February 23, 2017

Web Design / Development


Please take your time to provide some details. This will help me to come up with detailed queries regarding your project.

Max File Size: 5MB · Allowed File Types: jpg,png

Form Submitted Successfully!

We will contact you as soon as possible.

Powered By


I will say that this is the most important stage of the entire process “Get it right in the early stages and it will be easier in the latter”.

  • Information gathering
  • Questions, questions and more questions
  • Meetings

Please refer to my questionnaire that I like my clients to complete – this will give me plenty of information on which to base the website on


This is where the information gathered from stage 1 will be used to either put pen to paper or pixels to screen.  A visual representation will be exchanged between parties.  We continue to work with you to ensure that our proposal meets the requirements of your business.

  • A supply of a .jpg (or similar) file.
  • Design mockups
  • Sitemaps
  • Client side design


The point at which the website is created.  All the parts of the design created in stage 2 will be put into use for a functioning site.  It is regularly tested in all browsers.

  • Client side programming
  • html/css/javascript/webplus
  • Quality assurance testing
  • Inserting client information ie content, photography etc


At this stage you will be 100% satisfied with the website.  Preparation for public viewing will commence.  Files will be uploaded to the chosen server.

  • Link testing
  • W3C validation
  • Cross-browser testing – IE, Firefox, Chrome, Safari, Opera, Iphone
  • FTP

Post Launch

The true value of the website will be known after launch.  This is when you find out how your website is received.  Also known as the maintenance period.  I work with the clients to update, maintain, support and even possibly build more pages if necessary.  We can closely monitor your website to ensure that you are happy with the final product, and we have met all goals.

  • Support and maintenance
  • SEO integration
  • Completion
  • Learn from experience

Get in TouchGet in Touch

I'm always happy to hear from you!

If you would like to contact me to discuss a project collaboration, or simply want to say hello, please feel free to do so through your preferred method of communication. Rest assured that I will respond to each and every inquiry.

Phone (Mob) / WhatsApp, Telegram

(+251) 911-78-67-39



Addis Ababa, ETHIOPIA

I am available for Freelance hire

Form Submitted Successfully!

We will contact you as soon as possible.

Powered By

My ServicesMy Services

Range Of Top Notch Services

Website Design / Development

As a web design and development expert, I can help you create a visually appealing and functional website that meets your specific needs and goals. From concept and design to development and deployment, I offer a comprehensive range of web design and development services. This includes custom website design, e-commerce development, content management systems, mobile app development, and website maintenance and support. With my help, you can ensure that your website is optimized for user experience, conversion, and search engine visibility, providing you with a competitive edge and helping you achieve your online objectives.


I specialize in developing eCommerce websites using popular platforms such as Shopify, WooCommerce, and Magento. By leveraging the power of these platforms, I can create online stores that are both visually appealing and functionally robust. Whether you’re just starting out or looking to upgrade your existing eCommerce website, I can help you create a website that meets your specific needs and drives business growth. From design and development to payment gateway integration and product management, I offer a comprehensive range of eCommerce services to ensure your online store is a success.

WordPress Web Design

WordPress is an amazing platform that is both lightweight and widely used, powering over 40% of websites worldwide. As a WordPress enthusiast, I understand the platform’s power and versatility, and I can help you harness its potential. By building custom WordPress websites that are both easy to manage and SEO-optimized, I empower my clients to take control of their online presence and drive their businesses forward.

Search Engine Optimization (SEO)

Search Engine Optimization (SEO) is crucial for improving your website’s visibility and driving organic traffic to your site. As an SEO expert, I can help you optimize your website to rank higher on search engine results pages (SERPs) and attract more visitors. This includes conducting keyword research, optimizing your website’s content and structure, building high-quality backlinks, and improving your website’s mobile-friendliness and page speed. I can also provide regular reporting and analysis to track your website’s performance and adjust your strategy accordingly. With my help, you can improve your website’s search engine ranking, drive more traffic, and grow your business online.

Web Security

Web security is essential to protect your website and its users from potential threats such as hackers, malware, and data breaches. As a web security expert, I can help you safeguard your website by implementing a range of security measures, including SSL certification, firewalls, anti-malware software, regular backups, and user authentication. I can also perform vulnerability assessments and penetration testing to identify potential security weaknesses and provide recommendations for improvement. With my help, you can ensure that your website and its users are protected from online threats, giving you peace of mind and protecting your online reputation.

