Blocking Sensitive Dotfiles in nginx-proxy for Dockerized WordPress
Exposed dotfiles like .env, .git, and .htpasswd are among the most exploited attack vectors in containerized WordPress deployments. This tutorial walks through writing a targeted nginx location rule, mounting it into nginxproxy/nginx-proxy without rebuilding the image, and verifying the block is active โ without breaking Let's Encrypt ACME challenges.
Grafana Alerting Rules for Docker Host and Container Metrics
A practical walkthrough for wiring Prometheus alerting rules, Alertmanager notification channels, and Grafana-native alert rules into a single monitoring pipeline for Docker host and container metrics. Covers PromQL expressions for CPU throttling, memory pressure, and container restarts โ with validation steps at each stage.
AWS Lambda for parsing ALB logs stored in S3 after CloudWatch Alert triggered
This article documents a Lambda-based ALB log parsing workflow triggered by CloudWatch alerts, focused on actionable parsing and operational visibility.
Terraform S3 Backend Setup with DynamoDB State Locking for Team Workflows
Storing Terraform state locally works fine in isolation, but it breaks down the moment a second engineer joins the project. This tutorial walks through provisioning an S3 backend with DynamoDB locking and wiring it into your Terraform project correctly.
Bash script for checking Function URL in AWS Lambda
A Bash-based AWS Lambda Function URL audit script that identifies public endpoints where AuthType is NONE and writes findings to a report file.
Wordfence Scan Settings and WordPress Security Hardening Checklist
A practical walkthrough of Wordfence scan configuration, file permission hardening, and automated security validation using WP-CLI. Covers the full checklist from initial setup through scheduled recurring scans and CI/CD integration.
Datasync: Copy files from S3 to Azure Blob Storage (1st Part Prepare manifest and run Datasync Task)
Part 1 of an S3-to-Azure DataSync flow: build manifest from MongoDB, upload to S3, start DataSync execution, and track incremental run state.
Datasync: Copy files from S3 to Azure Blob Storage (2nd Report)
Part 2 DataSync reporting Lambda: parse task report, calculate estimated transfer/request costs, and publish a detailed SNS summary.
Terraform Remote State on AWS S3 with DynamoDB State Locking
Storing Terraform state locally is fine for solo experiments, but it breaks down the moment a second engineer runs a plan. This tutorial walks through provisioning a production-grade S3 remote backend with DynamoDB locking and shows you exactly how to wire it into any Terraform project.
Kubernetes Liveness and Readiness Probes: A Practical Reference
Misconfigured health probes are one of the most common causes of unexpected pod restarts and premature traffic routing in production Kubernetes clusters. This reference walks through every relevant probe field, real-world configurations, and the failure patterns that trip up even experienced engineers.
โ Support us ยท ๐ณ Monobank