Exercising
Just started to get back into exercising… thank god for sites like this, free exercise tips! Pay attention to these as you will get some value from them for sure.
Archive by Author
Getting Things Done
Bought this book today as I’ve heard good things about it.
Might actually make me dust out the OmniFocus application and use it for what it’s designed to do.
50 pages in and so far so good
Smart wp-admin protection, protecting your blog with a cookie key
A simple way to protect your wp-admin folder, without giving away the fact you run wordpress and have a wp-admin folder is to use a door-knock login sequence.
I did this by creating a file called open_sesame.php
setCookie("OpenSesame", "1", time()+(3600*24*7), '/');
);
header("Location: /wp-admin");
?>
This simply sets a cookie called OpenSesame and expires it in 7 days time.
So now you need to modify your .htaccess or apacheconfig so with a simple rewriterule:
RewriteEngine on
RewriteCond %{HTTP_COOKIE} !OpenSesame
RewriteRule wp-admin /404.php
This tells apache to look for the cookie OpenSesame; if it exists then let wp-admin be accessed. If it does not exist then make sure wp-admin redirects to a 404 page.
This eliminates people from finding out if your blog has a wp-admin directory and most script kiddies will probably not push much further on your site.
Additionally you could lock it down further by restricting IP addresses, but thats sort of painful if you travel around.
Once this is setup, all you need to do is access open_sesame.php and you’ll be able to login ok!