Best two-factor authentication (2FA) for WordPress

When securing your WordPress installation, there’s an abundance of tasks to be performed. One of them, and a very important one, is enabling two-factor authentication for all users. Most popular way of doing that is by using a plugin that works with smartphone apps, like Google Authenticator – but from what I saw those are either quite poor or require a payment to use for more than one user.
Recently, a new player has come to the scene, and they’re making quite a stir.

Continue Reading

Deploying API Gateway and Lambda with CloudFormation

Combination of AWS API Gateway and Lambda functions is a flag example of every “serverless infrastructure”. When deploying API Gateway with CloudFormation there are two different ways you can define your API: via Swagger template or by directly defining your methods in CloudFormation template.

apigateway+lambda

Continue Reading

NAT, pf & jails

Sometimes you want to use jails on the same hosts that do the NAT. That of course isn’t by any means a complicated task and pf can do that very easily. The problems begin when you want to connect from one jail to a NATed IP (in the example 192.168.122.251) to a port that is redirected to another jail on the same system. Here is one of the solutions.

Continue Reading

What’s broken when deploying Lambda and API Gateway via CloudFormation

AWS Lambda and API Gateway are becoming synonymous with “serverless infrastructure” and getting more and more popular. To deploy them in repeatable way, one of the tools I recommend is CloudFormation. There are many ways you can define your API and your Lambda, but when connecting the two with CloudFormation there’s usually something that many people miss, and only notice when {"message": "Internal server error"} is thrown from their API Gateway endpoint.

Continue Reading