Categories
Software Development

Secure PostgreSQL connections on your Django project

Last week, an article was published with some interesting numbers about the security of PostgreSQL servers publicly exposed to the internet (You can find it here). But more than the numbers, what really caught my attention was the fact that most clients and libraries used to access and interact with the databases have insecure defaults: […]

Categories
Python Software Development

Django Friday Tips: Deal with login brute-force attacks

In the final tips post of the year, lets address a solution to a problem that most websites face once they have been online for a while. If you have a back-office or the concept of user accounts, soon you will face the security problem of attackers trying to hack into these private zones of […]

Categories
Python Software Development

Django Friday Tips: Password validation

This time I’m gonna address Django’s builtin authentication system, more specifically the ways we can build custom improvements over the already very solid foundations it provides. The idea for this post came from reading an article summing up some considerations we should have when dealing with passwords. Most of those considerations are about what controls […]

Categories
Software Development

Documentation done right

One critical piece of the software development process that often gets neglected by companies and also by many open-source projects is explaining how it works and how it can be used to solve the problem in question. Documentation is often lacking and people have an hard time figuring out how they can use or contribute […]

Categories
Software Development Technology and Internet

Mirroring GitHub Repositories

Git by itself is a distributed version control system (a very popular one), but over the years organizations started to rely on some internet services to manage their repositories and those services eventually become the central/single source of truth for their code. The most well known service out there is GitHub (now owned by Microsoft), […]

Categories
Python Software Development

Why you shouldn’t remove your package from PyPI

Nowadays most software developed using the Python language relies on external packages (dependencies) to get the job done. Correctly managing this “supply-chain” ends up being very important and having a big impact on the end product. As a developer you should be cautious about the dependencies you include on your project, as I explained in […]

Categories
Software Development Technology and Internet

CSP headers using Cloudflare Workers

Last January I made a small post about setting up a “Content-Security-Policy” header for this blog. On that post I described the steps I took to reach a final result, that I thought was good enough given the “threats” this website faces. This process usually isn’t hard If you develop the website’s software and have […]

Categories
Software Development

Rust examples and exercises

Learning to program in Rust is as easy like other languages out there, because it ends up having different constrains and new concepts that you will have to go through, in the beginning everybody fights the compiler at least a little bit. I started this journey a while ago, however I’ve been progressing slowly just […]

Categories
Software Development

Keep your dependencies under check

Nowadays most software projects with a “decent size” rely on many software dependencies, or in other words: libraries and tools, developed by other people. That usually are under constant change. The reasons for these are clear and can go from implementing common patterns and avoid repeating ourselves, to accelerate the development, to use mature implementations […]