coverband

# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

charlesroper

How to setup a practically free CDN using Backblaze B2 and Cloudflare

⚠️ Note 2023-01-21
Some things have changed since I originally wrote this in 2016. I have updated a few minor details, and the advice is still broadly the same, but there are some new Cloudflare features you can (and should) take advantage of. In particular, pay attention to Trevor Stevens' comment here from 22 January 2022, and Matt Stenson's useful caching advice. In addition, Backblaze, with whom Cloudflare are a Bandwidth Alliance partner, have published their own guide detailing how to use Cloudflare's Web Workers to cache content from B2 private buckets. That is worth reading,

martinheld

GraphQL introspection query via curl

cat introspection_query.json

{ 
  "query": "query IntrospectionQuery {
      __schema {
        queryType { name }
        mutationType { name }

greenbrian

#!/bin/bash

# start vault
VAULT_UI=true vault server -dev -dev-root-token-id=root -dev-listen-address=127.0.0.1:8200

# login as root - DO NOT DO THIS IN PRODUCTION
vault login root

# write some secrets
vault kv put secret/test color=blue number=eleventeen

samsch

Stop using JWTs!

TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.

If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)

A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/

The reason to avoid JWTs comes down to a couple different points:

• The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions

cecilemuller

How to create an HTTPS certificate for localhost domains

This focuses on generating the certificates for loading local virtual hosts hosted on your computer, for development only.

Do not use self-signed certificates in production ! For online certificates, use Let's Encrypt instead (tutorial).

enricofoltran

package main

import (
	"context"
	"flag"
	"fmt"
	"log"
	"net/http"
	"os"
	"os/signal"

Tiberriver256

function Get-DirectoryContent {

<#
    .SYNOPSIS
     
        Function to get directory content
    .EXAMPLE
     
        Get-DirectoryContent -Path "C:\" -HeaderName "poshserver.net" -RequestURL "http://poshserver.net" -SubfolderName "/"
		

porjo

Retrieve hosted zones with aws route53 list-hosted-zones then enter the zone Id below:

aws route53 list-resource-record-sets --hosted-zone-id "/hostedzone/xxxxxxxxxxx" | \
   jq -r '.ResourceRecordSets[] | [.Name, .Type, (.ResourceRecords[]? | .Value), .AliasTarget.DNSName?]  | @tsv'

ciaranmahoney

function MXLookup(domain) {
  
  try {
    var url = "https://dns.google.com/resolve?name=%FQDN%&type=MX".replace("%FQDN%",domain);
  
    //var url = "https://dns.google.com/resolve?name=e-mercy.com&type=MX"; // USED FOR TESTING ONLY
    
    Utilities.sleep(100);
    var result = UrlFetchApp.fetch(url,{muteHttpExceptions:true});
    var rc = result.getResponseCode();