Website Speed Optimization

Website speed optimization is crucial for providing an exceptional user experience and improving your search engine rankings. As an expert in website speed optimization, I can help you achieve lightning-fast load times, reduce bounce rates, and increase conversions. By analyzing your website’s performance metrics and identifying areas of improvement, I can implement a range of optimization techniques, including image compression, caching, minification, and code optimization. With my help, your website can load faster, rank higher, and provide a seamless user experience for your visitors.

Why Me?Why Me?

Why you might like to think of me for your next web project

“Selecting the appropriate web designer is crucial since the actual worth of your website may not become apparent until it is launched.”

I'm more affordable

My services are cost-effective. Since I don’t have significant overheads, you can expect a similar level of service to larger companies, but at an amazing freelancer rate.


Having a web designer do what they say they will do and put in place what has been discussed in any consultations.


It’s crucial to have someone to communicate with about your website, and I’m always reachable through email, phone, or my contact form.

I'm insanely flexible

Being a freelancer allows me to work to my own schedule and that means a lot of time to fit you in whenever that may be.

Good listener

Understanding the client’s needs is essential, and we can achieve this through an initial consultation and questionnaire, as well as maintaining good communication throughout the project.


During the design, build and after completion phases of your website, it is vital that you receive the support you require.  

Got a project in mind

I have helped small, medium sized business and corporate with their online presence. I would love to hear from you if you need any help regarding web design and development.

About MeAbout Me

I'm Freelance Web Developer / Designer

With over 10 years of experience, I am a highly skilled and creative web developer. My specialty lies in crafting responsive websites that cater to businesses of all sizes. I possess expertise in WordPress, Shopify, Wix, and various other platforms, allowing me to design visually stunning websites that are customized to your specific needs. My primary focus is on creating designs that are user-friendly and intuitive, while also emphasizing a positive user experience.

My comprehensive range of services covers all aspects of website design, including coding, optimization, and customization. I am adept at providing tailor-made features and functionalities to meet unique requirements, as well as integrating third-party tools such as analytics and email automation providers into your website. Regardless of the platform or domain you use, I am dedicated to bringing your vision to life.

My goal is to provide clients with the best solutions possible, regardless of their budget or timeline. Your satisfaction is my ultimate measure of success, and I strive to exceed expectations with every project. With my extensive industry experience and a commitment to staying current with industry advancements, I am ready to turn your website dream into a reality. Please do not hesitate to reach out to me for any inquiries on how my services can help fulfill all your technical needs.


Astrael did it as promised. Although the challenge was much bigger then expected, not due to change of scope, but due to appearance of migration issues on multisite, Astrael did not rest until the job was done! Thank you Astrael

Rodrigo Bernardes
Rodrigo Bernardes
Java The Agency / Huanui Lda

Astrael did an outstanding job. He communicated clearly with me all the way along, engaged me in his progress and asked for regular feedback all through the project to ensure everything was delivered exactly as I required...It was and I am extremely happy. I will definitely use Astrael again for future projects.

John Doe
John Doe
Adrian , Trading System Life PTE LTD

Astrael is willing to go the extra mile if needed. Doesn't give up an difficulties and tries all ways to get the job done. Available 16 hours a day, he is a great guy to have on your team

Adrian x -TrainPals

Astrael Kokeb developed our site from scratch, with my design suggestions, and has continued to help us evolve the site further. For this round, as always, he's great to work with. He consistently takes creative initiatives, and creates solutions for my problems, requiring very little oversight.

Bammel TV Technology Services

Astrael is a wonderful worker! He takes the time to make sure that everything you ask for is done right. The website was finished in a timely manner, he took the time to make sure all the adjustments I wanted were done, and he was pleasant to work with. Will hire him again for future products.

