs, Mod_Rewrite, Optimization, optimizations, optimized website, password, password protection, PDF, Performance, PHP, php.ini, Port, post, ram, real deal, Redirect, Redirection, Rewrite Tricks, Robot, robots, robots.txt, Scripts, search and replace, Security, server, server config, servers, SPEED, SSI, stat, SymLinks, trial and error, trick, Web Development, Web Hosting, web server, WordPress, WordPress Plugins
Posted in Apache, Cache, DreamHost, Featured, Hacking, Htaccess, Linux Unix BSD, PHP, SEO, Security, Shell Scripting, Web Design, Web Hosting, Webmaster, WordPress | Published on 02/18/2010 |9 Comments »
The proponents of this scheme have given it names such as “trusted computing” and “palladium”. We call it “treacherous computing”, because the effect is to make your computer obey companies instead of you. This was implemented in 2007 as part of Windows Vista; we expect Apple to do something similar. In this scheme, it is the manufacturer that keeps the secret code, but the FBI would have little trouble getting it.
Tags: admin, Apache, askapache, ASP, CSS, debugging, Dig, encryption, GET, HTTPS SSL, password, Perl, Port, ram, Security, SSI, stat
Posted in Featured, Hacking, Linux Unix BSD | Published on 07/20/2009 |4 Comments »
The story behind this plugin is sorta wack, but in a good way :). While doing tons of security research on permissions, authorization, access, etc.. for the Password Protection plugin (still being worked on), I needed to have unheard of debugging capabilities while working on the plugin on the various websites, webhosts, and test servers that I use to test in different environments. So I hacked together a bunch of php code that helped me debug, actually I pretty much went overkill and tried to get as much debugging info as programmatically possible, and it ended up being so much code that I took it out of my Password Protection code and made it its own plugin.
Tags: admin, Ajax, Apache, Apache Modules, askapache, authorization, Cache, chmod, Cookies, debugging, error log, fifo, File Permissions, GET, Htaccess, Login, Nice, password, password protection, PHP, php.ini, phpinfo, Port, post, ram, Rewrite Tricks, Security, server, servers, Socket, SSI, stat, umask, Username, WordPress, WordPress Development
Posted in WordPress, WordPress Plugins | Published on 04/05/2009 |1 Comment »
Skip this – still under edit
I discovered these tips and tricks mostly while working as a network security penetration specialist hired to find security holes in web hosting environments. Shared hosting is the most common and cheapest form of web-hosting where multiple customers are placed on a single machine and “share” the resources (CPU/RAM/SPACE). The machines are configured to basically ONLY do HTTP and FTP. No shells or any interactive logins, no ssh, just FTP access. That is when I started examining htaccess files in great detail and learned about the incredible untapped power of htaccess. For 99% of the worlds best Apache admins, they don’t use .htaccess much, if AT ALL. It’s much easier, safer, and faster to configure Apache using the httpd.conf file instead. However, this file is almost never readable on shared-hosts, and I’ve never seen it writable. So the only avenue left for those on shared-hosting was and is the .htaccess file, and holy freaking fiber-optics.. it’s almost as powerful as httpd.conf itself!
Most all .htaccess code works in the httpd.conf file, but not all httpd.conf code works in .htaccess files, around 50%. So all the best Apache admins and programmers never used .htaccess files. There was no incentive for those with access to httpd.conf to use htaccess, and the gap grew. It’s common to see “computer gurus” on forums and mailing lists rail against all uses and users of .htaccess files, smugly announcing the well known problems with .htaccess files compared with httpd.conf – I wonder if these “gurus” know the history of the htaccess file, like it’s use in the earliest versions of the HTTP Server- NCSA’s HTTPd, which BTW, became known as Apache HTTP. So you could easily say that htaccess files predates Apache itself.
