My ServicesMy Services

From branding, to ecommerce, to mobile. I've got you covered.

Website Design / Development

Whether it is a small business website or a disruptive startup, we provide custom web design and development solution using cutting edge technology tailoring your specific need.

Ecommerce

I can help you to create safe, secure and easy to use eCommerce systems that bring revenue with every click. An eCommerce website built on WooCommerce ,magento or shopify makes your life easier as an online seller.

WordPress Web Design

WordPress is awesome!It is the world’s most popular and lightweight CMS that powers more than 40% websites globally. I ♥ WordPress and if you want to be in control of your website then you will too. I build custom WordPress websites that are easy to manage.

Search Engine Optimization (SEO)

I offer comprehensive SEO campaigns to grow your organic traffic. Whether you have an existing site that needs a boost or have a completely new idea, I can optimize your site and build a strategy to expand your entire web presence.

Web Security

Ever wondered how to protect your business WordPress blog or website from the always increasing malicious hacker attacks and malware infections? Let me  take care of the security of your WordPress so you can focus on your business.

Website Speed Optimization

If your site is slow and sluggish , there is high chance that you will lose your visitors,sales and Search engine ranking.I’m dedicated to speed up your website or blog to achieve better user experience, engagement and faster load rate that will surely boost up your sales and traffic.

Why Me?Why Me?

Why you might like to think of me for your next web project

“You have to be sure that you are choosing the right web designer, as often the true value of your site will only be known after launch”

I'm more affordable
0

I don’t have huge overheards which means you get a similar service to the big guys at incredible freelancer prices.

Reliable
0

Having a web designer do what they say they will do and put in place what has been discussed in any consultations.

Communication
0

Being able to talk to someone regarding your website is crucial and I am always available, whether it be by email, phone or my contact form.

I'm insanely flexible
0

Being a freelancer allows me to work to my own schedule and that means a lot of time to fit you in whenever that may be.

Good listener
0

What does the client need? This is best found by our initial consultation and questionnaire, also linked to good communication.

Support
0

During the design, build and after completion phases of your website, it is vital that you receive the support you require.  

Got a project in mind

I have helped small, medium sized business and corporate with their online I would love to hear from you if you need any help regarding web design and development.

QUOTEQUOTE

Please take your time to provide some details. This will help me to come up with detailed queries regarding your project.

Planning

I will say that this is the most important stage of the entire process “Get it right in the early stages and it will be easier in the latter”.

  • Information gathering
  • Questions, questions and more questions
  • Meetings

Please refer to my questionnaire that I like my clients to complete – this will give me plenty of information on which to base the website on

Design

This is where the information gathered from stage 1 will be used to either put pen to paper or pixels to screen.  A visual representation will be exchanged between parties.  We continue to work with you to ensure that our proposal meets the requirements of your business.

  • A supply of a .jpg (or similar) file.
  • Design mockups
  • Sitemaps
  • Client side design

Development

The point at which the website is created.  All the parts of the design created in stage 2 will be put into use for a functioning site.  It is regularly tested in all browsers.

  • Client side programming
  • html/css/javascript/webplus
  • Quality assurance testing
  • Inserting client information ie content, photography etc

Launch

At this stage you will be 100% satisfied with the website.  Preparation for public viewing will commence.  Files will be uploaded to the chosen server.

  • Link testing
  • W3C validation
  • Cross-browser testing – IE, Firefox, Chrome, Safari, Opera, Iphone
  • FTP

Post Launch

The true value of the website will be known after launch.  This is when you find out how your website is received.  Also known as the maintenance period.  I work with the clients to update, maintain, support and even possibly build more pages if necessary.  We can closely monitor your website to ensure that you are happy with the final product, and we have met all goals.

  • Support and maintenance
  • SEO integration
  • Completion
  • Learn from experience

Contact MeContact Me

I would love to hear from you!

GET IN TOUCH

Get in touch, just say hello or request a web proposal. contact me via your preferred way, I answer every single inquiry.

