Tag: security

All the articles with the tag "security".

• Certificate Pinning: The Nuclear Option for TLS Security (Use With Caution)

  1 Mar, 2026

  Certificate pinning and HPKP explained: what they are, why HPKP destroyed itself, and modern alternatives like CAA records and Certificate Transparency.

• .gitignore Entries Every Project Actually Needs

  1 Mar, 2026

  Stop leaking secrets, dependencies, and OS garbage into git. Here are the .gitignore patterns that save you from disaster.

• Vault vs Infisical: Secrets Management for Teams Who've Learned the Hard Way

  19 Feb, 2026

  HashiCorp Vault vs Infisical compared: secrets management for DevOps teams, Docker Compose setup, SDK examples, and when complexity is worth it.

• Pi-hole vs AdGuard Home: Block Ads for Every Device on Your Network

  6 Feb, 2026

  Pi-hole vs AdGuard Home: which DNS ad blocker wins? Compare setup, Docker installs, features, and which one actually belongs on your home network.

• WireGuard vs OpenVPN in 2026: Speed, Simplicity, and Staying Connected

  26 Jan, 2026

  WireGuard vs OpenVPN in 2026: which self-hosted VPN wins on speed, simplicity, and firewall evasion? A practical comparison for home lab nerds.

• Open Source Licenses Explained: What You Can and Can't Do With Free Software

  25 Jan, 2026

  FOSS licenses explained for developers and self-hosters: MIT vs GPL vs AGPL vs Apache 2.0, copyleft vs permissive, and what recent license changes mean for you.

• mTLS Explained: When Regular TLS Isn't Paranoid Enough

  16 Jan, 2026

  Mutual TLS (mTLS) explained for mortals: how both sides authenticate, setting up step-ca for internal PKI, generating client certs, and configuring nginx with mTLS.

• Port Knocking: Simple Obscurity for SSH Access

  10 Jan, 2026

  Hide your SSH port from scanners with port knocking. It's not a replacement for security, but it's a valid defense-in-depth tactic.

• Fail2ban vs CrowdSec: Banning Bad Actors at Your Digital Door

  6 Jan, 2026

  Fail2ban vs CrowdSec compared: learn how both tools protect your Linux server, with real config examples, Docker setup, and tips for running them together.

• SSH Keys in 2026: Ed25519 Is the Standard

  4 Jan, 2026

  RSA SSH keys are on their way out. Here's why Ed25519 is the default in 2026, how to generate one, and how to audit and rotate your old keys.

• Why Your VPN Isn't Routing What You Think

  29 Dec, 2025

  You enabled the VPN but half your traffic still bypasses it. Here's why and how routing actually works.

• DNS Over HTTPS and TLS: Encrypt Your DNS Before Your ISP Sells It

  2 Dec, 2025

  Understand DoH, DoT, and DoQ encrypted DNS protocols and set up self-hosted encrypted DNS with AdGuard Home or Pi-hole. Stop your ISP from logging every domain you visit.