Young Shieh
Young Shieh
centralized services

Astrael has exceeded our expectations and handled the domain transfer + redirection + google search console very quickly and also conscientiously. Moreover his response time and quality was great, which makes the communication very pleasant. We like definitely to work on with him on future projects

L. Bo Apparel


  • 0%
  • 0%
    HTML / CSS / PHP
  • 0%
  • 0%
  • 0%


10 + Years of Experience
380 + Projects completed
350+ Happy Clients
5440 + working hours

If you have a project in mind,

I would be happy to assist you with web design and development. My experience includes working with small, medium-sized, and corporate businesses to improve their online presence. Don’t hesitate to reach out if you need any help in this area.

my blogmy blog

How to Restrict Content & Protect Pages with WordPress

WordPress’ built-in password protection is great for smaller sites. Simply set a password for any page or post and its content will be hidden on the front end, replaced with a single form field where users must enter the password to see the restricted content. But sometimes when you want to restrict content you need more granular control or, as in one client’s case recently, a security audit flags the simple-password-approach as being too simple.

Restrict Content with WordPress Plugins

Restricting content on a user/role basis can be complex and there are an overwhelming number of plugins to address the needs, with a bewildering variety of feature-sets and approaches.

I tried a terrible plugin and I tried an excellent plugin. Here’s what I found.

Simple Membership 3.3.7

On the back end, Simple Membership’s user table does not integrate well with the standard WordPress Users table. More crucially, the plugin did not send registration emails to new users or to the site administrator. I checked the plugin support page at and saw some of the bug reports from other users, and a few responses from the developer. I knew it was time to move on.

Ultimate Member 1.3.72

I should have installed this one first. Installation is a cinch. It integrates any existing users and provides an easy-to-use systems for both front end users who need to register or log on, and for back end site managers who need to approve new memberships. The automated emails are easy to edit and there are many options that can be set with simple toggle switches.

  • Front-end user registration
  • Front-end user login
  • Front-end user profiles
  • Custom form fields
  • Conditional logic for form fields
  • Drag and drop form builder
  • User account page
  • Custom user roles
  • Searchable member directories
  • Custom e-mail templates
  • Content restriction
  • Conditional menus
  • Show author posts & comments on user profiles
  • Mobile adaptive & responsive
  • SEO optimized
  • Developer friendly with dozens of actions and filters
  • Multi-site compatibility

Copy Protect Website Text & Images

One more layer of protection you can add to your site is to disable simple copy-and-paste functions on a visitor’s computer. This means they can’t easily copy your text or images. It’s not perfect but it prevents casual/lazy theft. The following plugin is popular with over 40,000 installs and is free.

WP Content Copy Protection & No Right Click

  • Protect your content from selection and copy.
  • No one can save images from your site.
  • No right click or context menu.
  • Show alert message, Image Ad or HTML Ad on save images or right click.
  • Disable the following keys CTRL+A, CTRL+C, CTRL+X,CTRL+S or CTRL+V.
How to Harden WordPress Security

A client recently sent me a panicked email: their WordPress website had been hacked and their home page was full of young, bare-chested men, each one linking to a porno site. Not a great start to the day.

Yes, Your Site is Vulnerable

Any site is vulnerable, no matter how obscure

This was a low-traffic site. I was surprised to see it hacked. But the truth is, these kinds of attacks aren’t made by humans directly. They’re automated, run by bots that scan websites and take advantage of known vulnerabilities—all while the actual human hackers sleep soundly. Yes, this can happen to you.

After a minute or two, I saw the site’s main <.htaccess> file had been compromised. It was full of commands to bypass WordPress altogether, overriding the site’s normal display and replace it with mano-a-mano love magic. So my first move was a quick fix. I replaced the contents of the compromised <.htaccess> file with the standard WordPress commands (see below). The client’s site came back up instantly.

WordPress Out of Date?

Older versions of WordPress have known weaknesses that hackers love to exploit. One of the easiest things you can do to keep your site secure is simply to make sure you’re always running the latest version of WordPress.

Unfortunately, my client’s WordPress install was several versions out of date; they hadn’t updated, or called me to update, the site. So that was an obvious and easy thing to fix, too.

Digging Deeper, Making WordPress Secure

But I knew I could probably do more, make the site really secure. I doubted my client’s server had been hacked directly via FTP (something an email exchange with the site’s host confirmed) so I figured it was an injection attack of some kind. I went Googling. Here’s what I learned…

What to do When Your WordPress Site is Hacked — But Preferably Before Your WordPress Site is Hacked

1) Quick WordPress Security Fixes

Fix <.htaccess>

First of all, if your <.htaccess> file is full of junk commands (and after making a back-up copy of the hacked file because you never know!) replace its contents with something like the following, the most common WordPress settings under Apache…

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

These commands vary slightly from site to site so, for quick client-specific reference, I keep a copy of each site’s htaccess commands in my local client folders, in plain <htaccess.txt> text files.

