Linters: Keys To Secure, Maintainable, Quality DevSecOps

Linters are static analysis tools that analyze source code and report problems. The term goes all the way back to Bell Labs in 1978 but the concept is still very important today. In my opinion, linters are a key ingredient of a successful DevSecOps implementation, and yet not enough people are aware of linters, how … Continue reading Linters: Keys To Secure, Maintainable, Quality DevSecOps

Trusting AWS RDS Certificates in Docker and Beanstalk

To connect to AWS RDS databases using TLS/SSL, the client must trust the certificate provided by RDS; RDS doesn’t use certificates trusted by the CAs (Certificate Authorities) included by operating systems. Without TLS/SSL, the connection to the database isn’t secure, meaning an attacker on the network between the client (running in EC2) and the database … Continue reading Trusting AWS RDS Certificates in Docker and Beanstalk

WordPress on AWS The Easy Way with VersionPress

Developing and administering WordPress can be painful, especially when requirements include the ability to have a team of developers, the ability for a developer to run the site (including content) on their system (so they can reproduce issues caused by content or configuration), multiple content authors, multiple environments (such as staging and production), and the … Continue reading WordPress on AWS The Easy Way with VersionPress

Trusting DoD Certificates in Docker and Beanstalk

The US DoD (Department of Defense) uses its own root certificate when signing https certificates for its domains. For example, https://www.my.af.mil/ uses such a certificate. These root certificates are not trusted by any (commercial/public) operating system, browser, or other client. Therefore, in order to access these sites and not get an error, the DoD certificates … Continue reading Trusting DoD Certificates in Docker and Beanstalk