One of the greatest things about the Amazon AWS services is that they save a tonne of time on the reinventing the wheel. There are numerous technologies out there and nobody has the time to dive deep, learn, and try all of them. Amazon AWS often provides ready-made templates and configurations for people who just want to try a technology or a tool, without investing too much time (and money) into figuring out all the options and tweaks.
“Get Started with Blockchain Using the new AWS Blockchain Templates” is one example of such predefined and pre-configured setup, for those who want to play around with Blockchain. Just think of how much time it would have taken somebody who just wants to spin up their own Etherium network with some basic tools and services just to check the technology out. With the predefined templates you can be up and running in minutes, and, once you are comfortable, you can spend more time rebuilding the whole thing, configuring and tweaking everything.
This article (in Russian) lists a number of useful payloads (and some tools that work with them) for security testing of web applications. Below is the list of handy GitHub repositories for web server path testing, cross-site scripting, SQL injection, and several other common types of vulnerabilities. These payloads are much richer than basic hand-made tests and can help improve the security of the web application a great deal:
- Unleashing an Ultimate XSS Polyglot
- fuzz.txt – potentially dangerous files
- Payloads All The Things – a list of useful payloads and bypasses for web application security
- SecLists – a collection of different lists useful during the security testing
- IntruderPayloads – a collection of payloads, fuzz lists, and file uploads
- FuzzDB – a collection of fuzz lists and web application firewall evasion patterns
- payloads – a collection of payloads with links to a lot more lists and tools
“Immutable Deployment @ Quorum” describes yet another approach to automated, and this case – immutable, deployments. This particular setup is slightly more on the SysAdmin/DevOps side rather than on the development side, utilizing tools like Ansible, Amazon EC2, and Amazon AMI.
If you are building very few projects, or projects with little variations, and use a whole instance for the project, than you should definitely check it out. For those people who work with a zoo of technologies and share the server between several projects, this approach probably won’t work so well. Unless it is adjusted to use containers instead of instances, but even then, it’ll probably won’t be optimal.
Oh sh*t, git! is a collection of git problems, their solutions, and some explanations of how that happened and how to get out of it.
Git is hard: screwing up is easy, and figuring out how to fix your mistakes is f*cking impossible. Git documentation has this chicken and egg problem where you can’t search for how to get yourself out of a mess, unless you already know the name of the thing you need to know aboutin order to fix your problem.
“7 ways to do containers on AWS” covers a variety of different ways to run containers on the Amazon AWS cloud infrastructure. These include most of the usual suspects, like Amazon Elastic Container Service (ECS), Amazon Elastic Container Service for Kubernetes (EKS), and hand-rolled vanilla containers on EC2, as well as a few lesser known ones like templated Kubernetes and Amazon Fargate.
“A Practical Introduction to Container Terminology” is at the same time two things for me:
- The longest blog post that I’ve seen in a long time, if not ever.
- The best introductory tutorial into containers.
Here are some very exciting news from the Nginx front lines: HTTP/2 Server Push is now available in the latest and greatest Nginx 1.13.9, which was released yesterday!
Server Push was one of the most exciting features for me in all of the HTTP/2 specification. But I wasn’t quite sure how it will be implemented, and, most importantly, how it can be made easily available to the web developers, who are often few levels removed from the web server configuration. I think Nginx solves the problem quite elegantly.
On the configuration level, “location” directives are often available to the web developers withing the virtual host / server. But for those who can’t use those or don’t want to mess around with the configuration files, an even easier option is available – Link HTTP header.
I’m sure this will soon be widely supported in all the major libraries and frameworks, much like HTTP cookies are. Great times ahead!
- Commits and refs can be filtered using a query language.
- Changes to the repository are captured by monitoring the filesystem allowing the UI to be updated automatically.
- Organised as tabs and splits. Custom tabs and splits can be created using any combination of views.
- Vi like keybindings by default, key bindings can be customised.
- Custom themes can be created.