rand(Ø)

> beautiful code & photos

about <

Posts tagged: devops

CSP Header Hacking for Apache2

Hello,

I write here to report my latest dirty hack. Story—

While enforcing our HTTP server configuration at work, we are slowly implementing CSP policies and one of them allow Web browsers to report violations to a given endpoint.

At this moment, we are only at the reporting step of the implementation because the first time we attempted to roll this header out, it ended up breaking our staging env.

So, it's recommended to set the Content-Security-Policy-Report-Only header.

This header takes the report-uri directive which allows the browser to push the violation findings to a given endpoint.

For this example:

> Continue Reading

Upgrading in a few commands

It has been over a year now that I migrated my 2 blogs on full Docker-hosting and I wanted it to be as simple as possible for several reasons:

  • Docker is easy to work with and to maintain
  • Everything is Dockerizable
  • I don't want to spend more than an hour every month or so to upgrade my stacks

At work, we previously used CoreOS to deploy a fleet of Dockerized apps but it was hard to maintain but more specifically, CoreOS is designed for distributed apps, which is not the case of this blog.

So, I searched for a simpler

> Continue Reading