|
Highlights of last month - Enjoyed my time in NYC catching up with many people - Released some new features for Postcard - Got a new photo 🤔 Things worth sharing - Reading How to make great coffee ...
|
|
How to protect your website from attacks using Cloudflare WAF and Rate Limiting
-
akashrajpurohit.com
-
3 years ago
-
eng
In this article, I will explain how I was able to protect my website from attackers and how you can too using Cloudflare WAF and rate limiting.
|
|
How to protect your website from attacks using Cloudflare WAF and Rate Limiting
-
akashrajpurohit.com
-
3 years ago
-
eng
In this article, I will explain how I was able to protect my website from attackers and how you can too using Cloudflare WAF and rate limiting.
|
|
Learn how to easily create a software bill of materials (SBOM) for your Java applications in Maven and Gradle.
|
|
Mounting Secrets and ConfigMaps in a preexistent folder without deleting the folder's contents
-
www.patrickdap.com
-
3 years ago
-
spa
I bet you've been there: you mounted a ConfigMap and nuked the entire preexistent directory! We've all been there: we're working on our next super-hyper-duper Kubernetes operator, we're about to deploy it but we're doing some local testing, so we create a ConfigMap or a Secret, we mount it to the Pod, launch our app and we see the entire directory is now gone, replaced with our ConfigMap or Secret's contents. This post will show you how t..
|
|
Here are the top five AWS misconfigurations you should be aware of to prevent potential security gaps in your infrastructure.
|
|
Earlier this month, Google re-branded its WebP2 repository to clarify that WebP 2 will not be released as an image format. . This week, Google deprecated Chromium’s off-by-default JPEG-XL support , citing a lack of interest and improvement over existing formats. Most commits to libjxl , the reference JPEG-XL implementation, are from “google.com” email addresses; I imagine that this decision could impact libjxl development. I doubt we’l..
|
|
Quick tip: Use first image of Woocommerce product gallery as post thumbnail
-
jaimemartinez.nl
-
3 years ago
-
eng
So I have a client who wanted to reuse Woocommerce Product gallery functionality somewhere else on the page, but didn’t needed to set a Featured Image for each individual product. The culprit Because the Woocommerce code checks if your product has a post thumbnail set, it won’t display the gallery if that’s empty. https://github.com/woocommerce/woocommerce/blob/trunk/plugins/woocommerce/templates/single-product/product-thumbnails.php#L29 Th..
|
|
Learn about the top five Docker vulnerabilities or CVEs development teams should watch out for, and how to remediate them.
|
|
I was recently stuck in traffic (which is a rare occurrence given I work remotely) so I took the opportunity to observe my surroundings. The…
|
|
九邊Pro 歷史,金融,軟件編碼,產品經理沈思錄 這段時間總有小夥伴跟我抱怨,大學畢業不好找工作,不如去送外賣得了。 恰好我懂一點送外賣,對於他們這類牢騷,只能跟他們說,送外賣這事,既是體力又是腦力勞動,盡管誰都可以去,但是跟土木和機械比起來,只能是更「卷」,想幹出點名堂,真不是一般的難。 去年在微博上突然收到一個消息,有個哥們上來就問我,說是馬上畢業了(沒說是啥畢業),工作不好找,請問該去跑網約車還是送外賣?很喜歡我的文章,希望我能解答下他的人生疑惑。 我覺得應該是惡作劇,沒理他。 不過對於網約車,我確實了解一些,因為我一個遠房親戚專科畢業後,好逸惡勞,不想進廠打螺絲,家裏人給他買了輛車跑出租,此外我也有以前的同事在網約車平臺做到了高管,考慮到「碼農的終點是網約車」,我經常跟他們聊網約車算法的事: 第一是和平臺鬥智鬥勇,平臺不是人,而是運行著一套非常非常復雜的算法的系統。大家需要知道的一點是,相比於文藝青年創業三件寶,花店、咖啡、奶茶店,....
