Categories
Resources Software Development Web Security

AWS autoscaling links and resources

AWS autoscaling lets you set up groups of EC2 instances which are controlled by a load balancer. The load balancer in turn makes sure your app has the correct number of EC2 instances running at all times. If your traffic is high it adds the maximum that you set. If traffic goes down it adjust to have the minimum EC2 instances that you set.

This system is great for startups who have no idea if their app will go viral or just flop. Often they just flop. But if you are lucky and it takes off you want to be able to handle the traffic so you don’t lose users.

Documentation link to AWS autoscaling

Running EC2 instances at Scale with autoscaling groups – small Ebook that walks through the whole process including using CodeDeploy.

Categories
Resources Web Security

CORS cross origin resource sharing links and resources for developers

CORS Cross origin resource sharing allows you to decide if a script from a domain other than your website/app can access data aka make AJAX calls etc. to your server. For your frontend API you probably want to limit the origin to just your domain. For a developer API you probably want to allow all origins.

CORS for Developers by W3C – explains CORS for developers in clear wording

Configuring play framework 2.8 CORS filter

 

Categories
Resources Web Security

Server and cloud security resources and links

CSP Cheat Sheet – CSP content security policy is for setting server security policies for accessing your systems content/files etc.

Configuring Play Framework Content Security Policy Headers

Categories
Resources Web Security

Web App security resources

Practical HTTP Host header attacks – Must read to understand how hackers use HTTP headers to hack websites.

Link to OWASP cheatsheet  – a good cheat sheet

Website security by MDN – covers some very basic information about website security such as SQL injection