Saturday, May 12, 2018

Rewrite Http to Https in Nginx


server {
       listen         80;
       server_name    example.com example2.com;
       return         301 https://$host$request_uri;
}

server {
       listen         443 ssl;
       server_name    example.com example2.com;
       ...
}

For ssl, usually we need

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        ssl_certificate /etc/nginx/cert/certchain.crt;
        ssl_certificate_key /etc/nginx/cert/cert.key;

        ssl_session_cache shared:SSL:20m;
        ssl_session_timeout 60m;

        ssl_prefer_server_ciphers on;

        ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;

        #ssl_dhparam /etc/nginx/cert/dhparam.pem;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

        #ssl_stapling on;
        #ssl_stapling_verify on;
        #ssl_trusted_certificate /etc/nginx/cert/trustchain.crt;
        #resolver 8.8.8.8 8.8.4.4;

        #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
        add_header Strict-Transport-Security "max-age=31536000" always;

        # Rest of your regular config goes here:
        # […]
}

Friday, May 11, 2018

git commit all deleted files at one time


There are couple of options to do batch commit of deleted files.

git add .  => Add all (tracked and modified)/new files in the working tree.

git add -u => Add all modified/removed files which are tracked. (stages removed file and modifiled files, then git commit -m 'message')

git add -u folder/ => Add modified/removed files under the folder

git add -A => Add all (tracked and modified)/(tracked and removed)/new files in the working tree. (similar to git add -u, but also adds new files.)

git commit -a -m "commit message" - Add and commit modified/removed files which are tracked.

git ls-files --deleted -z | xargs -0 git rm
git rm $(git ls-files --deleted)

My personal perfer is git add -A and git add -u

Tuesday, May 1, 2018

Send Transactional Email

  1. Hosted email service
  2. Amazon SES
  3. SendGrid
  4. Mandrill (MailChimp Transactional)
  5. Mailgun
  6. Mailjet
  7. SendinBlue
  8. Postmark
  9. Campaign Monitor
  10. SparkPost
  11. Knowtify
https://zapier.com/learn/email-marketing/best-transactional-email-sending-services/

How to prevent Chrome auto-fill input box

There are various discussions on stackoverflow regarding how to prevent Chrome auto-fill text input, and the final solution is using fake fields (as of May 2018)

<!-- fake fields are a workaround for chrome autofill getting the wrong fields -->
<input style="opacity: 0;position: absolute;">
<input type="password" style="opacity: 0;position: absolute;">

The most mentioned solution is using hidden fields, but Chrome now ignores hidden fields, so above solution is the final, below solution might not work any more in latest Chrome browser.

<input style="display:none" type="text" name="fakeusernameremembered"/>
<input style="display:none" type="password" name="fakepasswordremembered"/>

Discussed solutions might work in certain case
1. Set autocomplete to text or email input
autocomplete="off"
autocomplete="false"
autocomplete="nope"
autocomplete="new-password" for type=password

2. Set form action to GET instead of POST

3. Set input to readonly, then remove readonly attribute later after UI rendered

4. Set autocomplete="false" to form
For instance, in AngularJS, uses
<ng-form autocomplete="false">
.....
</ng-form>

https://stackoverflow.com/questions/12374442/chrome-browser-ignoring-autocomplete-off