In order to bulk retire multiple URLs of your web site at once, you can use nginx maps to have the webserver reply with a
410 http code, which means: GONE and not coming back.
This can be common when migrating away from a specific CMS like WordPress that builds a bunch of taxonomy pages that you will no longer be supporting or similar.
Also, this method will work for a any sort of matching you can do, but we’ll focus on 410 and a custom error page, since this is what I had to implement recently.
Lastly we will also make nginx load a custom 410 error page, instead of the boring default.
The full code can be found in the repository: https://github.com/JonathanMH/nginx-410-map
Continue reading “Nginx 410 maps, matching and external files”
Creating single page apps has become a more frequently requested task of web developers (like me) and deployment in containers, across zones and under monitoring, seems like a natural step.
In this post we’re going to have a look at how to deploy a Vue.js SPA with docker.
Let’s start off by installing the vue-cli to create a boilerplate project. Make sure you have Docker installed as well.
Continue reading “Deploying a Vue.js Single Page App (including Router) with Docker”
I witnessed this attack recently, basically it’s just some web crawler trying different file names that somebody could have given a mysql dump that they by accident left inside a public directory of a web project.
Disclaimer: What’s explained in this post could be used in dual use cases. Explaining how the attacker works will ultimately help everybody preventing attacks and raise awareness for the attacks.
Continue reading “SQL Dump Probing”
I wanted to make an API available on the same domain as a single page app built with Vue.js, which means that I had to rewrite a part of the domain to use another port on the same host, but you can also use an entirely different machine or have a load balancer in between.
This post is part of the Making Of: photographerexcuses.com series.
I picked nginx for a server for some PHP productions and this because it simply has the best configs and it tends to perform a bit better if you don’t have a lot of RAM to throw at your server.
Continue reading “Proxy / Rewrite your API Endpoint into Domain Segment with Nginx”
This post is about how to optimize your page for speed and we’re going to test the results with the Pagespeed Insights tool provided by Google.
Google started weighting results on their search engine result pages after the results for your website, so if you score high numbers, you are more likely to show up, especially for mobile users.
Continue reading “How to get a high score on Pagespeed Insights (and make your site fast)”
This is going to be a short post about how to block your webserver from serving a specific file.
WordPress comes with a file called
xmlrpc.php which enables you to use their mobile App on self-hosted blogs or enables ping- and trackbacks. However, there is a bunch of bots out there that attempt to brute-force their way in and can produce either high load or actually present a security risk.
Continue reading “NGINX / Apache: Block Requests to PHP file (xmlrpc.php)”