Posts

Showing posts with the label Nginx

Nginx with Naked Domains

This right I'm going naked on everything! Non-www and everything lowercase. Just to simplify my urls. If you couldn't write it out naturally or if it takes too long then I avoid making it a path. Special cases like unique guid url parameters being the exception. For the sites that have a ton parameters this its understandable but for the domains this rule really should be applied. In some cases might say the path is up to the application however if the framework doesn't handle this is a fall back. https://superuser.com/questions/432674/nginx-remove-www-from-https https://www.digitalocean.com/community/tutorials/how-to-redirect-www-to-non-www-with-nginx-on-ubuntu-14-04 http://nginx.org/en/docs/http/server_names.html
Read more

Content Security Policy & Best Practices

Image
This article is mostly on configuration with nginx and maybe a little on IIS. Notes: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors https://csp-evaluator.withgoogle.com https://securityheaders.io/
Read more

Nginx Best Practices Extended

Based on a gisthub configuration, which I thought was worth going through piece by piece. https://gist.github.com/plentz/6737338 https://github.com/BIAndrews/nginx-compliance-config HTTP2  https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-with-http-2-support-on-ubuntu-16-04 https://developers.google.com/web/tools/lighthouse/audits/http2 https://docs.microsoft.com/en-us/iis/get-started/whats-new-in-iis-10/http2-on-iis Avoid If https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/ SSL Configuration https://mozilla.github.io/server-side-tls/ssl-config-generator/ https://stackoverflow.com/questions/24594971/how-to-changehide-the-nginx-server-signature  Strict Transport Security (HSTS) https://hstspreload.org/ https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/ https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
Read more

Popular posts from this blog

UI-Bootstrap Collapsible Sticky Footer

    I could have done this a lot of ways and ultimately I made it work with javascript modifying the class names. I also had to create multiple class names which I didn't like to much, I might come back and improve this but for now this is was I got. Also I call bootstrap+angularjs = ui-bootstrap, not sure if that's common sense but thought I should include it somewhere in my notes. Working Example: http://plnkr.co/edit/2N9ENlbw3bSvg1W9n0ch?p=preview This little css was key to prevent any kind of animation on the collapse, which would result in a scrollbar appearing on the body. A scrollbar can appear when the content's too long but not on the sticky foot duh! .no-animate { transition-duration: 0.0125s; } Research Angular-UI Bootstrap Collapse without animation - Stack Overflow http://jsfiddle.net/paulalexandru/Z2Lu5/  - Was looking at this to see if I could reuse it but I ended but just doing my own thing. Another way which I've seen Using a sticky
Read more

Installing Windows on Acer chromebook 15 cb3-532

Much of my notes are just small problems I faced (what's new!) haha. Either way this was a really fun project to do for a friend and I got excited once I research all the information. You can find instruction videos but what helped me the most was the coolstar website. Sadly they don't have parameters in the url so I can link the machine I used in this article. -  https://coolstar.org/chromebook/windows-install.html Scared of messing with the bios? Don't be!    So you need to first remove the screw to put a legacy bios on the machine. Its easy to backup the chrome os one and with the same steps to change it. You can go back in and revert to the chrome version bios. Its that last part that had me worried and its very easy to do.  Problems getting into Developer Mode?   Follow the instructions to the letter, during the step to disable the OS verification, press Ctrl-D to boot into os. If you hear two beeps I would go back to set one. I got in a loop where it s
Read more

Aspetcore: NLog with Postgresql

This Article is base ASP.Net Core 2 and the latest version of Nlog. 1. Install NLog and the Postgresql Package Using NuGet to install the package into your ASP.NET Core project: PM > Install-Package NLog.Web.AspNetCore PM > Install-Package Npgsql 3. Register NLog Add in your Startup.cs  public void Configure ( IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory ) { ... env.ConfigureNLog( "nlog.config" ); ... // make sure Chinese chars don't fk up Encoding.RegisterProvider(CodePagesEncodingProvider.Instance); //add NLog to ASP.NET Core loggerFactory.AddNLog(); //add NLog.Web app.AddNLogWeb(); } 4. Add to Your Controller Add a logger object to your Controller. private readonly ILogger<YourController> _logger; Modify the constructor to use it public YourController ( ILogger<YourController> logger = null ) { if ( null != logger) { _logger = logger;
Read more