The article reviews macOS malware persistence techniques, summarizing a 2015 Bit9 report and detailing seven startup mechanisms—including launch daemons/agents, cron jobs, login items, and startup items—while providing configuration examples, detection tools, and reference resources for security professionals.
This article compiles Russell Smith’s comprehensive MongoDB best‑practice guide, covering architecture choices, file limits, write safety, schema design, replication, sharding, security, and performance tuning to help engineers avoid common pitfalls and optimize production deployments.
This article explains how attackers generate an SSH key pair, use an unsecured Redis server to store the public key, modify Redis's working directory and filename settings, and ultimately create an authorized_keys file on the target system to achieve password‑less SSH login.
This article explains the step‑by‑step process of TLS cipher suite negotiation between browsers and servers, covering browser‑side cipher listing, server‑side configuration, the meaning of cipher names, and how the final suite is selected, with practical Wireshark and PowerShell examples.
The article compiles detailed notes from the 2015 Internet+ Big Data Summit, highlighting how data monetization reshapes advertising, drives financial analytics, improves operational efficiency, and strengthens security, while presenting real‑world case studies, models, and practical recommendations from industry experts.
This guide explains how to secure Redis by configuring trusted IP bindings, enabling strong password authentication, and renaming or disabling dangerous commands, while also emphasizing the need for external safeguards such as firewalls and avoiding default ports.
This article explores how biometric authentication, especially facial recognition powered by deep‑learning CNNs, is reshaping mobile financial services by enhancing security, improving user experience, and integrating big‑data analytics for risk control.
Reverse proxy servers act as intermediaries that receive client requests, perform security filtering, cache content, and balance load across multiple backend servers, making them crucial for scaling, protecting, and optimizing modern web applications.
Learn a comprehensive set of 30 practical PHP best‑practice tips covering file inclusion, path handling, debugging, output buffering, security, performance, database interactions, session management, and code organization to improve maintainability, efficiency, and reliability of your backend applications.
This article explains a high‑severity Redis unauthorized‑access vulnerability that can let attackers write SSH keys to the host, highlights the risk of exposing Redis to the Internet without authentication, and provides guidance on remediation and network protection.
Designing a short URL service involves choosing appropriate key‑value storage, simple incremental or base‑36 encoding for keys, estimating data capacity and sharding strategies, handling concurrent reads/writes with thread‑safe structures or Redis, selecting network event loops, and addressing security concerns such as abuse prevention.
This article explains PHP's various encryption methods, covering one-way hash functions like MD5 and SHA1, symmetric algorithms, the rarely used crypt() function, and detailed implementations of asymmetric encryption with OpenSSL, including key generation, encryption, decryption, and practical code examples.
This roundup highlights recent tech headlines, including a critical Baidu SDK security flaw, Nokia's upcoming pCell wireless test, Debian's decision to drop LSB compatibility, and the ongoing debate over Spark's role versus Hadoop in big‑data processing.
OAuth2 provides a secure, open standard that lets third‑party applications obtain limited user access without exposing passwords, using a token‑based flow involving resource owners, clients, resource servers, and authorization servers, illustrated through a step‑by‑step authorization process.
This article outlines fifteen common hidden requirement types—from detail tweaks and cross‑platform adaptations to scalability, security, and content‑operation needs—and offers practical strategies for developers and product teams to anticipate, design for flexibility, and reduce costly changes during development.
This article explains the concept of Single Sign-On (SSO), why it’s essential for large websites, outlines the core challenges of storing and validating trust, compares client‑side cookie approaches with server‑side solutions, and discusses practical techniques such as encrypted cookies, digital signatures, distributed caches, and whitelist‑based trust management.
This article explains iOS 9's App Transport Security and App Thinning features, detailing how to configure ATS, use nscurl for diagnostics, and apply App Thinning mechanisms such as Slicing, On‑Demand Resources, and Bitcode to improve security and reduce app size.
Drawing on three decades of software development, this article shares sixteen practical lessons about client interaction, security, code simplicity, continuous learning, and evaluation that can help programmers and teams make better decisions and avoid common pitfalls.
This guide walks you through installing Splunk on Linux or Windows, configuring automatic startup, indexing diverse log sources, and using Splunk’s powerful search, Boolean operators, and timeline features to troubleshoot and analyze system and network logs efficiently.
This article presents practical guidelines for designing, versioning, securing, and documenting RESTful APIs, covering resource modeling, URL conventions, filtering, sorting, pagination, authentication, rate limiting, error handling, and response formats to help developers build flexible and user‑friendly public APIs.
This article shares nine practical PHP tips—from security fundamentals like input filtering and output escaping, to efficient coding tricks such as using ternary operators, caching, and modern frameworks—aimed at helping developers write safer, cleaner, and faster backend code.
The article explains how HTTPS works, why traditional CDN architectures based on CNAME aliases can conflict with HTTPS certificate validation, and compares two common approaches—custom certificates and shared certificates—highlighting their security implications and performance considerations for web operators.
This article shares practical Docker tips covering CLI enhancements, Dockerfile best practices, networking, volume management, and security measures, helping developers who already know the basics to improve container workflows, reduce image size, and secure their Docker deployments.
This guide presents 25 practical PHP security best practices, covering configuration files, module management, error handling, file uploads, remote code execution, SQL safety, resource limits, user permissions, SELinux, firewall rules, and additional tools, to help administrators harden PHP deployments on Linux servers.
This article analyzes a Node.js buffer‑overflow vulnerability triggered by oversized UTF‑8 decoding, explains the underlying V8 call stack and key functions, demonstrates an exploit using crafted POST requests, and outlines the official security fix that adds proper bounds checking.
