As promised in the previous post here, today we will go over running containers with docker-compose. We will use the same source code(react covid dashboard) as in the last post. So, if you want to follow along you can use the same. Below is the docker-compose.yml file from the repo. Unfortunately, I couldn’t get this […]
Okay. My first experience with Dockerfile wasn’t all that pleasant. But every dark cloud has a silver lining🙂. It made me more curious about them and led me to practice/self study more. The source code used in this post is here. If you want to learn more on how this react app works as it […]
Hey Y’all. How have you been? Covid keep releasing updates and this never seems to end isn’t it ? ă‹¡Today I will be talking you through an Ansible script that I have written to set up a NGINX reverse proxy. You may wonder, wasn’t it the same thing that you wrote about last time? No! […]
Hello everyone! I have been busy with work and studies so couldn’t write a blog for a while. In this blog we will look at how we can set up a basic NGINX Reverse Proxy and a NodeJS server using an ansible playbook. Please note that this is just a demo. In reality, the Reverse […]
Let me begin with some context on why I thought of writing about this. Recently I attended a meetup on “Securing a Kubernetes Cluster”. One of the key takeaways from this meetup is blocking access to one namespace from another(Using Network Policies). Some of you may wonder why is this a topic worth exploring. To […]
This blog has been long overdue. I wrote this basic Covid19 dashboard application over a year ago (Application is still live on heroku at: https://covid19-dash-sl.herokuapp.com). Too bad I couldn’t write a blog on it. Anyways, I didn’t think it would be useful cause I was under the impression that Covid19 will be over before we […]
As you may already know, certificates plays an important role in Kubernetes clusters. This is because the communications between various Kubernetes components are secured using TLS. For this encryption of communication and for authentication purposes, we need certificates. Here, the authentication method is 2 way authentication. So this means we need certificates for both the […]
There are many ways of getting a free Let’s encrypt certificate. You can find them easily in here: Getting Started – Let’s Encrypt (letsencrypt.org). There are 2 main ways to get this certificate as per the above link. Namely, generating the certificate with SSH and without SSH. Here, the method that involves SSH requires that […]
In this blogpost, we will look at API Security. More specifically, we will see how we can use Oauth for RESTful APIs. For this we will be using some already available opensource software. The code for the example in this post is available at : https://github.com/ihsanizwer/API-Security-Oauth-for-RESTful-API. Basically, what I am trying to do here is […]
In this blogpost we will look at how we can implement Cross-Site Request Forgery protection via Double Submit Cookie Patterns. First things first This blog is primarily focused on security. Hence, firstly, I will integrate the OWASP dependency check plugin to my project. With Maven, we blindly add many dependencies/ 3rd party libraries without checking […]