GoorooTHINK

Thought provoking and helpful articles
from the Gooroo community.

Do you have something to say? Contribute or create an article and add it to your Gooroo bio.

  1. Creating HSTS and Pre-load with Cloudflare

    Most people are familiar with HTTPS and the concept of secure websites. Securing websites become more and more common, which is a really good thing. Not only do we know that the data sent and received from the website is secure, but we also get a sense of knowing we will be alright. We expect that we get confidentiality, authenticity and integrity from modern websites. After all, we see sites every day with this:This is becoming more and more common, and according to Scott Helme almost 31% of the...
  2. Securing your Exchange Online

    If your company its using Exchange Online services and you are responsible for email security, you have many options that you can implement to improve email security. By default every new Exchange Online tenant come with a defaults protections policy such as:Every default policy can be viewed, edited but not deleted. Its so recommended that you review all of this policies.As administrator, you can create additional malware or spam policies and applies it to specific users or groups.The malware filter...
  3. Custom user roles and role-based authorization in ASP.NET core

    I've recently been trying to contribute to the developer community, in more ways than I previously have. One of the areas I decided to delve into, is spending more time on tech forums and resources like StackOverflow.  Well not for asking questions or checking for answers, but more for answering as many questions as I possibly can. The aim is to provide answers primarily to questions budding developers are asking. so Let's hope I do a lot of that as time goes on. Hey, I might...
  4. Visual Studio: Creating and managing digital certificates in C#

    Digital Certificates are used for secure communication between two parties. In digital certification we ensure that the peoples who are using our apps or services are securely communicating with each other and those peoples can be individual consumers or businesses.In Digital Certification we use both Hashing and Asymmetric encryption for creating digital signatures.After encrypting the hash of data we obtain a digital signature later which is used for verification of data.As there are a lot more...
  5. How to install pfSense onto a CheckPoint Firewall Appliance

    pfSense is an Open Source firewall platform that can also be used for site to site connectivity as well as mobile client connectivity.Having used pfSense in the past and knowing how robust and secure the platform is, I wanted to see if I could port or install pfSense onto a CheckPoint firewall appliance. I figured that the CheckPoint appliances should have more than enough power to run pfSense.I was able to test the installation of pfSense using a few older CheckPoint appliances that were decommissioned...
  6. Https Redirect with Asp.Net Core RC2 And Kestrel on Windows

    June 1, 2016I've learned a lot about Asp.Net Core RC2, Kestrel and ports as I failed in various attempts to get a http to https redirect. I share this as a retrospective for myself and in hopes of helping you avoid the swamp and to stay on the narrow road.Update: This approach works with the 1.0 release of Asp.Net Core as well as RC2.Host Asp.Net with Kestrel without IIS for an internal app. I'd like to hit the machine at http://machine-name/ and get redirected to a login at https://machine-name...
  7. Http Patterns: Progress

    A progress resource is usually a temporary resource that is created automatically by the server to provide status on some long running process that has been initiated by a client. It is used to provide feedback to an end user and point to the results of an operation once it has completed.HTTP is a client/server request and response protocol. It does not provide for server initiated communications. If a client makes a request to a server that is likely to take a long time, e.g. 5 seconds or longer,...
  8. HTTP Patterns : Factory

    A factory resource is one that is used to create other resources.Sometimes it is difficult to create a complete resource representation on the client without some involvement from the server. It may be that the server is responsible for creating a unique identifier for the new resource, so a PUT request is not possible. Or other attributes of the resource may be dependent on existing server state. For example, creating a order resource where the order quantity may be adjusted based on in-stock quantity.
  9. One Weird Trick To Improve Web Performance

    The web is chock full of web performance advice. There are books on the subject, I've written articles about them, and there are countless case studies proving just how critical web performance is. All of these tips, patterns and "best practices" are important to understand and apply when appropriate, but the current state of the art, science and technology that drives the web (not to mention the politics!) has created a climate in which one simple web performance trick will likely provide...
  10. HTTP Patterns : Bouncer

    A resource designed to accept a request body containing complex query parameters and redirect to a new location to enable the results of complex and expensive queries to be cached.There are practical limitations to the length of a URL on the Web. In order to send complex queries it is sometimes necessary to use a POST method and use the request body to describe the query parameters. However, a POST method cannot return a cached response. If the complex queries take a non-trivial amount of time...
  11. Edit DRAFT Edit

    • updated