Adress

Addis Ababa, ETHIOPIA

Phone

(+251) 911-78-67-39

Mail

[email protected]

CONTACT FORM

About MeAbout Me

I'm Freelance Web Developer / Designer

I am a web Developer / Designer designer focused on creating and growing your brand and business.

I build websites for all kinds of businesses and clients, small to medium sized.  All styles of websites can be catered for – stylish, dynamic, professional, clean, minimalist, retro etc.

Whether you’re a business wanting to expand online or revamp an existing site or even design a new logo etc, I can certainly help.

Success comes from giving 100% and a unique approach to customer service.

I have a wide variety of skills that I am able to provide my clients. And I am seeking opportunities to build websites from the ground up for you or your business. I provide quality and custom website designs with an emphasis on details that set your website out from the crowd. Let’s talk about marketing, landing pages and other design aspects that make your website work for you. Your job is not just a job, it is something you are paying hard earned money for, and you should get a quality service in return.

 

MY STORY

Astrael did it as promised. Although the challenge was much bigger then expected, not due to change of scope, but due to appearance of migration issues on multisite, Astrael did not rest until the job was done! Thank you Astrael

Rodrigo Bernardes
Rodrigo Bernardes
Java The Agency / Huanui Lda

Astrael did an outstanding job. He communicated clearly with me all the way along, engaged me in his progress and asked for regular feedback all through the project to ensure everything was delivered exactly as I required...It was and I am extremely happy. I will definitely use Astrael again for future projects.

John Doe
John Doe
Adrian , Trading System Life PTE LTD

Astrael is willing to go the extra mile if needed. Doesn't give up an difficulties and tries all ways to get the job done. Available 16 hours a day, he is a great guy to have on your team

Adrian
Adrian
Adrian x -TrainPals

Astrael Kokeb developed our site from scratch, with my design suggestions, and has continued to help us evolve the site further. For this round, as always, he's great to work with. He consistently takes creative initiatives, and creates solutions for my problems, requiring very little oversight.

JOHN DOBA
JOHN DOBA
Bammel TV Technology Services

<em class="o-break-word o-white-space-pre-line ng-binding ng-scope" data-ng-if="item.feedback.comment">Astrael is a wonderful worker! He takes the time to make sure that everything you ask for is done right. The website was finished in a timely manner, he took the time to make sure all the adjustments I wanted were done, and he was pleasant to work with. Will hire him again for future products.</em>

Young Shieh
Young Shieh
centralized services

Astrael has exceeded our expectations and handled the domain transfer + redirection + google search console very quickly and also conscientiously. Moreover his response time and quality was great, which makes the communication very pleasant. We like definitely to work on with him on future projects

Sebastian
Sebastian
L. Bo Apparel

REVIEWS

  • 0%
    CMS (WORDPRESS, MAGENTO, SHOPIFY& more)
  • 0%
    HTML / CSS / PHP
  • 0%
    SEO
  • 0%
    WEBSITE SECURITY
  • 0%
    WEBSITE SPEED OPTIMIZATION

MY SKILLS

Years of Experience
0
Projects completed
0
Happy Clients
0
working hours
0

Got a project in mind

I have helped small, medium sized business and corporate with their online I would love to hear from you if you need any help regarding web design and development.

my blogmy blog

keep up to date - With the latest web design, development & technology news
How to Restrict Content & Protect Pages with WordPress

WordPress’ built-in password protection is great for smaller sites. Simply set a password for any page or post and its content will be hidden on the front end, replaced with a single form field where users must enter the password to see the restricted content. But sometimes when you want to restrict content you need more granular control or, as in one client’s case recently, a security audit flags the simple-password-approach as being too simple.

Restrict Content with WordPress Plugins

Restricting content on a user/role basis can be complex and there are an overwhelming number of plugins to address the needs, with a bewildering variety of feature-sets and approaches.

I tried a terrible plugin and I tried an excellent plugin. Here’s what I found.

