AboutThis is a technology blog by Matthias Friedrich, a software developer and architect from Karlsruhe, Germany. more ...
Tagsandroid backup best practices books build systems c/c++ computer science databases deployment distributed systems django docker documentation google hadoop java java python libraries linux machine learning maven meta music musicbrainz networking opinion oracle process productivity python quality quick tips rcs scalability scheme scripting security server shell standards testing tools ubuntu web xml
Tag Archives: security
In many applications it’s important to react to failed logins and other security-critical events, for example to log the failed login attempt to a file or to display a captcha after repeated failures. Spring-based applications come with a simple mechanism to … Continue reading
In my article on unattended upgrades I described how to set up an Ubuntu system to install security upgrades automatically. This is convenient for small setups, but in an enterprise environment you typically want to perform some QA before applying the … Continue reading
There’s more to migrating a complex site to HTTPS than just enabling TLS in your web server or reverse proxy. All links to embedded resources like style sheets, images, or scripts need to be served via HTTPS and potentially have … Continue reading
I have followed the HTTP/2 specification process closely and I like how the new protocol improves web performance and makes old workarounds obsolete. One drawback of deploying HTTP/2 is that most browser vendors only implement it on top of TLS. Since … Continue reading
As a developer, I’ve used lots of web services and also implemented plenty myself. I’ve seen services with IP-based security provided by network firewalls, services protected by standard HTTP Authentication, TLS with client and server certificates and custom mechanisms using … Continue reading