Things Ian Says
security
Here are all the items relating to security (page 1 of 1)
Using Traefik Proxy with Docker Compose and LetsEncrypt
Tuesday, 29 October 2019
Traefik Proxy is one of the newer reverse proxies available (compared to more established applications such as nginx and Apache httpd). The thing which differentiates traefik is that it was created in a post-Docker world and integrates with Docker to reduce the manual configuration needed. It also supports let’s encrypt to provide SSL encryption, with minimal extra effort.
This article looks at how we can use traefik as a reverse proxy across a docker-compose managed suite of containers and then use let’s encrypt to add SSL certificates for https access.
Enabling https with Nginx, Docker, and LetsEncrypt
Thursday, 22 November 2018
As more and more attention is paid to https (for example, with increasing levels of warning from Google Chrome on plain http sites), it becomes more and more important to ensure our websites are protected accordingly. Fortunately, Let’s Encrypt offers a free way to obtain certificates for our websites, and works simply with many standard web servers.
This article shows how we can configure Nginx to use Let’s Encrypt to provide certificates, and demonstrates how to automatically update the certificates when they expire. For flexibility, I have also put all the things in containers.
Using AWS Cognito to Secure an ExpressJS API
Sunday, 8 July 2018
In recent articles, I have shown how to create a login screen using AWS Cognito, and validate the resulting JSON Web Token (JWT) using Javascript. This article brings those elements together, showing how we can use our AWS Cognito login screen to protect access to an API being served from an ExpressJS application.
JWT Parsing with Javascript
Sunday, 17 June 2018
The previous two articles, showed how to create a login page using AWS Cognito, and how to break down the Json Web Token it produces. This article follows on from both of these, and shows how we can programmatically parse the JWT using Javascript.
Introduction to Json Web Tokens
Monday, 4 June 2018
In my previous article, I showed how to create a login page using AWS Cognito. At the end of that article, we landed on our desired web page, but with an access token appended to the URL. This article follows on from that stage, looking at the structure of the URL, and the Json Web Token (JWT) contained within it.
AWS Cognito User Pool
Tuesday, 22 May 2018
AWS Cognito offers the ability to manage a set of users in its user pool capability. I was looking for a way of controlling access to a web site, and Cognito seemed an ideal way of achieving this. This articles shows how to set up a user pool, how to add users to it, and how to display a login screen for your users.
Secure hosting using SSL and AWS CloudFront
Tuesday, 15 August 2017
In a previous article, I looked at how we can use Let’s Encrypt to automatically create and manage SSL certificates for us. This article follows on in a similar vein, and shows how Amazon Web Services (AWS) also let us create free SSL certificates. This is an example with a static site hosted in an AWS S3 bucket, but can also be applied to any AWS website hosting mechanism (e.g. EC2 instances).
[SUPERCEDED] Using Traefik Proxy with Docker Compose and LetsEncrypt (version 1.3)
Wednesday, 2 August 2017
This blog entry is deprecated, since it refers to an older version of traefik (version 1.3). Please see the newer version of this article for up to date details (using version 1.7 of traefik).
Traefik Proxy is a fairly recent entry into the reverse proxy space, alongside more established applications such as nginx and Apache httpd. The thing which differentiates traefik is that it was created in a post-Docker world and integrates with Docker to reduce the manual configuration needed.
This article looks at how we can use traefik as a reverse proxy across a docker-compose managed suite of containers and then use let’s encrypt to add SSL certificates for https access.