Author: Craig Andrews

WordPress on AWS The Easy Way with VersionPress

Developing and administering WordPress can be painful, especially when requirements include the ability to have a team of developers, the ability for a developer to run the site (including content) on their system (so they can reproduce issues caused by content or configuration), multiple content authors, multiple environments (such as staging and production), and the … Continue reading WordPress on AWS The Easy Way with VersionPress

DNSSEC on OpenWrt 18.06, 19.07, and 21.01

DNSSEC ensures that the results of DNS queries (for DNSSEC enabled domains) are authentic. For example, integralblue.com uses DNSSEC, so if an attacker (using a man in the middle or spoofing attack) changes the IP address that www.integralblue.com resolves to, then a DNS resolver supporting DNSSEC will be able to tell and return an error. … Continue reading DNSSEC on OpenWrt 18.06, 19.07, and 21.01

DNS Over TLS on OpenWrt 18.06, 19.07, and 21.01

DNS over TLS encrypts DNS queries so no one between you and the DNS server you’re using (which, by default using these steps, will be Cloudflare’s 1.1.1.1), can tell what DNS queries/responses are being exchanged. DNS over TLS provides confidentiality but not integrity or authenticity. For those, you need to setup DNSSEC which I’ve described … Continue reading DNS Over TLS on OpenWrt 18.06, 19.07, and 21.01

MaybeGZIPInputStream

I’m currently working on an application that persists Java serialized data (using ObjectOutputStream) in a database. Java’s serialization format compresses very well – so why not compress the data when storing it then decompress it while reading for a quick win? The problem is that there will still be legacy, uncompressed data, which the application … Continue reading MaybeGZIPInputStream

SQS JMS Resource Adapter

The recently released SQS JMS Resource Adapter allows JEE applications (running on any JEE application server, including Glassfish, Payara, JBoss, IBM Liberty, etc) to easily use AWS SQS as a JMS implementation. This resource adapter can be helpful in many situations, such as: Migrating an existing JEE application from another JMS implementation (such as RabbitMQ, … Continue reading SQS JMS Resource Adapter

Trusting DoD Certificates in Docker and Beanstalk

The US DoD (Department of Defense) uses its own root certificate when signing https certificates for its domains. For example, https://www.my.af.mil/ uses such a certificate. These root certificates are not trusted by any (commercial/public) operating system, browser, or other client. Therefore, in order to access these sites and not get an error, the DoD certificates … Continue reading Trusting DoD Certificates in Docker and Beanstalk

Coal to Cryptocurrency: Mining Remains a Threat

Coal was the fuel that powered the Industrial Revolution, bootstrapping the modern age as we know it. Acquiring it was simple, using it was easy, and it got the job done. Coal was the perfect resource. Back in those days, efficiency and cleanliness weren’t concerns because of ecological immaturity (society didn’t know any better) and … Continue reading Coal to Cryptocurrency: Mining Remains a Threat

Working around HHH-9663: Orphan removal does not work for OneToOne relations

HHH-9663 means that orphan removal doesn’t work for OneToOne relationships. For example, given File and FileContent as below (taken from the bug report): package pl.comit.orm.model; import javax.persistence.Entity;import javax.persistence.FetchType;import javax.persistence.Id;import javax.persistence.OneToOne; @Entitypublic class File {  private int id;  private FileContent content;  @Id public int getId() { return id; }  public void setId(int id) { this.id = id; }  … Continue reading Working around HHH-9663: Orphan removal does not work for OneToOne relations