Articles & Guides
Useful resources for web developers and system administrators
SEC
Subresource Integrity (SRI): Protecting CDN Scripts
Subresource Integrity (SRI) — integrity attribute for <script> and <link>. CDN compromise protection, hash generation, CSP require-sri-for.
SEC
API Rate Limiting: Token Bucket, 429, Retry-After
API rate limiting: token bucket vs sliding window, HTTP 429, Retry-After. Implementation on Redis, nginx, Express, NestJS.
SEC
Cookie Security: HttpOnly, Secure, SameSite, __Host-
Cookie security flags: HttpOnly, Secure, SameSite (Strict/Lax/None), __Host- prefix, Max-Age vs Expires. PHP, Express, nginx examples.
SEC
HTTP to HTTPS Migration: Redirects, Mixed Content, HSTS
HTTP to HTTPS migration guide: certificate, 301 redirect, fixing mixed content, HSTS, canonical URLs, SEO without traffic loss.
SEC
Prevent XSS Attacks: Escaping, CSP and Trusted Types
XSS types — stored, reflected, DOM-based — and how to stop them with context-aware escaping, CSP, Trusted Types, and HttpOnly cookies.
SEC
Clickjacking Prevention: X-Frame-Options vs frame-ancestors
Clickjacking attacks explained: X-Frame-Options, CSP frame-ancestors, SameSite cookies, JS frame-busting. nginx setup and verification.
SEC
CORS: Complete Guide to Access-Control-Allow
CORS, preflight OPTIONS, Access-Control-Allow-Origin, credentials, common errors. nginx/Express/NestJS setup and curl debugging.
SEC
CSP (Content Security Policy): Setup Guide
Content Security Policy setup: directives, nonce, strict-dynamic, report-uri. Ready nginx and Next.js examples plus debugging and common mistakes.
DNS
Wildcard DNS Records: Use Cases and Pitfalls
Wildcard DNS (*.example.com): use cases, RFC 4592 constraints, conflicts, performance, and security implications.
DNS
Reverse DNS and PTR Records: Why You Need Them
What rDNS and PTR records are. Setting up in-addr.arpa reverse zones, PTR for mail servers, and the impact on SPF and email deliverability.