Once I discovered what .htaccess files could do towards helping me enumerate and exploit security vulnerabilities even on big shared-hosts I focused all my research into .htaccess files, meaning I was reading the venerable Apache HTTP Source code 24/7! I compiled every released version of the Apache Web Server, ever, even NCSA’s, and focused on enumerating the most powerful htaccess directives. Good times! Because my focus was on protocol/file/network vulnerabilites instead of web dev I built up a nice toolbox of htaccess tricks to do unusual things. When I switched over to webdev in 2005 I started using htaccess for websites, not research. I documented most of my favorites and rewrote the htaccess guide for webdevelopers. After some great encouragement on various forums and nets I decided to start a blog to share my work with everyone, AskApache.com was registered, I published my guide, and it was quickly plagiarized and scraped all over the net. Information is freedom, and freedom is information, so this blog has the least restrictive copyright for you. Feel free to modify, copy, republish, sell, or use anything on this site ;)
Tags: .htaccess examples, 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, admin, Advanced, Apache, Apache Htaccess, apache ssl, askapache, ASP, authorization, Backups, Bandwidth, bash, Blocking, Boot, Cache, Cache-Control, caching, cheatsheet, chmod, code snippets, compression, Cookies, CSS, debugging, DreamHost, Email, error log, errordocument, Etags, Examples, experiments, feed, FeedBurner, File System, FilesMatch, filesystem, Firefox, Flash, Forms, GET, Google, Hacking, hotlinking, HowTo, Htaccess, htaccess files, htaccess guide, htaccess rewrite, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Error, HTTP Headers, HTTP-EQUIV, httpd, httpd.conf, HTTPS SSL, hyper text transfer protocol, If-Modified-Since, Javascript, Last-Modified, Linux, Login, Logs, mad skills, mod_include, mod_python, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, Mod_Setenvif, mysql, Nice, nsa, password, password protection, PDF, Performance, Perl, PHP, php.ini, phpinfo, Port, post, Powweb, Prompt, Python, ram, Redirect, Redirection, Request Method, Rewrite Tricks, rewritecond, rewriterule, Robot, robots, Sample .htaccess, Scripts, Security, SEO, seo secrets, server, server config, servers, SetEnvIf, Shell, Socket, Source Code, SPEED, SSH, SSI, stat, SymLinks, trick, tutorial, ultimate htaccess, Username, Web Hosting, WordPress
Posted in Apache, Apache Modules, Cache, DreamHost, Featured, Google, Hacking, Htaccess, Linux Unix BSD, Mod_Rewrite, SEO, Security, Web Design, Web Hosting, Web Tools, Webmaster, WordPress | Published on 01/10/2009 |66 Comments »
Unix file permissions are one of the more difficult subjects to grasp.. Well, ok maybe “grasp” isn’t the word.. Master is the right word.. Unix file permissions is a hard topic to fully master, mainly I think because there aren’t many instances when a computer user encounters them. I’ve done a lot of research on it the past couple weeks… and now here’s everything I’ve learned so far.. cuz you guys AskApache Regs Rock!
Tags: 301 Redirect, 302 Redirect, 401, 403 Forbidden, 404 Not Found, 500, 503, Apache, askapache, ASP, Backups, bash, bash_profile, Cache, chmod, Dig, DreamHost, fifo, File Permissions, File System, filesystem, Fsockopen, GET, Hacking, Htaccess, httpd, Linux, Login, password, Perl, PHP, php.ini, Port, Python, ram, Scripts, Security, server, servers, Sessions, Shell, Socket, Source Code, SSH, SSI, stat, trick, umask, Web Hosting
Posted in Apache, Featured, Hacking, Linux Unix BSD, PHP, Security, Server Administration, Shell Scripting, Web Hosting, Webmaster | Published on 11/19/2008 |5 Comments »
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.
Tags: admin, Advanced, Apache, askapache, ASP, Bandwidth, Boot, Cache, CommandLine, console, Cookies, debugging, Dig, DNS, Email, encryption, Ethernet, feed, File Permissions, filesystem, Forms, GET, Google, Hacking, HTTPS SSL, Linux, Login, Logs, Networking, Nice, nsa, password, PDF, Performance, Perl, PHP, Port, post, Prompt, Putty, ram, Redirect, Scanners, Scripts, Security, server, servers, Sessions, Shell, shell script, Sniffing, Socket, SOCKS, Source Code, SPEED, SSH, SSH Tunnels, SSI, stat, Vulnerability, Vulnerability Scanners, Windows XP, Wireshark
Posted in Security | Published on 09/26/2008 |3 Comments »
4.6 just released…. Check It Out.
:p
Tags: Advanced, Apache, askapache, GET, Htaccess, htaccess files, Htpasswd, Mod_Security, password, password protection, Port, Security, server, WordPress
Posted in WordPress, WordPress Plugins | Published on 08/19/2008 |10 Comments »
Mod_Security rivals Mod_Rewrite in the amount of features it provides. I decided to go ahead and post what I learned about it today, even though its tough to give away such awesome htaccess and apache tricks.. Learn how to control spam once and for all, conditionally log/deny/allow/redirect requests based on IP, username, etc.. Mod_Security is so fine!
Tags: 301 Redirect, 401, 403 Forbidden, 500, 503, admin, Ajax, Apache, apache ssl, askapache, authorization, Bandwidth, Cache, Cache-Control, caching, Cookies, debugging, DreamHost, Email, error log, errordocument, Examples, FilesMatch, GET, Hacking, Htaccess, htaccess files, htaccess guide, htaccess tricks, htaccess tutorial, Htpasswd, HTTP Headers, HTTP Status Codes, httpd, httpd.conf, HTTPS SSL, Login, Logs, Mod_Rewrite, Mod_Rewrite examples, Mod_Security, nsa, password, password protection, Perl, PHP, Port, post, Prompt, ram, Redirect, Request Method, Rewrite Tricks, rewritecond, rewriterule, Robot, robots, Scanners, Security, SEO, server, servers, SetEnvIf, Shell, SPEED, SSI, stat, trick, tutorial, Username, WordPress
Posted in Apache, Apache Modules, DreamHost, Featured, Htaccess, Security, Web Hosting, Webmaster | Published on 04/23/2008 |8 Comments »
AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.
