Category Archives: Web servers

A web server (or Web server) is server software, or hardware dedicated to running said software, that can satisfy World Wide Web client requests. A web server can, in general, contain one or more websites. A web server processes incoming network requests over HTTP and several other related protocols.

NGINX: IP Geolocation by Cloudflare and “nested” if conditions

2 April 2022
 

 Among other features provided by Cloudflare, it can add a special header with a country value, from where a visitor came. As a Ukrainian, I’d like to ban all visitors from russia, but: redirect all visitors from russian IPs to another web domain – russki-voenny-korabl-idi-nahuy.com during this, I’d like to filter requests and leave requests… Read More »

AWS: Web Application Firewall overview, configuration, and its monitoring

19 July 2021
 

  AWS WAF (Web Application Firewall) is an AWS service for monitoring incoming traffic to secure a web application for suspicious activity like SQL injections. Can be attached to an AWS Application LoadBalancer, AWS CloudFront distribution, Amazon API Gateway, and AWS AppSync GraphQL API. In case of finding any request that sits WAF’s rules, it… Read More »

Kubernetes: NGINX/PHP-FPM graceful shutdown and 502 errors

25 February 2021
 

 We have a PHP application running with Kubernetes in pods with two dedicated containers – NGINX и PHP-FPM. The problem is that during downscaling clients get 502 errors. E.g. when a pod is stopping, its containers can not correctly close existing connections. So, in this post, we will take a closer look at the pods’… Read More »

Linux: LEMP set up – NGINX, PHP, MySQL, SSL, monitoring, logs, and a WordPress blog migration

6 November 2020
 

 Finally got time to migrate the RTFM.CO.UA blog to a new server with Debian 10. This time manually, without any automation will set up a LEMP stack Wrote a similar at 2016 – Debian: установка LEMP — NGINX + PHP-FPM + MariaDB (Rus), but in time the post is more complete of the process and… Read More »

Nextcloud: running in Docker Compose on Debian with Let’s Encrypt SSL

30 November 2019
 

 I while ago I’d tested the Nextcloud, see the NextCloud: installing server on Debian behind NGINX with PHP-FPM and client on Arch Linux post. In general, it looks good, so it’s time to try to run in a production environment and finally migrate from Dropbox to it. Today, let’s spin up a Nextcloud instance using… Read More »

HTTP: redirects, POST and GET requests, and the “lost” data

23 November 2019
 

 We have a web application which has to accept POST-requests from clients. In front of this application, there is some proxy service, no matter which – initially, we faced the issues on an AWS’s Application Load Balancer, then I reproduced them with NGINX, and it will “work” for any other proxying system. Besides proxying –… Read More »

Kubernetes: part 2 – a cluster set up on AWS with AWS cloud-provider and AWS LoadBalancer

10 August 2019
 

 In the first part – Kubernetes: part 1 – architecture and main components overview – we did a quick glance about Kubernetes. Also, check the third part – Kubernetes: part 3 – AWS EKS overview and manual EKS cluster set up. The next thing I’d like to play with is to manually create a cluster… Read More »

NGINX: limit_req – limiting requests per IP

9 August 2019
 

 The next task is to set a limit per one IP to our backend’s API: add requests limiter on the /user/oauth/refresh_token URI set limit to 5 requests/minute from one IP if the limit is reached – return 429 Too Many Requests response Will use NGINX ngx_http_limit_req_module. limit_req_zone To make limiting works firs need to create… Read More »

NGINX: multi-branch deployment with Ansible, NGINX map and HTTP Headers

26 June 2019
 

 We have a standard LEMP setup NGINX, PHP-FPM. Application – Yii-framework, deployed from Jenkins using Ansible role with the synchronize module on backend hosts in a /data/projects/prjectname/frontend/web,  directory which is set as a root for an NGINX virtual host. The task is to have the ability to deploy the same application on the same backend… Read More »

Bitwarden: an organization’s password manager self-hosted version installation on an AWS EC2

1 May 2019
 

 We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »