Limiting Access to Admin folder via .htaccess

Some CMS have admin folder. It’s an important folder because it has all the files that deal with administration. If the security of the files in it is compromised, bad things can happen.

One effective option to reducing the risk of a security breach on the Admin folder is by limiting the IP addresses that can access it via an htaccess file. This is for Apache Web Servers.

Creat a new blank documentin your favorite text our source code editor. Save that file with the name : .htaccess

1. Find your IP address via this site, What is My IP Address

2. Place the following directives in .htaccess file


AuthUserFile /dev/null
AuthGroupFile /dev/null
AuthName "Admin Access Control"
AuthTypeBasic
<LIMIT GET>
order deny, allow
deny from all
#white list IP
allow from xxx.xxx.xxx.xxx
</LIMIT>

3. Upload .htaccess file to Admin folder. Do not upload it to root folder

This option is nice and tightens the security, but its’ inconvenient if you work from multiple locations with different IP addresses or non-static IP environment

How to find Access Token for your Twitter app?

It looked like a silly thing when I had tried to make one of my plugin worked with Twitter.
It started from Twitter settings page.

Twitter settings page has a tab called Connections. It shows applications that allowed to get access to your Twitter account.
If you are Developers, you can have your own settings for your Twitter app. There is a link on the right sidebar says:
“Developers – Developers can edit the registration settings for their applications here.”.

When we click here in that sentence, it will open Applications page.
If you don’t have it yet, you can click the “Register a new application” link to register your Twitter app.

You will get two keys, Consumer Key and Consumer Secret after registered your new app. Where are Access Token and Access Token Secret for oAuth Authentication?

I found Access Token and Access Token Secret in Twitter Developers site

Go to Twitter Developer site and click Your apps.
Click Edit Details below your Twitter app. Click Applications Detail on the right sidebar.
You will see a lot of information about your app. Look at the right sidebar, there.. My Access Token.
Click it, you’ll see Access Token and Access Token Secret