Rules of AEM

Caching Strategy - CDN/APACHE - Internal working & Example Headers Imagine a company is hosting a website on a server in any cloud provider like AWS, AZUR, GCP . It may take around 100ms to load for users in US, but it takes 3–5 seconds to load for users in Finland. Fortunately, there are strategies to minimize this request latency for far-away users. These are called Caching and Content Delivery Networks (CDNs), which are two important concepts in modern web development and systems design. CDN are of different-different type   based on cloud service provider below are few most used ones – Cloud Front , by AWS Azure Front Door Content delivery solution from Akamai Different Caching Strategies Caching data can greatly improve the performance of applications. There are typically 4 common places where we can store cached data. Browser Caching Browser caching involves storing website resources on a user’s local computer. When a user revisits a site, the brow...

Prevent DDoS in Apache & IP Block Automation DDoS (Distributed Denial of Service) attacks are a type of cyberattack that can cause serious damage to your web server. These attacks involve flooding your server with a huge volume of traffic, overwhelming its resources and causing it to crash. In this blog post, we'll discuss how to prevent DDoS attacks in Apache, without using any third part tool/application.     Available Options to Prevent DDoS : You can use various mentioned methods to achieve the same. But using WAF, CDN, etc will cost extra dollars. Which might not be necessary for a small scale application.   Use a Web Application Firewall (WAF): A WAF can help detect and block malicious traffic before it reaches your Apache server. It can also help block common attack vectors, such as SQL injection and cross-site scripting (XSS). Install mod_evasive: mod_evasive is an Apache module that helps detect and block DDoS attac...

How to Configure CSP header in AEM ? Content Security Policy (CSP) is a security feature that helps prevent cross-site scripting (XSS) and other code injection attacks by restricting the sources from which a page can load resources. To implement a CSP header in an Apache web server, you can use the Header directive in your Apache configuration. Here are the steps to implement a CSP header in Apache: Determine your CSP policy: First, you need to determine your CSP policy. This policy defines the rules for what types of content can be loaded from which sources. You can use a CSP policy generator like the one available on the Mozilla Developer Network (MDN) website to generate a policy that meets your needs. Add the CSP header to your Apache configuration: Once you have your CSP policy, you can add the CSP header to your Apache configuration. To do this, open your Apache configuration file (usually located at /etc/httpd/conf/httpd.conf or a similar location depending on your setup) and ...