covid days : 04 April + secure DNS

updated: 25 April 2020

there’s no work today but i find myself online anyway. so phishing attacks are up exponentially since this covid-19 virus came out. my anti-malware for windows will expire in the next few months so i have to find (discounted) alternatives.

almost everyone is connected to the internet.

as added security i enabled secure dns in firefox, Ubuntu and Windows. it basically uses cloudflare’s dns server 1.1.1.1. to confirm google it. i rarely use chrome and there are extra steps but i think it’s worth the effort. here’s the cloudflare post on how to set it up in your browser. oh, and it’s suppose to make things faster also.

it’s half past noon and it’s 36 ℃ inside the house. ugh.

early evening and i’m not hungry. laundry for the week is done. and thoughts of not having work for me and most people come to mind. this is one of those “rainy days” when you have to dig deep and plan how long the money you saved up will last. panic came to but there is no time for that. just be conscious of your spending and make it stretch as far as you can.

ending today on a vid call to friends from the north and south, dubai, japan, and canada. good meet.

AIOWPS and the WordPress mobile app

I cannot login to my WordPress site using the Android mobile app. I have the All In One WordPress Security (AIOWPS) plugin installed and enabled the Completely Block Access to XMLRPC checkbox.

I have to note that when I blocked access to XMLRPC my failed logins went from more than 3,000 for one month to zero which means the login bots were trying to guess a username/password combination to gain access to the site.

I prefer to keep blocking XMLRPC access but I also want to use the mobile app.

I found two ways around this situation.

If I want to use the WordPress mobile app, I really have to uncheck the  Completely Block Access to XMLRPC checkbox keeping the Disable Pingback Functionality From XMLRPC checked.

If I want to keep my sense of security, I have to block access to XMLRPC and just use a browser instead of the WordPress app in my mobile thingy.

 

force https

Backup your .htaccess file.

In the .htaccess  file add this to the top:

# Always use https for secure connections
# Replace 'www.example.com' with your domain name
# (as it appears on your SSL certificate)
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.example.com/$1 [R=301,L]

Important! Replace www.example.com with your own domain name.

That  should do it (worked for me)