The blog you're reading is produced by Ghost which previously I'd served in a pretty typical way - an AWS instance running Node and a local MySQL database server. This was fine for quite a while but recently, there has been a spate of security issues in, for instance, OpenSSL…

I'll prefix this short article with a statement that this is not in any way a criticism of NGINX, just an observation which I have not found documented elsewhere so I wanted to write it down in case it helps anyone else. Recently, in my day job, i've been working…

TL;DR The situation: background A while back, I wrote an article on strong SSL configuration for NginX which was the result of many hours of research and trial. I need to update that article as one of the articles I referenced is on raymii.org and has been updated…

I'm currently writing an authentication plugin for actionHero - it's a NodeJS module with a MongoDB backend. Usually, I'd use Mocha as a test runner and run my tests automatically (via Travis CI) when i commit/push to GitHub. In this instance though, I have some oddball issue which means…

As many others have in the past couple of days, I've spent a fair bit of time reading about, fixing and reassuring customers about the heartbleed bug in openSSL and GNUTLS. The openSSL, GNUTLS and Debian package maintainers acted quickly to fix the issue and most people will simply be…

In my day job, we have traditionally used Akamai as our content delivery network (CDN) of choice. For quite some time, Akamai was arguably the only true enterprise-ready CDN and our clients demand a high level of service, hence Akamai is/was a good fit in most cases. The CDN…

I use Splunk on a daily basis at work and have created a lot of searches/reports/alerts etc. A fair number of these use regular expressions (the Splunk "rex" function) and today, I absolutely had to be able to use a modifier flag, something of a rarity for me…

I have just migrated from an RDS instance to a local percona instance on a Debian server and encountered an odd issue... After installation, which all appeared normal at first, I tried to start percona and there was no init script (which would usually live at /etc/init.d/mysql…

tl;dr: Secure SSL cert config for Nginx (grade A-rated on GlobalSign SSL cert checker) UPDATE 8th July 2014: I have amended my config slightly to use OWASP recommended ciphers and some updates to Debian core libs mean this configuration now produces an A+ result. It's been quite some time…

CSS 2.1 has some really handy selectors, one of which is the adjacent (next) sibling selector which has the form: el1 + el2 { color:#f0f; } The above would apply a tasty pink(ish) text colour to el2 where it directly follows el1 in HTML element order. Excellent, that can be…

One of the (perhaps) understandable but more irritating aspects of Apple Mac OSX upgrades which I just experienced is the fact that my upgrade from lion to mountain lion is that the Java runtime (JRE) is uninstalled…This meant that my usual code editor/IDE Netbeans was broken –…

I have been messing with NodeJS for a little while now and contrary to my preconceptions, I quite like it. NodeJS is not the right choice for every task (as with any development paradigm/language) but it has some great use cases for i/o bound tasks and is definitely…

I’ve recently been working on lots of trial-runs of software at work and got annoyed with having to rebuild servers all the time so i decided to join the rest of the world and go virtual. Our production VI at work runs VMWare (ESXi) but my trial stack…

This is a really quick post as i’ve been coding for a few hours and need to call it a day… So i was working on my new website which uses a lot of HTML5, CSS3 etc. and shows Youtube videos, so naturally I wanted to use…