Next, while you’re messing with the <.htaccess> file, you can add a layer of protection to the all-important <wp-config.php> file. Add the following lines to <.htaccess>…

<files wp-config.php>
order allow,deny
deny from all

This prevents any access to the <wp-config.php> file from beyond the server. Awesomeness in the house.

Back Up Everything

I do two layers of back-up.

First, I go to WordPress › Tools › Export and choose to export All Content. This sends a text dump of all users, posts and pages (and sometimes other content) to my desktop which I can re-import later should things go badly.

Second, I log in to the site’s control panel and get access to phpMyAdmin. From here, I export a backup of the complete SQL database behind the website which can also be re-imported later. (You can’t have too many backups.) If you don’t have direct access to phpMyAdmin, talk to your site’s hosting company for pointers.

N.B. There are WordPress plugins which automate the process of regular back-ups but it’s helpful to know how to make these quick back-ups “by hand”.

Update WordPress

Next, update your WordPress install to the latest version. It’s just a matter of one or two clicks whenever you see that yellow “new version” note on your dashboard. After you’ve backed-up, though, riiiiight?

Change Passwords

Do this for all your users, in case somebody has used a really dumb password. WordPress will email each user their new log-in details.

If you’re feeling sufficiently paranoid, do the same for your FTP account.

Remove Unused Themes

It doesn’t make sense to have extra files hanging around, especially files that can interact directly with your database and server. Remove any unused themes from WordPress, either from WordPress › Appearance › Themes, or simply with your FTP client.

Remove Unused Plugins

The same goes for any unused plugins. If you leave them in place, hackers can guess their default paths and try to access your server. Delete via WordPress › Plugins › Installed Plugins or your FTP client.

2) Change the Obvious

You can (and should) do all of the following every time you install a new instance of WordPress. These best practices give you an added layer of security by changing some of WordPress’ default values. You’ll thank yourself later.

First, Never Use “admin”

When you’re setting up a brand new site, WordPress suggests the very first user be named “admin”. Change this every single time to something else, anything else!, because hackers know to start with “admin” as the default user.

If you’re currently using “admin” as your main administrator account, do these things for yourself right now: add a new user cunningly named anything but “admin”, then assign the role “Administrator”, log out, log back in as the new cunningly-named user, then simply delete the stupid “admin” user (switching all that user’s content to the new account). Done.

Second, Change the WordPress Table Prefix

During installation, the <wp-config.php> file suggests you use wp_ as the master table prefix, but this can be anything you like. You should change this every single time to something else, anything else!, because otherwise hackers know exactly what all your WordPress tables are called and they will attempt direct SQL injection attacks. Nasty like Rhianna on crack.

N.B. If your site is already up and running with the wp_ table prefix, it’s a little trickier to change, but you can do it: the WordPress security plugin mentioned just below comes with a tool to automate the process of switching your table prefixes to something non-obvious.

3) Install a Security Plug-In

There are several great plugins but I like WP Security Scan as a first line of defense. It’s free and relatively easy to set-up—if you’re comfortable working via FTP and have some basic Apache nerd skills.

WSD Security Plugin Settings

Once you install the plugin, you’ll see it listed at the bottom of the admin menu. The content area will show a list of helpful notes, green and red, corresponding to what’s good and bad about your current installation.

WSD Security Scan does several things to make your WordPress site invisible to common hacks…

  • It removes a line of code from your site’s HTML which broadcasts the version of WordPress you’re using (so hackers don’t know what they’re attacking and, in fact, you may not even pop up during their spidering process);
  • It turns off database error reporting so that hackers don’t have access to useful clues;
  • It lets you know if the security suggestions I’ve listed above have been implemented.

It also helps you do two other very useful things which, for non-nerds, are more complicated to pull off. These are explained below—like, right-now-below

4) Secure Your WordPress Directories with the Correct Permissions

If you visit the Scanner page of the WSD plugin, you’ll see a list of vulnerable files and directories. Items that have insecure permissions will be highlighted.

