How to Implement Zero Trust with TLS Client Certificates

As more and more services are available as web applications, it has become possible to deploy an application proxy on the edge, that authenticates and grants access to internal web applications. This provides zero-trust security if the authentication method used is robust and secure. Currently, the most popular authentication method is OAuth 2.0.

Google’s Chrome 86: Critical Payments Bug, Password Checker Among Security Notables

Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS users. Google's Chrome 86: Critical Payments Bug, Password Checker Among Security Notables ... Google is rolling out 35 security fixes, and a new password feature, in Chrome 86 versions for Windows, Mac, Android and iOS ...

Mass delete via HTTP/Rest how do you do it?

In the project I am working on, we have a need to sometimes delete several items at once. The UI would send a delete request, the backend has to process it and let the UI know the outcome.

Be A Good Service Call Citizen With RateLimiter

a process that is used to control the usage of APIs by consumers during a given period. You can define throttling at the application level and API level. Throttling limit is considered as cumulative at API level.

Why Web Browser Padlocks Shouldn't Be Trusted

Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.

What’s New in Swell 0.6.0?

Swell is a cross-platform compatible (Mac, Linux, & Windows) desktop application and the leading API dev tool for testing and visualizing steaming TCP connections (i.e., WebSockets, SSEs, GraphQL subscriptions). Swell functions similarly to Postman, but with the added perks of full streaming and GraphQL support. Being an Open Source project, Swell is 100% free and open to outside contributions. For details on how it works, see our previous article here.

Measuring Golang and Echo Against Kotlin and Vert.x

Two of my go to languages for building anything are Kotlin and Golang. In those, two of my go to libraries to build HTTP services are Vert.x and Echo respectively. It was natural instinct to see how they perform when put under a stress test.

HTTP Request Smuggling: A Primer

Learn the basics of what HTTP request smuggling is and how you can protect yourself.HTTP request smuggling is a security vulnerability that allows an attacker to interfere with the way a server processes the HTTP requests it receives. It allows attackers to bypass security controls and gain access to data that they shouldn’t have access to.

(What Happens When) You Enter a Web Address Into a Browser?

We do it every day. But what are we doing? The client-server model describes how a server provides resources and services to one or more clients. Examples of servers include web servers, mail servers, and file servers.

Getting started with Rust

I’ve been planning to learn Rust for a long time. This time when I’m about to setup API automation test for our current project, I decided I will use Rust to implement this. Getting started with Rust

Looking Under the Hood: HTTP Over TCP Sockets

In software engineering we love abstractions. They take care of the tedious details and allow us to put our attention where it belongs. However, there is value in understanding how they do what they do (take this advice from Joel).

Managing TLS keys and certs in Istio using Amazon’s ACM

We use AWS’s EKS to manage our Kubernetes clusters and use Istio as a service mesh. Managing a lot of microservices inside a Kubernetes cluster can be made easier using Istio. Istio’s ingress gateway also provides an easy way to manage traffic coming inside the cluster using gateways and virtual services.

Flutter: typesafe HTTP calls

You must have faced difficulties while working on big projects which require many network calls I faced various errors. and that was all because API calls were not handling properly. So In this blog, We will learn how to make our HTTP calls typesafe and handle exceptions and errors.

How To Build Progressive Web Application Using React js

How To Build Progressive Web Application Using React js. Progressive web apps (PWAs) came to the limelight recently. It uses the best of web and the best of apps to give a smooth experience to users and feels like a native app.

SSL vs. TLS : A Tutorial

What is the relationship between an SSL and TLS? Most of us are familiar with SSL (Secure Socket Layer) but not TLS (Transport Layer Security). In this tutorial, we define what SSL and TLS are how they related to HTTPS. We show the differences in the protocols and the define the handshake process.

How To Create Express HTTPS Server With A Self-Signed Certificate

How To Create Express HTTPS Server With A Self-Signed Certificate. A self-signed certificate will be enough to establish a secure HTTPS connection.

HTTP 3 is Out and About!

Evolution of HTTP from HTTP 1 to HTTP 3. HTTP stands for Hypertext Transfer Protocol. This is the set of rules used in the delivery of web pages from servers to your browser. HTTPS simple means the same protocols are used over an encryption layer for better privacy.

How to Use Google Managed Certificates on a Google Cloud Load Balancer

A stress-free way to manage HTTPS certificates in the cloud. At the time of writing this article, the new feature is still in BETA state.

How To Automate Your Processes Using HTTP Request Node From n8n

With over 150 nodes, n8n saves countless hours by automating repetitive tasks. But what happens when n8n doesn’t have a node for a tool you love? In this article, we are going to explore three examples to showcase how the HTTP Request node can be used in your workflow to automate tasks

How to install SSL certificate for Nginx server in Amazon Linux

This tutorial will help you to configure HTTPS to secure your website using a free SSL certificate authority (CA) letsencrypt for the nginx server in Amazon Linux. Before you begin you must have set up a domain name in your EC2 console to point to the public DNS.