|
|
I like photographing birds. I take our dog for a walk, drink a coffee, then I often go to the yard to capture those feathered creatures. It’s a ritual to collect my thoughts and prepare for the day. There might be a few lessons there which are applicable for another parts of life (and work).
|
|
An upcoming release of OpenSSL, scheduled for November 1, 2022, addresses a critical security vulnerability. This post explains how to detect the vulnerability in your code and describes mitigation steps.
|
The remake of the 1987 Hellraiser movie came out in 2022. This time I recap all Hellraiser films from 1987 to now.
|
|
Rest Assured - Journey to the end to end API automation
-
engineering.wingify.com
-
3 years ago
-
eng
REST Assured is a Java-based library, one of the most popular libraries to test RESTful Web Services, and is used to perform testing and…
|
|
Pocketbase is an open-source application and alternative to Google Firebase. This is offering realtime database, authentication(including social), and file storage for your next web and mobile application. This article is about how to host the Pocketbase application server which usually runs at 8090 port with your existing application server. If you are using Linux and Apache based server, the following steps will help you to virtual host d..
|
|
We spent a few days in the High Sierra, off the grid, hiking the Big Pine Lakes trails. Highly recommended. I uploaded a gallery of some photography from that trip, including a few taken as we passed through Yosemite. The gallery can be found here . Lake 1: Big Pine Lakes Trail, High Sierra, CA.
|
|
We spent a few days in the High Sierra, off the grid, hiking the Big Pine Lakes trails. Highly recommended. I uploaded a gallery of some photography from that trip, including a few taken as we passed through Yosemite. The gallery can be found here . Lake 1: Big Pine Lakes Trail, High Sierra, CA.
|
|
Despite BoringSSL’s “not intended for general use” warning, it’s used by many projects: The “ring” rust crate’s crypto primitives (used by Rustls) Cloudflare: used everywhere, including Quiche. Apple’s Secure Transport (it’s in both major mobile OSes!) Optionally: Nginx, libcurl (Update 2023-04-24) Apple’s SwiftNIO SSL (Update 2023-04-24) AWS libcrypto is based on BoringSSL (Update 2023-05-26) the Envoy proxy uses BoringSSL ..
|
Contributing to Open Source is important to the quality and maintainability of the software and engineering communities we rely on every day - so why is it that so many developers/engineers never participate?
|
|
Contributing to Open Source is important to the quality and maintainability of the software and engineering communities we rely on every day - so why is it that so many developers/engineers never participate?
|
|
Assuming we have transit encryption, the main result of Border Gateway Patrol (BGP) errors is mass downtime. Downtime for a typical service is a headache; downtime for a CA can be disastrous. BGP hijacking also enables certificate mis-issuance by messing with weak domain control validation. Route authorization is an important mitigation! That said: TLS is our last line of defense against BGP attacks that re-direct HTTPS requests. User..
|
|
I mostly programmed in Go the last few years. So every time I wanted an embedded key-value database, I reached for Cockroach's Pebble . Pebble is great for Go programming but Go does not embed well into other languages. Pebble was inspired by RocksDB (and its predecessor, LevelDB ). Both were written in C++ which can more easily be embedded into any language with a C foreign function interface. Pebble also has some interesting limitat....
|
|
These are things I always forget but need to be really comfortable working in a remote server. I try to be distro-agnostic when I can. Set up history options in .bashrc: HISTCONTROL = ignoreboth:erasedups HISTSIZE = 100000 HISTFILESIZE = 100000 shopt -s histappend shopt -s checkwinsize PROMPT_COMMAND = " history -a; history -c; history -r; $PROMPT_COMMAND " case " $TERM " in xterm-color |* -256c....