Use your FTP client to get info on each directory and file listed, then adjust the permissions until they match WSD’s suggestions.

N.B. One of these files is the <.htaccess> file and, once you tweak its permissions, WordPress will starting showing the error message “Please make sure your .htaccess file is writable”. Now, when setting up a WordPress site, having the <.htaccess> file writeable is a good thing. But once you’ve got the site settings worked out, it’s best to lock down <.htaccess> just as this plugin suggests; you can always loosen things up again later, on an as-needed basis.

5) Secure Your /wp-admin/ Directory

Getting this recommendation up-and-running is tricky but for business-critical, heavily-trafficked and e-commerce sites, it’s a powerful way to keep your WordPress site nice and secure.

Let’s apply a standard Apache/server-level lock to your /wp-admin/ directory. Anyone trying to access that directory will then have to enter a separate UserID and Password before they see a single WordPress screen. That is, your WordPress back-end will now have two layers of UserID/Password protection.

The gist of it is that you place two small files in your /wp-admin/ directory:

  • an <.htaccess> file which contains a set of commands to restrict access to specific users, and;
  • an <.htpasswd> file which contains the list of users and their encrypted passwords.

I’ve included the necessary files in the archive below, which contains everything you’ll need.

After you upload these files to your /wp-admin/ directory, you’ll need to adjust the first two filenames. Remove “.txt” from the end and add a “.” to the start, so you end up with…


If there are any similarly-named files already in your /wp-admin/ directory, before overwriting, make sure to copy them to your computer for safe keeping.

The tricky thing is finding your root URL to put in the first file. For that, use the <WhatsMyRoot.php> page. Place it anywhere on your server, then access it using your browser to find your site’s root URL. Simply copy and paste the URL into the <.htaccess> file where indicated.

Next, make sure to remove the <WhatsMyRoot.php> file as soon as you’re done. Leaving it in place is a security risk.

Now look through the two remaining files in a plain text editor and edit both so that all occurrences of “replace_with_correct_root_url”, “replace_with_user_name” and “replace_with_encrypted_password” contain the correct information.

Users names go to the left of the colon in the <.htpasswd> file. Encrypted passwords go to the right.

Here are links to several password generators in case one of them is down, as one was for me, right when you need it…

Now, when you visit your /wp-admin/ directory, the server will ask you to verify your identity before you can proceed to WordPress.

You don’t need to set up a separate UserID/Password for each user. To keep your maintenance simple, you can add a single user with a strong password, then share that user’s details with all your trusted site editors.

For mission-critical sites, however, you should supply a range of unique UserIDs and passwords, adding each one on a new line in the <.htpasswd> file. If you do this, you’ll need to tweak a single line in the <.htaccess> file. Change…

Require user replace_with_user_name


Require valid-user

…and now the server will grant access to any of the unique users listed in the <.htpasswd> file—so long, of course, as they have the right password.

6) Further Reading on WordPress Security: Go Deeper

If you’re feeling adventurous, there are more sophisticated things you can do. You can change the location of the /wp-admin/ directory. You can protect WordPress from malicious script injections. You can prevent hot-linking to the images on your site.

Read about these additional to-dos, and more, at the following pages…

How to: Backup Your Site

Note: this tutorial is assuming your entire site will be (if it has already, this will be of no help, except for future occurrences) hacked, crashed and wiped entirely. We’ll be walking through, first backing your site up and then restoring it from nothing.

I get this question all the time: how do I backup my site? Should I pay $15/mo to have my hosting company do it for me? What do I do with the files? How do I restore my site? Why would my site crash? And so on.

Rightfully so, I suppose. Before we begin, let me say this: I’ve never had someone who has actually had a site crash with all their data and had everything wiped to the point where they need a full restore. Better safe than sorry, I suppose. What should also be noted is that if you back up your site too often (ie daily or hourly) it can cause a massive burden on your server. To the point where your site is actually loading slower just because it’s constantly being backed up.