Simple Membership 3.3.7

On the back end, Simple Membership’s user table does not integrate well with the standard WordPress Users table. More crucially, the plugin did not send registration emails to new users or to the site administrator. I checked the plugin support page at wordpress.org and saw some of the bug reports from other users, and a few responses from the developer. I knew it was time to move on.

Ultimate Member 1.3.72

I should have installed this one first. Installation is a cinch. It integrates any existing users and provides an easy-to-use systems for both front end users who need to register or log on, and for back end site managers who need to approve new memberships. The automated emails are easy to edit and there are many options that can be set with simple toggle switches.

  • Front-end user registration
  • Front-end user login
  • Front-end user profiles
  • Custom form fields
  • Conditional logic for form fields
  • Drag and drop form builder
  • User account page
  • Custom user roles
  • Searchable member directories
  • Custom e-mail templates
  • Content restriction
  • Conditional menus
  • Show author posts & comments on user profiles
  • Mobile adaptive & responsive
  • SEO optimized
  • Developer friendly with dozens of actions and filters
  • Multi-site compatibility

Copy Protect Website Text & Images

One more layer of protection you can add to your site is to disable simple copy-and-paste functions on a visitor’s computer. This means they can’t easily copy your text or images. It’s not perfect but it prevents casual/lazy theft. The following plugin is popular with over 40,000 installs and is free.

WP Content Copy Protection & No Right Click 1.5.0.6

  • Protect your content from selection and copy.
  • No one can save images from your site.
  • No right click or context menu.
  • Show alert message, Image Ad or HTML Ad on save images or right click.
  • Disable the following keys CTRL+A, CTRL+C, CTRL+X,CTRL+S or CTRL+V.
How to Harden WordPress Security

A client recently sent me a panicked email: their WordPress website had been hacked and their home page was full of young, bare-chested men, each one linking to a porno site. Not a great start to the day.

Yes, Your Site is Vulnerable

Any site is vulnerable, no matter how obscure

This was a low-traffic site. I was surprised to see it hacked. But the truth is, these kinds of attacks aren’t made by humans directly. They’re automated, run by bots that scan websites and take advantage of known vulnerabilities—all while the actual human hackers sleep soundly. Yes, this can happen to you.

After a minute or two, I saw the site’s main <.htaccess> file had been compromised. It was full of commands to bypass WordPress altogether, overriding the site’s normal display and replace it with mano-a-mano love magic. So my first move was a quick fix. I replaced the contents of the compromised <.htaccess> file with the standard WordPress commands (see below). The client’s site came back up instantly.

WordPress Out of Date?

Older versions of WordPress have known weaknesses that hackers love to exploit. One of the easiest things you can do to keep your site secure is simply to make sure you’re always running the latest version of WordPress.

Unfortunately, my client’s WordPress install was several versions out of date; they hadn’t updated, or called me to update, the site. So that was an obvious and easy thing to fix, too.

Digging Deeper, Making WordPress Secure

But I knew I could probably do more, make the site really secure. I doubted my client’s server had been hacked directly via FTP (something an email exchange with the site’s host confirmed) so I figured it was an injection attack of some kind. I went Googling. Here’s what I learned…

What to do When Your WordPress Site is Hacked — But Preferably Before Your WordPress Site is Hacked

1) Quick WordPress Security Fixes

Fix <.htaccess>

First of all, if your <.htaccess> file is full of junk commands (and after making a back-up copy of the hacked file because you never know!) replace its contents with something like the following, the most common WordPress settings under Apache…

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

These commands vary slightly from site to site so, for quick client-specific reference, I keep a copy of each site’s htaccess commands in my local client folders, in plain <htaccess.txt> text files.

Next, while you’re messing with the <.htaccess> file, you can add a layer of protection to the all-important <wp-config.php> file. Add the following lines to <.htaccess>…

<files wp-config.php>
order allow,deny
deny from all
</files>

This prevents any access to the <wp-config.php> file from beyond the server. Awesomeness in the house.

Back Up Everything

I do two layers of back-up.

First, I go to WordPress › Tools › Export and choose to export All Content. This sends a text dump of all users, posts and pages (and sometimes other content) to my desktop which I can re-import later should things go badly.

