Every server instance with publicly facing IP address is constantly targeted by malicious network scanning bots. Those bots are usually harmless unless they start a DDoS attack or discover a vulnerability. Additionally, they are obfuscating the SSH access logs and using up some of the server resources. In this tutorial, I will explain how to hide your AWS EC2 server from those scanners using IPv6.
Storing files on S3 is for many developers, the first contact with AWS cloud. Unfortunately, the quick and easy configuration can be insecure. If you are uploading files to an S3 bucket but never configured a custom AWS IAM policy it's possible that there's a security issue in your app. In this tutorial, I will describe what IAM policies are and how to securely configure them when working with S3 in the Rails apps.
My side project Slack app Abot has recently reached a milestone of $10,000 total profit. In this blog post, I describe how the project has changed during the last year and what I am doing to grow and promote it. I also share some details about the usage stats and revenue.
Storing sensitive data in plaintext can seriously harm your internet business if an attacker gets hold of the database. Encrypting data is also a GDPR friendly best practice. In this blog post I describe a simple way to securely encrypt, store and decrypt data using built in Ruby on Rails helpers instead of external dependencies.
Heroku offers a robust backups system for it's Postgres database plugin. Unfortunately, you can irreversibly lose all your data and backups just by typing a single command. It might seem improbable, but still, I would rather not bet my startup's existence on a single faulty bash line. In this tutorial, I will describe how to set up a proprietary redundant Heroku PostgreSQL backups system to a secure AWS S3 bucket.
I've noticed that many programming blogs I read don't implement certain simple SEO techniques, and bloggers could be missing valuable traffic opportunities. I will describe a couple of search engine optimization tips which can improve your technical blog's SEO ranking and search results position in 2019. I will cover topics like Google's Featured Snippets, best rendering speed tips and social media meta tags.
Continuous integration and delivery pipeline can have a significant impact on the dev team's productivity and stability of production releases. In this tutorial, I describe how to automate testing, security checks, and deployments for Ruby on Rails apps using CircleCI. I cover a basic CI setup as well as more advanced features like concurrent specs, dependencies caching, NodeJS/Webpack setup, Heroku deployments, and GitHub integration.
Most Ruby developers work with Rails and Active Record for PostgreSQL database interactions. It provides a ton of magic and is simple to start with. Data integrity problems start creeping up once the code base and database structure gets older. In this blog post, I will describe a couple of techniques for ensuring data integrity and validation in Ruby on Rails web apps.
Dokku lets you setup Rails hosting infrastructure on a simple VPS without much dev ops experience. Although it is easy to get started, a default config might result in very slow and unreliable deployments. In this blog post, I will describe how I've improved my Dokku based Ruby on Rails (NodeJS with Yarn and Webpack) application deployment speed by over 400% using a Docker image Dockerfile.
In this screencast, I present a prototype of my new side project. It is a simple tool that allows you to visually scrape interesting parts of different websites to create your personal internet dashboard. I want to probe the interest before releasing a public MVP version.
I've used to recommend supporting Google AMP pages as a reliable way to increase site SEO rating, organic traffic and performance. Recently I've removed AMP from my website. In this blog post, I will describe how it affected my blog and a couple of more advanced web performance optimization techniques I am using instead of a proprietary standard like Accelerated Mobile Pages.
ELK Elastic stack is a popular open-source solution for analyzing weblogs. In this tutorial, I describe how to setup Elasticsearch, Logstash and Kibana on a barebones VPS to analyze NGINX access logs. I don't dwell on details but instead focus on things you need to get up and running with ELK-powered log analysis quickly.
In this screencast, I explain how to write, release and promote a programming blog post on various social platforms even if you don't have an audience yet. I present my typical routine and tools I use when submitting a new post.
Dokku is dev ops for dummies and a simple way to deploy websites on a barebones VPS. In this tutorial I will describe how to use it to host a static site, and setup global assets caching with free Cloudflare CDN and SSL certificate.
Recently I've started using a productivity technique which saves me a lot of unnecessary typing when working with Rails apps. In might seem trivial but I still wanted to share it because it makes my everyday work easier.
Many Ruby on Rails apps use Amazon AWS S3 buckets for storing assets. When dealing with files uploaded by front-end web or mobile clients there are many factors you should consider to make the whole process secure and performant. In this blog post, I will describe common pitfalls and an optimal solution when it comes to handling client-side file uploads.
Dokku is dev ops for dummies and a cheaper alternative to Heroku. Recently I've migrated a couple of my projects to it. In this blog post, I will describe how to setup and migrate a Rails app to Dokku with PostgreSQL, Sidekiq, Redis and Let's Encrypt or Cloudflare for free SSL.
Two weeks ago my blog post made it to the top of Hacker News. Around 30k people read about my side project Slack bot that day. In this blog post I will describe how it affected the project and my other passive monetization and marketing strategies.
Scaling issues are great because it means that you have traffic on your website. Before you decide that 'Rails doesn't scale!' and start a rewrite to a tech stack with potentially more performance, maybe you should double check queries that your PostgreSQL database executes. Below I describe some tools and techniques you can use to track down, diagnose and optimize slow Active Record SQL query execution.
Developing iOS mobile apps and server-based Ruby applications is different on many levels. In this blog post, I will present a high-level overview of different aspects of day-to-day working in these technologies.
Many software houses and startups are blogging regularly. A simple blog implementation detail can seriously hurt company's SEO rating and in consequence business. Read on if you are interested what’s the problem and how it can be fixed.
Medium is an extremely popular blogging platform for both newcomers and expert tech-savvy bloggers. I've noticed the serious SEO related issue with using it as your main blogging tool. Read on if you are curious how Medium hurts your internet brand and what's the alternative.
Service Objects are not a silver bullet but they can take you a long way in modeling your Ruby on Rails app's domain logic. In this blog post, I will describe how I usually work with service object pattern in a structured way. I will also cover a simple testing in isolation with mocked services layer.
According to (a bit exaggerated) Pareto principle, 5% of your Rails app endpoints could account for 95% of performance issues. In this blog post I will describe how I improved a performance of my Rails application’s bottleneck endpoint by over 500% using a simple Redis caching technique and a custom Rack middleware.
SSL protection is becoming de facto standard in web and mobile development. One potential problem is that website could be served via a secure SSL connection and still displayed as insecure by most of the modern browsers. It's enough that at least one of its resources is served without SSL. In this blog post, I will explain how to setup a simple Ruby and NGINX server to work as an SSL proxy for insecure content and describe some basic streaming techniques.
Domain names you own could be your most expensive to do list. What’s more a domain without a valid SSL will show up in all modern browsers as an insecure content. In this tutorial, I will explain how to minimize the cost of owning multiple wildcard SSL-protected domains using Cloudflare and set them up with Github Pages, Heroku or NGINX.
In theory, you can run both Rails web server and Sidekiq process on one 512mb Heroku dyno. For side projects with small traffic, saving $7/month always comes in handy. Unfortunately when trying to fit two Ruby processes on one dyno you can run into memory issues and leaks. In this post, I will explain how you can limit memory usage in Rails apps.
I would like to share a simple productivity tip that probably helped me save thousands of keystrokes so far. I’ve been using this technique for a while now to maximize my laziness (productivity) during work and so, recently I wrapped it up in an easy to use Ruby Gem.