Nginx Rate Limiting: How to Stop Abuse Without Breaking Legitimate Traffic

Rate limiting is one of those things that’s easy to get wrong in both directions — too loose and it does nothing, too tight and you start blocking real users. I’ve tuned rate limiting configs on production sites a few times and I’ve made both mistakes. Here’s what I’ve learned about how Nginx rate limiting […]

Nginx Rate Limiting: How to Stop Abuse Without Breaking Legitimate Traffic Read Post »

Nginx Basic Auth: Quick Access Control Without a Full Auth System

Sometimes you need to protect a URL quickly — a staging environment, an admin panel, a Prometheus metrics endpoint, internal documentation. Setting up a full authentication system is overkill. Nginx’s built-in basic authentication handles these cases well. Basic auth has a reputation for being insecure, but that reputation is mostly from HTTP days. Over HTTPS,

Nginx Basic Auth: Quick Access Control Without a Full Auth System Read Post »

LVM on Linux: Logical Volume Management for Flexible Disk Storage

LVM changed how I think about disk management. Before LVM, adding storage meant figuring out partitions, worrying about running out of space, and sometimes having to move data around to resize things. With LVM, extending a filesystem is usually a matter of three commands. Shrinking, snapshotting, moving storage between devices — all doable without downtime.

LVM on Linux: Logical Volume Management for Flexible Disk Storage Read Post »

TLS Certificate Validity Is Dropping to 47 Days: Timeline, Impact, and How to Prepare

For most of the last decade, the maximum validity period for a publicly trusted TLS certificate sat at 398 days — just over thirteen months. Long enough that a sysadmin could handle renewals with a calendar reminder and a few manual steps. That window is closing. In April 2025, the CA/Browser Forum passed a ballot

TLS Certificate Validity Is Dropping to 47 Days: Timeline, Impact, and How to Prepare Read Post »

Scroll to Top