Rate limiting by IP using Cloudflare's rate limiting rules | Simon Willison’s TILs
My blog was showing poor performance, with some pages taking several seconds to load or even failing entirely.
My entire site runs behind Cloudflare with a 200 second cache TTL. This means my backend normally doesn't even notice spikes in traffic as they are mostly served from the Cloudflare cache.
Unfortunately this trick doesn't help for crawlers that are hitting every possible combination of facets on my search page!
Using Cloudflare to rate limit requests to a path
Day 3: Zoopla Theatre: Mark Overmeer - Apache in Pure Perl
From its start, Perl comes with most (Unix) core operating system trickery like forks, events and signals. So, you can implement real performing daemons for interesting tasks.
We will get into various features which show how straight-forward it is to implement an Apache-like webserver, with VirtualHosts, proxies, etc.
But we start by discussing many options how to set-up servers: processes, event-loops, and so on... before we reach to HTTP-servers processing requests.
Any::Daemon
- Use Apache as your front end ~30:00
SSO for Legacy Apps with Auth0, OpenID Connect & Apache
Auth0 SDKs make it really easy to add SSO to any app, on any platform. But sometimes, apps cannot be modified. What to do then? A very simple solution is to
False positive Apache version in scanner results on Centos - Information Security Stack Exchange
Recently I need to care a lot of false positive vulnerabilities in scanner results on Apache version.
Example of false positive vulnerability:
Apache 2.2 < 2.2.16 Multiple Vulnerabilities
Our
Mozilla SSL Configuration Generator
apache 2.4.41, intermediate config, OpenSSL 1.1.1d
Supports Firefox 27, Android 4.4.2, Chrome 31, Edge, IE 11 on Windows 7, Java 8u31, OpenSSL 1.0.1, Opera 20, and Safari 9
The rationale of SSLHonorCipherOrder off is:
https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28recommended.29
The cipher suites are all strong and so we allow the client to choose, as they will know best if they have support for hardware-accelerated AES
Tricks to do client certificate authentications behind a reverse proxy
Disabling SSLv2 and weak ciphers (Apache) - Computer Center Documentation
echo "" | openssl s_client -ssl3 -port 443 -host