This article provides a simple trick to reduce the load on the server when generating a sitemap. We do this by disabling all widget-related code if the current request targets the sitemap or its stylesheet. The trick is compatible with many existing plugins.
How to Make Lando Work with Ubuntu 20.04
Lando is a local development environment and DevOps tool built on Docker container technology, aimed at providing an easy way for developers to specify requirements for their projects. It provides installation packages for various operating systems, including Ubuntu. However, if you are not using the official Docker distribution, Lando will likely fail to install.
In this article, we describe two workarounds on how to install Lando on Ubuntu.
Multi-stage Docker Builds and Extended File Attributes
Multi-stage builds are a great way to keep the size of the resulting image down. They are extremely useful if you want to use scratch-based images for your application. However, unless you are using Buildx or BuildKit, there is a limitation regarding copying extended file attributes across stages. In this post, we discuss several workarounds to this issue.
ConfigServer’s Login Failure Daemon is Vulnerable to Denial of Service Attacks
Login Failure Daemon (lfd) is a process that monitors the authentication log and matches all its lines against the set of regular expressions to detect login attempts that continually fail within a short period of time. It is often used to detect login failures of SSH connections. However, the regular expressions lfd uses to detect brute force attacks contain severe errors, and an attacker can exploit those bugs to cause a denial of service attack.
Quote of the Day
I’m only aware of using lodash when it has yet another security vulnerability
How to Delete Old ReplicaSets in Kubernetes
To delete all old ReplicaSets in Kubernetes, you can use the following one-liner:
kubectl get rs -A -o wide | tail -n +2 | awk '{if ($3 + $4 + $5 == 0) print "kubectl delete rs -n "$1, $2 }' | sh
GitHub Actions: How to Avoid Running the Same Workflow Multiple Times
In continuous integration, we often reuse the same GitHub workflow for multiple events. For example, we may need the build workflow when we push a new commit, or when someone creates a new pull request, or before we create a new release. However, we may end up having the same workflow multiple times with this approach: both for a push and a pull request or both for a push and a tag. In this post, we present a solution that helps to avoid running unnecessary duplicate jobs.
How to Expose Kubernetes Dashboard Over HTTPS
It is not always convenient to manage the cluster from the console; a web dashboard is sometimes much more convenient. In this post we will learn how to set up automatic certificate renewal with cert-manager, expose the Kubernetes Dashboard to a public Ingress over a secure connection, and configure simple basic authentication as an addition security layer.
How to Create an OpenTelemetry Instrumentation Plugin
OpenTelemetry is an observability framework for cloud-native software to instrument, generate, collect, and export telemetry data (such as metrics, logs, and traces) for analysis. OpenTelemetry provides language-specific integrations automatically that capture relevant traces, metrics, and handle context propagation. For Node.js,
A Secure Way to Run npm ci
No matter how much you trust in the npmjs package registry in general and in packages you are using in particular, Bad Thingsā¢ always happen. They happen to the best of us. Even a small Node.js project may have thousands of dependencies, which makes it virtually impossible for a developer to monitor and audit them all.
An NPM package has two main ways to harm you: the first one is when you install it, and the second one is when you actually use it. The first way is possible because of the so-called “lifecycle scripts” run by npm. And even though one of the earliest attacks exploiting lifecycle scripts dates back to 2017, developers still do not take measures to protect their data.
This post explains how to protect sensitive information (such as authentication tokens) when running CI builds.