Second, I log in to the site’s control panel and get access to phpMyAdmin. From here, I export a backup of the complete SQL database behind the website which can also be re-imported later. (You can’t have too many backups.) If you don’t have direct access to phpMyAdmin, talk to your site’s hosting company for pointers.

N.B. There are WordPress plugins which automate the process of regular back-ups but it’s helpful to know how to make these quick back-ups “by hand”.

Update WordPress

Next, update your WordPress install to the latest version. It’s just a matter of one or two clicks whenever you see that yellow “new version” note on your dashboard. After you’ve backed-up, though, riiiiight?

Change Passwords

Do this for all your users, in case somebody has used a really dumb password. WordPress will email each user their new log-in details.

If you’re feeling sufficiently paranoid, do the same for your FTP account.

Remove Unused Themes

It doesn’t make sense to have extra files hanging around, especially files that can interact directly with your database and server. Remove any unused themes from WordPress, either from WordPress › Appearance › Themes, or simply with your FTP client.

Remove Unused Plugins

The same goes for any unused plugins. If you leave them in place, hackers can guess their default paths and try to access your server. Delete via WordPress › Plugins › Installed Plugins or your FTP client.

2) Change the Obvious

You can (and should) do all of the following every time you install a new instance of WordPress. These best practices give you an added layer of security by changing some of WordPress’ default values. You’ll thank yourself later.

First, Never Use “admin”

When you’re setting up a brand new site, WordPress suggests the very first user be named “admin”. Change this every single time to something else, anything else!, because hackers know to start with “admin” as the default user.

If you’re currently using “admin” as your main administrator account, do these things for yourself right now: add a new user cunningly named anything but “admin”, then assign the role “Administrator”, log out, log back in as the new cunningly-named user, then simply delete the stupid “admin” user (switching all that user’s content to the new account). Done.

Second, Change the WordPress Table Prefix

During installation, the <wp-config.php> file suggests you use wp_ as the master table prefix, but this can be anything you like. You should change this every single time to something else, anything else!, because otherwise hackers know exactly what all your WordPress tables are called and they will attempt direct SQL injection attacks. Nasty like Rhianna on crack.

N.B. If your site is already up and running with the wp_ table prefix, it’s a little trickier to change, but you can do it: the WordPress security plugin mentioned just below comes with a tool to automate the process of switching your table prefixes to something non-obvious.

3) Install a Security Plug-In

There are several great plugins but I like WP Security Scan as a first line of defense. It’s free and relatively easy to set-up—if you’re comfortable working via FTP and have some basic Apache nerd skills.

WSD Security Plugin Settings

Once you install the plugin, you’ll see it listed at the bottom of the admin menu. The content area will show a list of helpful notes, green and red, corresponding to what’s good and bad about your current installation.

WSD Security Scan does several things to make your WordPress site invisible to common hacks…

  • It removes a line of code from your site’s HTML which broadcasts the version of WordPress you’re using (so hackers don’t know what they’re attacking and, in fact, you may not even pop up during their spidering process);
  • It turns off database error reporting so that hackers don’t have access to useful clues;
  • It lets you know if the security suggestions I’ve listed above have been implemented.

It also helps you do two other very useful things which, for non-nerds, are more complicated to pull off. These are explained below—like, right-now-below

4) Secure Your WordPress Directories with the Correct Permissions

If you visit the Scanner page of the WSD plugin, you’ll see a list of vulnerable files and directories. Items that have insecure permissions will be highlighted.

Use your FTP client to get info on each directory and file listed, then adjust the permissions until they match WSD’s suggestions.

N.B. One of these files is the <.htaccess> file and, once you tweak its permissions, WordPress will starting showing the error message “Please make sure your .htaccess file is writable”. Now, when setting up a WordPress site, having the <.htaccess> file writeable is a good thing. But once you’ve got the site settings worked out, it’s best to lock down <.htaccess> just as this plugin suggests; you can always loosen things up again later, on an as-needed basis.

