Securing Website through .htaccess behind CloudFlare or CDN

access-denied

By default, when you want to block or allow some IP(s) from your website, you may simply do it as the following rules from .htaccess,

order deny,allow
deny from all
allow from 1.1.1.1
allow from 2.2.2.2

However, if you are using service like CloudFlare or other CDN service, you can not do like this as Apache do not understand your visitor IP.

To do that, you need to do like rules below,

SetEnvIf X-FORWARDED-FOR 1.1.1.1 allow
SetEnvIf X-FORWARDED-FOR 2.2.2.2 allow
order deny,allow
deny from all
allow from env=allow

If you need it for IP ranges or network block such as 1.1.1.0/24, you may do it like,

SetEnvIf X-FORWARDED-FOR "^1\.1\.1\.*" allow
order deny,allow
deny from all
allow from env=allow

Wipe DNSChanger before Internet Doomsday

Recently, FBI found out that there are still 300,000 PC still infected with DNSChanger. If you are one of the victims, you might not able to access to the Internet or getting the similar site that you want to browse but with malware injected to the page that you visit.

To understand what is DNSChanger, please read the article from FBI at here.

To find if your PC is infected by DNSChanger, you might want to look at the instruction from the following URL,
http://www.dcwg.org/detect/

With Malaysian user, you may used the following URL which operated by CyberSecurity Malaysia and MyCERT.
http://dnschanger.detect.my/

Sharing: What WordPress Theme Is That

Do you ever wonder what is the WordPress theme used by your friend blog, or any site from the Internet?

With What WordPress Theme Is That site, you may easily track the WordPress theme used by a site.

1. Open your Internet Browser.
2. Navigate to http://whatwpthemeisthat.com/.
3. Enter the website you want to track and press “Check Site” button.

Howto: Block Facebook Video from your network

As a business owner or system administrator, you might want to safe the bandwidth usage from your office network. If you found out Facebook Video is the root cause as your staff might waste the bandwidth to stream the Facebook Video, you may block these URL from the LAN Network.

1. video.ak.fbcdn.net
2. video.l3.fbcdn.net

You need to update the URL as Facebook might add more domain.

How to submit phishing site?

APWG (The Anti-Phishing Working Group) is a non-profit global pan-industrial and law enforcement association focused on eliminating the fraud, crime and identity theft that result from phishing,pharming, malware and email spoofing of all types.

APWG used by many known corporate such as Google Inc, AT&T, Yahoo, Microsoft, etc.

To report a phishing site found from the Internet, you may submit them through APWG Report Phishing.

 

Should I change my password?

Did your email password being released to public? You may check ShouldIChangeMyPassword.com which will help you to check from the database if your password is being compromised.

To done it, browse to the site of ShouldIChangeMyPassword.com and simply enter your email address. Then click on Check it! button.

*Note: Use this site for your own risk as this is not designed by any party of mickgenie.com.

HELP! Keep Me Out of these websites!

Social Networking such Facebook can be addicting. With the the Facebook comparison with the fridge, “When you’re bored, you keep opening and closing it every couple of minutes, to see if there’s anything good in!”

This is much affecting the work performance which bosses are not so pleased about and the late of submitting assignments at school. With the keepmeout.com, it helps to reduce the time your spend on the websites.  Just follow a few simple steps,

  1. Enter the website that you are addicted to and set the setting for the warning if you are accessing the website more than once in 30mins or more (depending on your configuration)
  2. Click Submit and bookmark it at your browser.

By using the bookmark, it will prevent your from visiting the website so often.

The disadvantages of the website is you will need to use the bookmarked to access to the website in order to use the keepmeout! function. It will not work if you are using the direct link.

BrowseHappy

Browse Happy is a site used to keep track the latest version of Internet Browser.

As BrowseHappy site explanation,

Using an outdated browser makes your computer unsafe. Browse Happy is a
way for you to find out what are the latest versions of the major browsers
around. You can also learn about alternative browsers that may fit you even
better than the one you are currently using.

Now, understand the latest Internet Browser by browse to Browse Happy.

URLVoid, check Website for Viruses, malware and Phishing

For many reason, you might want to check a site reputation if they have been infected by the viruses, malware or phishing scam previously.

Now, you can easily scan the bad reputation site with just enter your domain name from URLVoid website. Simply access to the URL of www.urlvoid.com and you may now check the website reputation.

As the attached image above, you may see that mickgenie.com is clean from the status.