Tags: 403 Forbidden, admin, Apache, askapache, AskApache Password Protection, Backups, File Permissions, GET, Hacking, Htaccess, htaccess files, Htpasswd, Login, Logs, Nice, password, password protection, PHP, phpBB, ram, Robot, robots, Scripts, Security, server, servers, SPEED, SSI, stat, Username, WordPress
Posted in Apache, Hacking, PHP, Security, WordPress, WordPress Plugins | Published on 03/29/2008 |98 Comments »
WordPress plugin gives you control over HTTP Basic Authentication for your WordPress blog which among other things, stops most automated hacking attempts and exploits being attempted, cutting down on the number of requests, connections, and mysql queries for all WordPress blogs on the Internet.
Tags: Apache, askapache, AskApache Password Protection, encryption, Hacking, Htaccess, Htpasswd, httpd, HTTPS SSL, Logs, mysql, password, password protection, PHP, Port, Prompt, Security, server, servers, WordPress, WordPress Security
Posted in WordPress Plugins | Published on 02/07/2008 |14 Comments »
Learn how to log and debug usernames and passwords used to login to a htaccess basic authorization protected website using php. This article is BOSS and will show you how to fully take control of this aspect of security using php and .htaccess, I don’t believe you will find instructions to do this anywhere else on the net.
Tags: 401, admin, Apache, askapache, ASP, authorization, debugging, DreamHost, errordocument, GET, HowTo, Htaccess, Htpasswd, httpd, Login, password, PHP, Redirect, Rewrite Tricks, rewritecond, rewriterule, Security, server, Source Code, stat, Username
Posted in Apache, Apache Modules, DreamHost, Featured, Htaccess, Linux Unix BSD, Mod_Rewrite, PHP, Security, Server Administration, Shell Scripting | Published on 01/29/2008 |6 Comments »
One of the first things that I do upon receiving a new Windows computer is immediately create a poweruser-style customized boot menu. Then every time I boot I can choose Safe Mode, Recovery Console, Debug, whatever I want! It’s quick and easy to set-up and everyone should have one, soo sweet!
Tags: admin, Advanced, Apache, askapache, ASP, Backups, Boot, boot.ini, Cache, console, debugging, Examples, Flash, GET, Networking, ntldr, pagefile, password, Performance, Perl, Port, post, Prompt, ram, Redirect, Redirection, Security, server, servers, Sessions, Shell, SSI, stat, Username, Windows, Windows XP
Posted in Featured, Hacking, Windows | Published on 01/10/2008 |21 Comments »
So my blog as been rather quiet for almost a year now, and very few updates if any have been released for my Password Protection PLugin, my Google 404 Plugin, and definately not for my AskApache CrazyCache plugin, which I will be releasing last… So for all of you who’ve helped me out by sending me suggestions and notifying me of errors and sticking with it… Just wanted to say sorry about that, and thanks for all the great ideas.. Well, I’ve been sticking with it as well believe it our not. I manage to get free days once in a while, and then its time to jam.
The story behind this plugin is sorta wack, but in a good way :). While doing tons of security research on permissions, authorization, access, etc.. for the Password Protection plugin (still being worked on), I needed to have unheard of debugging capabilities while working on the plugin on the various websites, webhosts, and test servers that I use to test in different environments. So I hacked together a bunch of php code that helped me debug, actually I pretty much went overkill and tried to get as much debugging info as programmatically possible, and it ended up being so much code that I took it out of my Password Protection code and made it its own plugin.
AskApache Password Protect adds some serious password protection to your WordPress Blog. Not only does it protect your wp-admin directory, but also your wp-includes, wp-content, plugins, etc. plugins as well. Imagine a HUGE brick wall protecting your frail .php scripts from the endless attacks of automated web robots and password-guessing exploit-serving scripts.
Just a very brief look at speeding up form submission by delegating the processing and bandwidth to your server, not your client.
WordPress plugin gives you control over HTTP Basic Authentication for your WordPress blog which among other things, stops most automated hacking attempts and exploits being attempted, cutting down on the number of requests, connections, and mysql queries for all WordPress blogs on the Internet. 
One of the first things that I do upon receiving a new Windows computer is immediately create a poweruser-style customized boot menu. Then every time I boot I can choose Safe Mode, Recovery Console, Debug, whatever I want! It’s quick and easy to set-up and everyone should have one, soo sweet!