5) Secure Your /wp-admin/ Directory

Getting this recommendation up-and-running is tricky but for business-critical, heavily-trafficked and e-commerce sites, it’s a powerful way to keep your WordPress site nice and secure.

Let’s apply a standard Apache/server-level lock to your /wp-admin/ directory. Anyone trying to access that directory will then have to enter a separate UserID and Password before they see a single WordPress screen. That is, your WordPress back-end will now have two layers of UserID/Password protection.

The gist of it is that you place two small files in your /wp-admin/ directory:

  • an <.htaccess> file which contains a set of commands to restrict access to specific users, and;
  • an <.htpasswd> file which contains the list of users and their encrypted passwords.

I’ve included the necessary files in the archive below, which contains everything you’ll need.

After you upload these files to your /wp-admin/ directory, you’ll need to adjust the first two filenames. Remove “.txt” from the end and add a “.” to the start, so you end up with…

/wp-admin/.htaccess
/wp-admin/.htpasswd
/wp-admin/WhatsMyRoot.php

If there are any similarly-named files already in your /wp-admin/ directory, before overwriting, make sure to copy them to your computer for safe keeping.

The tricky thing is finding your root URL to put in the first file. For that, use the <WhatsMyRoot.php> page. Place it anywhere on your server, then access it using your browser to find your site’s root URL. Simply copy and paste the URL into the <.htaccess> file where indicated.

Next, make sure to remove the <WhatsMyRoot.php> file as soon as you’re done. Leaving it in place is a security risk.

Now look through the two remaining files in a plain text editor and edit both so that all occurrences of “replace_with_correct_root_url”, “replace_with_user_name” and “replace_with_encrypted_password” contain the correct information.

Users names go to the left of the colon in the <.htpasswd> file. Encrypted passwords go to the right.

Here are links to several password generators in case one of them is down, as one was for me, right when you need it…

Now, when you visit your /wp-admin/ directory, the server will ask you to verify your identity before you can proceed to WordPress.

You don’t need to set up a separate UserID/Password for each user. To keep your maintenance simple, you can add a single user with a strong password, then share that user’s details with all your trusted site editors.

For mission-critical sites, however, you should supply a range of unique UserIDs and passwords, adding each one on a new line in the <.htpasswd> file. If you do this, you’ll need to tweak a single line in the <.htaccess> file. Change…

Require user replace_with_user_name

…to…

Require valid-user

…and now the server will grant access to any of the unique users listed in the <.htpasswd> file—so long, of course, as they have the right password.

6) Further Reading on WordPress Security: Go Deeper

If you’re feeling adventurous, there are more sophisticated things you can do. You can change the location of the /wp-admin/ directory. You can protect WordPress from malicious script injections. You can prevent hot-linking to the images on your site.

Read about these additional to-dos, and more, at the following pages…

How to: Backup Your Site

Note: this tutorial is assuming your entire site will be (if it has already, this will be of no help, except for future occurrences) hacked, crashed and wiped entirely. We’ll be walking through, first backing your site up and then restoring it from nothing.

I get this question all the time: how do I backup my site? Should I pay $15/mo to have my hosting company do it for me? What do I do with the files? How do I restore my site? Why would my site crash? And so on.

Rightfully so, I suppose. Before we begin, let me say this: I’ve never had someone who has actually had a site crash with all their data and had everything wiped to the point where they need a full restore. Better safe than sorry, I suppose. What should also be noted is that if you back up your site too often (ie daily or hourly) it can cause a massive burden on your server. To the point where your site is actually loading slower just because it’s constantly being backed up.

For most small businesses, backing your site up once a month should be sufficient. Hell, I back my site up once a year. That’s not to say the content on it is changing, it’s just to say that after the original content, it doesn’t change that often or substantially to require further backups. Additionally, should something go wrong it would take less than an hour or two to get the site back up and running to it’s current state. I feel this is true for most small businesses (especially those without blogs) and the additional space required on the server isn’t worth it.

