Many people believe that what we have on the market is what people really need. But it is not completely true. Very often marketing department just found what people are buying and sell more of it. It could be dots per inch on your phone, inches in TV diagonal, Gigahertz in CPU frequency etc. And very often is it just overkill. And today I would like to talk about 4K and 8K TVs.

But firstly, I would like to state that I would like to talk only about TVs that everyone can afford to buy. Let say 60-80” diagonal. Of course, if you have 150” TV everything that I will say below will not apply or apply only partially.

TV

Many people saying: “I created small site, surely nobody will want to hack it”. And this is 100% wrong. And I will explain why.

Yeah, it is true that hack into Google, Microsoft or any financial institution will be quite profitable for hackers and they are definitely trying. But it is one side of the story. Other side of the story that to do it they need computer power and millions of the computers. Hacking big company from personal computer has many limitations:

  • There is chance that other side will be able to find where you are from and then there is possibility of serious personal consequences for hacker.
  • Very often after few attempts IP address of hacker will be blocked. This block is easy to overcome but it will require time and thus reduce effectiveness of hack.
  • Trying to do it from personal computer can be quite slow and sometimes you need like millions attempts to do something.

Previous part is here.

I found that I was missed one critical part that I did in my application but forgot to explain here. Let me explain little bit. Effectively secure communication via HTTPS protocol happens between browser and nginx that is web server. Nginx communicates with .NET application via HTTP protocol. And effectively .NET application believes that it is communicating via HTTP. It called SSL termination.

And as result .NET application can return something that is not compatible with HTTPS protocol. In my case it returns link to profile from Gravatar service via HTTP. This in turn leads to complain from web browser that there is mixed content: HTTP and HTTPS. And that one only minor problem but

If you are planning to buy new PC and thinking about buying new i9-11900K, then read this post and perhaps you will change your mind.

In short, this CPU MSRP price is the same as AMD 5900X. 5900X will be faster pretty much everywhere with 1-2 exceptions in games where it is slightly slower. But when it faster it often much faster than i9-11900K. Specially it is faster in productivity tasks. Moreover, 5900X consumes considerably less power. If you compare retail price, 5900X about $65 cheaper.

So, in short if you want faster CPU than consumes less power, buy AMD 5900X.

But if you Intel fan and AMD is not for you, then buy i9-10900K. It is faster in most

This is continuation of Running .NET Core app on AWS Lightsail Linux instance.

By this moment everything is working exactly as I want. But I have 2 things that really annoys me: backup and updating web site. Because I revoked access to web site directory for every account except www.example.com I have to run a lot of commands from sudo user to backup and update my web site. I would like to automate these steps.

Backup

I have 2 things to backup: web site itself and its data. I separate them because they have different update schedule. For example, I can update web site few times per day and then did not update it for weeks. Obviously, I

This is continuation of Running .NET Core app on AWS Lightsail Linux instance.

One of the useful features I always use for .NET and .NET Core application in IIS is special file app_offline.htm. If this found exist in application’s directory, then .NET module for IIS will return contents of that file for every request. Usually, it used for maintenance. For example, I put some text that web site is under maintenance and that it will be finished in few minutes. Then I am updating all necessary files that are impossible to update while web site is running. When I finished, I will rename it to app_offline.hml_ until next maintenance.

I found like to implement something

Previous part is here.

DNS

Firstly, you need domain name. “You can purchase a domain name from Namecheap, get one for free with Freenom, or use the domain registrar of your choice”. Then follow instructions on how to setup A record. Because you have static IP it will be really easy to do. For example from Namecheap instructions are here.

Keep in mind that it could take up to 24 hours to propagate changes. But if you never accessed your domain before, then it should work in few minutes. Remove your changes from hosts file on your computer and when changes are propagated, you should be able to refresh your browser and see your site with

Previous part is here.

Web service

Next step will be to run dotnet application in service that starts with your virtual PC and system will restart it if application crashes. We will create specific user (www.example.com) that will run dotnet application. Why do we need specific user? Answer is quite simple – security.

Let me elaborate on that. Nginx is running from specific user (www-data). Service will run from another user that we will create (www.example.com). Surely you can run everything from root account, but if nginx or dotnet has some vulnerability then hacker will get access to whole system. If each service has own quite limited account that not even able to login. Moreover,

Previous part is here.

Configuring Web Server

I chose nginx as web server because after research it looks like it is gaining a lot of popularity while second contender Apache2 is losing popularity.

First step is to ensure that your web server is working correctly. Because http port is opened in Amazon router and in your virtual PC you should be able to access it from outside from your browser. Just type https://<you static IP address> in your browser and press Enter. You should see standard nginx web page.

Next step is to make sure that nginx will not serve anything that is not specifically added. Edit file /etc/nginx/sites-available/default and replace it content with following:

server {
	listen 80 default_server;
	listen [::]:80 default_server;
	return   444;
}