Putting my money where my mouth is, I configured a Content Security Policy (CSP) for my blog (amongst others) and in doing so I had to do some minor refactoring.
Setting up a Content Security Policy (CSP) for a legacy site comes up with its own challenges, this article contains some tips that I have used.
As part of protecting your site and your users you should really consider applying a Content Security Policy (CSP) to your site. Here I detail on how I go about setting one up and the possible tools available to ease your pain.
Keeping your code up to date with the latest packages and security fixes can be a chore and something easily overlooked...
I've spent the past few weeks refreshing myself on the latest and greatest in the AWS IAM space and applying what I can to my own personal AWS account that...
Committing secrets to source control is a real problem for developers and I like many others have done it at least once.
I describe an approach taken to use SSH from a docker container to allow access to resources secured behind a bastion server.
Quickly setup a bastion server on AWS and provide access to other users.