The first thing we’ll have to do is download a plugin to backup both our database and our files. I’ll be working with a plugin called: BackUpWordPress. You can either download it via that link, or do a search under Plugins > Add New for “BackUpWordPress” and it’s the first option.

Once the plugin is installed you’ll find the options for backing up under Tools > Backup. You can see the size of your database and manage the options for how often everything is backed up. I just run the manual ones, however you may want to run monthly or even weekly backups. You can also set how many backups are stored. All of this can be changed by clicking settings, or “+ add schedule.”

The difference between the database and the files is quite simple: the database manages how your files are used. First, you need the files to have all the content and foundation. Once that is there, your database backup will allow those files to interact with each other and display the proper content.
Note: your posts and pages are actually entries in the database, NOT physical files. 

After you schedule your backup, or manually back everything up, you have to download a .zip file. You can see it can be quite large: it literally has the entire WordPress file system within it, as well as all your uploads, themes, etc. Lets take a look at restoring your site, should it completely crash.
Note: individual articles for each of these steps coming later. 

  1. Unzip the downloaded file.
  2. Upload your files to the root directory (folder).
  3. Add a database with the credentials in your wp-config.php file. If you can’t use those exact credentials, change the wp-config.php to match the database.
  4. Import the .sql file found in the unzipped folder

That’s a lot to handle to get everything back up and running. The thing to know, though, is that you can do it. Even if it takes a little bit of time, you have all the necessary pieces.

How To: Install WordPress

There are a million and one different scenarios and environments in which WordPress can be installed, but there are two main ones:

  1. The famous 5 minute install
  2. One click installers

Lets walk through each one. First, you’re going to need to make sure you have hosting setup. If you haven’t bought hosting, make sure you follow my hosting guide, so you can use a one click installer (this will make your life much easier). If you already have hosting, without a one click installer, we’ll have to install WordPress the old fashioned way.

Note: before proceeding with the steps below make sure you don’t have a one click installer (something like fantastico, or WordPress, or Simple Scripts).

  1. Download WordPress and unzip it.
  2. Login to your hosting account
  3. Create an FTP user and password. By default some hosts will create a new folder for you. Thus, if I make a user ‘kegan’ my FTP user will be put in a folder called ‘kegan’ thus creating something like keganquimby.com/kegan. That’s not what we want. Make sure you’re in public_html or the highest level possible.
  4. Create a database and a database user. Each host is entirely different with creating and editing databases and their users. Make sure you write down the database name, user, password, and host (for a lot of hosts it’s just ‘localhost’, but for GoDaddy, and some others, it can be different.)
  5. Download an FTP client. The easiest to work with is Filezilla, it’s totally free and pretty easy to use. Login with your FTP credentials from step 3. Sometimes the user needs an @domainname appended on the end of it. Thus, if my user was kegan, I may need to actually do [email protected]
  6. From where you downloaded WordPress, rename the wp-config-sample.php to wp-config.php and then open it with a text editor. Enter in all the database info from step 4 (make sure everything stays within single quotes).
  7. Get some salt for your database. Copy that and replace lines 45-52 in your wp-config.php file.
  8. On the right side are the files on your server, and on the left are the files on your computer. There should be nothing on the right side. Navigate to where you downloaded and unzipped WordPress and open the folder called ‘wordpress.’ We want the files inside the folder, not the actual folder itself. Select all the files and drag them over to the right hand side of FileZilla (effectively putting them on your server).
  9. Navigate to your site with /wp-admin on the end and finish the install!

Now for the one click installers!

  1. Login to your hosting account
  2. Find the applications that come installed with your hosting
  3. Look for the WordPress installer. Can also be called: Fantastico, Simple Scripts, or just WordPress. If you can’t find it, but have hosting from above make sure to look in the FAQ section for WordPress installers.
  4. Follow the guide from the installer.
  5. That’s it!

There are a ton of different combinations of hosting platforms, that all give you different access levels. If you don’t know what to look for check out my article on WordPress hosting. If you don’t have hosting make sure it comes with a one click installer for WordPress and costs about $5-$10 per month.