|
|
The Fediverse I was never an active user of Twitter. Occasionally, I was browsing my feed. I follow the #genart posts and read about technology. My occasional post about some lesser important topic, the link to a blog post I wrote, or a retweet about something I believed to be interesting. I never ended up in a heated discussion about any crap with random people. I have a pretty dull social media existence.
|
|
As someone who’s been on board with Twitter since 2009, I have to admit that I’m very concerned with recent developments. I admire and respect Elon Musk for his companies’ achievements, especially in space and electric movement industries, but the man himself, holy cow, what a drag. On The Verge, Nilay Patel’s brutal piece on the recent Twitter acquisition is chock-full of brilliant insights on what it takes to run a modern commercial s..
|
|
If you're like me and have spun up a t4g.small during AWS's free trial period, you might want to run docker and docker compose. However, documentation on this is pretty sparse. docker-compose vs docker compose Apparently , docker compose is the new hotness and should be used going forward. I'm sure there are many changes under the hood but the headliner is that it's written in Go and docker-compose was written in Python (apparently). do....
|
|
To understand how fuzzing tools improve security, let’s explore the benefits of fuzzing, discuss some use cases for fuzzing, and review an example of how fuzzing would work in a real-world test.
|
|
Explanation on ~vern’s downtime on 28-29 oct ~vern team Mon, 28 Oct 2022 Hello ~vern members, We recently had downtime of the tilserv caused due to cleaning which accidentally disconnected the power cable I started having issues at 19:30 IST (14:00 UTC) when my ssh connection to the server freezed. Since cobra wasn’t at home, we had to wait until 11:50 PM IST (6:20 UTC) when she could check on the server and confirm our assumpti..
|
|
vern ZFS Migration ~vern team Mon, 28 Oct 2022 Hello ~vern members, We have decided to move our Data-SSD from BtrFS to ZFS in light of the issues we have heard about regarding BtrFS’ stability. The migration will be done the coming Sunday, 30th Oct 2022. The specific time of downtime will be announced in our announcements channel before the migration. The amount of data to be backed up and copied is around 220 GB. I estimate..
|
|
It all started with a hat. A straw boater, to be precise, with a flat, round brim and brightly colored ribbon tied around the crown. Originally popularized by gondoliers in Venice, this jaunty accessory had reached the height of American couture by the turn of the 20th century. The boater became not just a style, but a closet staple, worn by everyone from politicians to athletes—at least between the months of May and September. Fashion of t....
|
|
A few quotes from The King James Version: Its tradition, text, and translation
-
honza.pokorny.ca
-
3 years ago
-
eng
Here are a few choice quotes from the The King James Version: Its tradition, text, and translation article in the Reformation Heritage KJV Study Bible edited by Dr Joel Beeke: Should we set the KJV aside because it’s too difficult to read? Notwithstanding its age, there is no good reason to disregard it or to relegate it to the past. […] In every way, the KJV is an outstanding version of the Scriptures, worthy of continued use as ....
|
|
A few quotes from The King James Version: Its tradition, text, and translation
-
honza.pokorny.ca
-
3 years ago
-
eng
Here are a few choice quotes from the The King James Version: Its tradition, text, and translation article in the Reformation Heritage KJV Study Bible edited by Dr Joel Beeke: Should we set the KJV aside because it’s too difficult to read? Notwithstanding its age, there is no good reason to disregard it or to relegate it to the past. […] In every way, the KJV is an outstanding version of the Scriptures, worthy of continued use as ....
|
|
We Must Professionalize Programming to Preserve Society and Computing Freedom
-
gavinhoward.com
-
3 years ago
-
eng
Assumed Audience : Hackers, programmers, users, and anyone that cares about computing freedom. Discuss on Hacker News , but please don’t post on lobste.rs because I do not have an account. Epistemic Status : Extremely confident, enough to bet my career on it. This post borrows heavily from “Uncle” Bob Martin’s “The Future of Programming” and Voxxed CERN 2019 Keynote . It even has some of the same things. I did this becau..
|