This guide explains how to configure strict ARP learning, fixed‑mac entry fixation, source‑IP based ARP miss and packet rate limits, interface ARP entry limits, and how to verify these settings on a Quidway switch using the appropriate CLI commands.
The article outlines how narrowing operational permissions, automating processes, and adopting data‑center operating systems enhance security, scalability, visibility, and fault handling while reducing manual effort and enabling rapid, low‑risk changes across large infrastructures.
The article explains that general‑purpose hash functions like MD5 and SHA families are fast and vulnerable to brute‑force attacks, while bcrypt’s deliberately slow, work‑factor‑adjustable design makes it a far more secure choice for storing passwords.
Static page generation dramatically improves load times, reduces server load, enhances SEO, and strengthens security by eliminating dynamic processing and database queries, while allowing flexible strategies such as full-page or partial static rendering for high‑traffic pages like homepages and detail pages with dynamic comments.
This comprehensive guide outlines the critical technical details web developers must address before launching a site, covering user experience, security best practices, performance optimization, SEO tactics, technical fundamentals, bug‑fix strategies, and ongoing monitoring.
The article surveys this year's hottest technology trends—including the rise of public cloud, containerization, microservices, multi‑cloud management, endpoint security, machine learning, and the resurgence of DevOps—explaining why they are reshaping enterprise IT and why open source is the common driver behind them.
ZMap is a high‑speed network scanner developed at the University of Michigan, and this guide covers its installation on various Linux distributions, core command‑line options, configuration files, advanced extensions like banner grabbing and UDP probes, and discusses its underlying SYN‑RST scanning mechanism and security considerations.
The article shares a comprehensive set of development and operational best‑practice guidelines from Qunar’s internal wiki, covering URL testing, HTML validation, API documentation, security checks, logging, encoding, teamwork, and transparent change management for engineers.
The article outlines thirteen critical production‑related mistakes—from not externalizing configuration and using inadequate test data to neglecting security, documentation, disaster‑recovery planning, and proper capacity planning—providing actionable guidance for developers and architects to improve system stability and performance.
In an in‑depth interview, 360’s web platform architect Wang Chao explains the open‑source and proprietary database technologies, multi‑data‑center NoSQL system Bada, and layered security mechanisms that power 360’s search, cloud storage and other high‑traffic services.
The article examines the technical challenges of the 12306 railway ticketing platform, comparing it with e‑commerce systems, and proposes a hybrid‑cloud solution that leverages private and public cloud resources to handle massive, unpredictable traffic while ensuring security, high availability, and elastic scalability.
This article explains what reverse proxy is, compares it with forward proxy, outlines its security, load‑balancing, caching, and concurrency‑control benefits, and discusses various deployment approaches including one‑to‑one setups, separate servers, and clustered architectures for large‑scale web applications.
This article examines typical mistakes in Nginx‑PHP configurations—such as misplaced index directives, misuse of the if statement, and fastcgi parameter issues—and presents a cleaner, more secure configuration that leverages inheritance, try_files, and proper fastcgi settings.
This guide explains what auditd is, how to install it on Ubuntu, configure file and directory monitoring rules, view audit logs with ausearch, generate reports with aureport, and manage the auditd service for effective Linux security auditing.
This guide walks you through downloading, installing, configuring, and testing Fail2Ban on a Linux system, covering essential parameters, SSH jail setup, custom actions, filter editing, and command‑line utilities for managing bans and logs.
This article surveys the architecture of long‑connection push systems for internet apps, distinguishes connection types, outlines client and server handling strategies, reviews mainstream backend solutions, and shares practical insights on security, API design, operations, queue services, debugging, and NoSQL usage.
This article explores practical techniques for intercepting and protecting JavaScript APIs—such as setAttribute—using MutationObserver, API hooks, random token naming, property hiding, and recursive iframe monitoring to build a resilient front‑end defense against XSS and other injection attacks.
This tutorial explains how to protect SSH logins by installing Google Authenticator, generating a secret key, configuring PAM and sshd, and using an Android device to provide time‑based one‑time passwords, complete with installation commands, troubleshooting tips, and verification steps.
This article explains how leveraging CDN technology—through caching proxies, routing acceleration, security protection, and cost‑saving strategies—can overcome regional network limitations, mitigate DDoS attacks, and optimize storage and load‑balancing, while also comparing open‑source reverse‑proxy solutions and offering practical hardware and software tuning tips.
This guide presents a comprehensive set of Linux commands and practical steps for detecting, analyzing, and responding to compromised systems, covering process identification, file inspection, network checks, log recovery, forensic imaging, and useful tools such as ldd, strace, and nc.
Drawing from a year and a half of Linux operations experience, this guide outlines practical standards for online actions, data handling, security, monitoring, performance tuning, and the right mindset to prevent costly incidents and maintain stable, secure systems.
This guide lists 25 practical Linux hardening techniques—from BIOS protection and partitioning to SSH configuration, SELinux, firewall rules, password policies, and log management—helping system administrators strengthen server security against attacks and vulnerabilities.
Securing Linux systems requires more than a single anti‑malware tool; this guide outlines nine practical measures—including SELinux, vulnerability alerts, service hardening, log monitoring, port knocking, iptables, default‑deny policies, IDS, and full‑disk encryption—to strengthen system defenses against attacks.
This comprehensive guide, originally a white‑paper by Gene Kim, explains what DevOps is, how it differs from Agile, ITIL and visible ops, outlines its core principles, application domains, business value, and practical patterns for integrating security, QA, and continuous delivery into modern IT workflows.