For most small businesses, backing your site up once a month should be sufficient. Hell, I back my site up once a year. That’s not to say the content on it is changing, it’s just to say that after the original content, it doesn’t change that often or substantially to require further backups. Additionally, should something go wrong it would take less than an hour or two to get the site back up and running to it’s current state. I feel this is true for most small businesses (especially those without blogs) and the additional space required on the server isn’t worth it.

The first thing we’ll have to do is download a plugin to backup both our database and our files. I’ll be working with a plugin called: BackUpWordPress. You can either download it via that link, or do a search under Plugins > Add New for “BackUpWordPress” and it’s the first option.

Once the plugin is installed you’ll find the options for backing up under Tools > Backup. You can see the size of your database and manage the options for how often everything is backed up. I just run the manual ones, however you may want to run monthly or even weekly backups. You can also set how many backups are stored. All of this can be changed by clicking settings, or “+ add schedule.”

The difference between the database and the files is quite simple: the database manages how your files are used. First, you need the files to have all the content and foundation. Once that is there, your database backup will allow those files to interact with each other and display the proper content.
Note: your posts and pages are actually entries in the database, NOT physical files. 

After you schedule your backup, or manually back everything up, you have to download a .zip file. You can see it can be quite large: it literally has the entire WordPress file system within it, as well as all your uploads, themes, etc. Lets take a look at restoring your site, should it completely crash.
Note: individual articles for each of these steps coming later. 

  1. Unzip the downloaded file.
  2. Upload your files to the root directory (folder).
  3. Add a database with the credentials in your wp-config.php file. If you can’t use those exact credentials, change the wp-config.php to match the database.
  4. Import the .sql file found in the unzipped folder

That’s a lot to handle to get everything back up and running. The thing to know, though, is that you can do it. Even if it takes a little bit of time, you have all the necessary pieces.

How To: Install WordPress

There are a million and one different scenarios and environments in which WordPress can be installed, but there are two main ones:

  1. The famous 5 minute install
  2. One click installers

Lets walk through each one. First, you’re going to need to make sure you have hosting setup. If you haven’t bought hosting, make sure you follow my hosting guide, so you can use a one click installer (this will make your life much easier). If you already have hosting, without a one click installer, we’ll have to install WordPress the old fashioned way.

Note: before proceeding with the steps below make sure you don’t have a one click installer (something like fantastico, or WordPress, or Simple Scripts).

  1. Download WordPress and unzip it.
  2. Login to your hosting account
  3. Create an FTP user and password. By default some hosts will create a new folder for you. Thus, if I make a user ‘kegan’ my FTP user will be put in a folder called ‘kegan’ thus creating something like That’s not what we want. Make sure you’re in public_html or the highest level possible.
  4. Create a database and a database user. Each host is entirely different with creating and editing databases and their users. Make sure you write down the database name, user, password, and host (for a lot of hosts it’s just ‘localhost’, but for GoDaddy, and some others, it can be different.)
  5. Download an FTP client. The easiest to work with is Filezilla, it’s totally free and pretty easy to use. Login with your FTP credentials from step 3. Sometimes the user needs an @domainname appended on the end of it. Thus, if my user was kegan, I may need to actually do
  6. From where you downloaded WordPress, rename the wp-config-sample.php to wp-config.php and then open it with a text editor. Enter in all the database info from step 4 (make sure everything stays within single quotes).
  7. Get some salt for your database. Copy that and replace lines 45-52 in your wp-config.php file.
  8. On the right side are the files on your server, and on the left are the files on your computer. There should be nothing on the right side. Navigate to where you downloaded and unzipped WordPress and open the folder called ‘wordpress.’ We want the files inside the folder, not the actual folder itself. Select all the files and drag them over to the right hand side of FileZilla (effectively putting them on your server).
  9. Navigate to your site with /wp-admin on the end and finish the install!

Now for the one click installers!

  1. Login to your hosting account
  2. Find the applications that come installed with your hosting
  3. Look for the WordPress installer. Can also be called: Fantastico, Simple Scripts, or just WordPress. If you can’t find it, but have hosting from above make sure to look in the FAQ section for WordPress installers.
  4. Follow the guide from the installer.
  5. That’s it!

There are a ton of different combinations of hosting platforms, that all give you different access levels. If you don’t know what to look for check out my article on WordPress hosting. If you don’t have hosting make sure it comes with a one click installer for WordPress and costs about $5-$10 per month.