[Security/Gitea] How to Secure Your Public Gitea Server Without Complex Configuration

Last time when I restarted my Gitea server was when I upgraded it to 2.20.11. It has been six months. Although I almost pushed code everyday, I didn’t notice that my Gitea server was already attacked by hackers for a couple of months. I found out that the hackers created few users and repositories on my Gitea server everyday. I was lucky that I found out this issue before it was too late. ...

Illustration: Docker container security - disabling SSH for production environments.

[Dockerfile] How to Prevent Docker Container from SSHing

While SSH is a valuable tool for debugging and testing Docker containers, enabling it in production environments is not recommended due to security concerns. To disable SSH in a Docker container, it’s advisable to remove the SSH server during the image building process. One way to accomplish this is to remove the SSH server during the Docker image building process. For example, if you’re using the alpine base image, you can use the following Dockerfile: ...

[Docker] Configure Custom TLS Certificates for Docker API Using Docker-in-Docker

Hey there! Have you ever wanted to configure custom TLS certificates for Docker API, but didn’t want to mess up your local Docker environment before you’re sure everything is working smoothly? Well, fear not! I’ve got a secret recipe for you that involves using Docker-in-Docker (DinD) to run a temporary Docker container with custom TLS certificates mounted. To get started, let’s say you already have your custom TLS certificates ready in the path `/tmp/certs``. You can run the following command to start a temporary Docker container with custom TLS certificates mounted: ...

[Mail Server] What is DKIM

DKIM (DomainKeys Identified Mail) is an email authentication method that allows the sender of an email to associate their domain name with the email message. This allows the recipient’s email server to check that the email message is authorized by the sender’s domain and has not been tampered with during transit. DKIM uses cryptographic signatures and public-key cryptography to verify the authenticity and integrity of email messages. When an email is sent, the sender’s mail server generates a digital signature for the message, which is then added to the email’s headers. The recipient’s mail server retrieves the sender’s public key from a DNS record and uses it to verify the signature. If the signature is valid, the recipient’s mail server can be confident that the email is from the domain it claims to be from and has not been altered in transit. ...

DigitalOcean Referral Badge
Sign up to get $200, 60-day account credit !