It's quite common now to run your web application behind a reverse proxy or a loadbalancer. This is typically the case if you are running your application in a Kubernetes cluster. In this case, the IP address that is logged by Apache is the IP of the proxy server, which is quite misleading and useless. To get Apache to log the real IP address of the clients, you will have to enable and configure the module remoteip.
Read moreCSS files are a render blocking resource: the browser waits for your CSS files to be downloaded before rendering the page. This means that, as long as the browser is downloading CSS, the user is waiting in front of a black page...
Read more2021 was (again) a special year for everybody. For us as well, but we managed to achieve some results! Here is 2021@cylab.be...
Read moreDeveloping and testing a Laravel project requires to install a substantial number of tools, with the correct version of each: PHP, composer, MySQL database, NPM etc. Moreover, for a substantial project, you will also have to run and test a queue worker and a scheduler. This can become quite complex and long to setup. In this blog post we show how to use docker-compose to run all of these in a single command line...
Read moreIn this blog post, we explain and illustrate the effect of the defer and async attributes.
Read moreI consider myself a moderate Facebook user : I check my account roughly once a week, and I actually post something on my wall once a month, at best... And still, I receive approximately 20 emails per day notifying me that "Chuck Norris is a new friend suggestion" or "Mark Zuckerberg posted a new update". This is represents more than 7000 emails per year.
Read moreSome time ago I wrote a blog about Installing Linux Bash Shell (and Metasploit) on Windows 10. This is great, when we want to enjoy the best of both worlds- keep using Windows, with its out-of-the-box configuration and set-up, and still be able to use the powerful tools available for the Linux distribution. In my previous blog I went through the steps necessary for setting up WSL and installing an Ubuntu and Kali Linux distribution. Since then, a lot of advancements have been made to facilitate the use of these distributions for Windows Users.
Read moreDetecting suspicious or malicious activity in a network is not a trivial task. In recent years the attacks perpetrated have grown in sophistication and frequency. For this reason a new detection tool was developed, in the form of the Multi Agent Ranking framework (MARk). MARk sets the groundwork for the implementation of large scale detection and ranking systems through the implementation of a distributed storage in conjuncture with highly specialized, stand-alone detector agents. The detector agents are responsible for analyzing specific predefined characteristics and producing a report of any suspicious activity encountered.
Read moreLearn how to secure any project with the GitLab SAST analyzers and easily separate the false positives from the real threats that should be addressed before deploying the project.
Read moreDid you know that mysqldump can create inconsistent backups if you do not use database transactions in Laravel? Let's discover that issue and address it in order to avoid it. After setting up and running locally a Laravel project that will serve as a demo for that specific issue, we will observe the necessity of using transactions and how to implement them. We'll also discover many more tips while trying to understand what happens under the MySQL hood.
Read moreIn this blog post we show how to use rsnapshot to configure nice and easy rolling backups.
Read more