Skip to content

Instantly share code, notes, and snippets.

View AlekseyKorzun's full-sized avatar
🤠
Doing it live

Aleksey Korzun AlekseyKorzun

🤠
Doing it live
27 followers · 5 following
  • Brooklyn, NY
View GitHub Profile
@AlekseyKorzun
AlekseyKorzun / lighttpd-lua-example
Last active October 24, 2015 15:41
Static bandwidth limiting and blacklisting with Lighttpd + Lua
# Lighttpd
$HTTP["referer"] !~ "^($|http://([^/]*\.)?imagesocket\.(com|net|org)/)" {
magnet.attract-physical-path-to = ("/www/sites/conf/imagesocket/bandwidth.lua")
}
# Lua check for images that exceeded limit(S)
# Path - Flag - Expiration
local url_check =
{
["/images/2012/08/20/1.png"] = true, -- 1352167206
@AlekseyKorzun
AlekseyKorzun / update-pingdom-iptables-centos.sh
Last active October 28, 2015 18:08 — forked from mickm/update-pingdom-iptables.sh
Whitelist Pingdom probe-servers in iptables on CentOS.
#!/bin/bash
#
# Whitelist Pingdom probe-servers in iptables.
#
# Create a chain called "PINGDOM" and jump to it somewhere before
# the final REJECT/DROP, e.g.
#
# # New chain for Pingdom rules
# :PINGDOM - [0:0]
#
@AlekseyKorzun
AlekseyKorzun / tabstospaces
Created February 14, 2013 17:11
Convert all tabs to spaces within PHP files
find . -name *.php ! -type d ! -name _tmp_ -exec sh -c 'expand -t 4 {} > _tmp_ && mv _tmp_ {}' \;
@AlekseyKorzun
AlekseyKorzun / policy.xml
Created May 5, 2016 12:49
Policy update to secure ImageMagik
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policymap [
<!ELEMENT policymap (policy)+>
<!ELEMENT policy (#PCDATA)>
<!ATTLIST policy domain (delegate|coder|filter|path|resource) #IMPLIED>
<!ATTLIST policy name CDATA #IMPLIED>
<!ATTLIST policy rights CDATA #IMPLIED>
<!ATTLIST policy pattern CDATA #IMPLIED>
<!ATTLIST policy value CDATA #IMPLIED>
@AlekseyKorzun
AlekseyKorzun / gist:f2bca06f74257cfae288
Last active March 19, 2017 00:53
Roboform XSS
Credit to Paul Moore / @Paul_Reviews:
1. Navigate to http://www.roboform.com/have-i-been-hacked
2. Replace 'Enter account to test' with following: <script type="text/javascript">$('img').attr('src', 'https://lastpass.com/images/lastpass-logo.png');</script>
3. Click on 'Check Now'
In action:
http://g.recordit.co/oBk26XEv0P.gif
@mickm
mickm / update-pingdom-iptables.sh
Created November 21, 2012 20:21
Whitelist Pingdom probe-servers in iptables.
#!/bin/bash
#
# Whitelist Pingdom probe-servers in iptables.
#
# Create a chain called "PINGDOM" and jump to it somewhere before
# the final REJECT/DROP, e.g.
#
# # New chain for Pingdom rules
# :PINGDOM - [0:0]
#
@andreif
andreif / Performance of Flask, Tornado, GEvent, and their combinations.md
Last active May 9, 2022 05:46

Performance of Flask, Tornado, GEvent, and their combinations

Wensheng Wang, 10/1/11

Source: http://blog.wensheng.org/2011/10/performance-of-flask-tornado-gevent-and.html

When choosing a web framework, I pretty much have eyes set on Tornado. But I heard good things about Flask and Gevent. So I tested the performance of each and combinations of the three. I chose something just a little more advanced than a "Hello World" program to write - one that use templates. Here are the codes:

1, Pure Flask (pure_flask.py)

@jarvys
jarvys / run-multiple-redis-instances.md
Last active September 27, 2022 13:02
run multiple redis instances on the same server for centos
  • create a new redis .conf file
$ cp /etc/redis.conf /etc/redis-xxx.conf
  • edit /etc/redis-xxx.conf, illustrated as below
...
@luciferous
luciferous / README.md
Created October 9, 2010 12:48
A very small HTTP Client with Rack/WSGI style interfaces

Tiny HTTP

A very small HTTP client with Rack/WSGI style interfaces.

The setup

$sid = 'ACxxxxxxxxxxxx';
$token = '12345678';
$http = new TinyHttp("https://$sid:$token@api.twilio.com");
@sleepyfox
sleepyfox / 2019-07-25-users-hate-change.md
Last active December 10, 2023 18:20
'Users hate change'

'Users hate change'

This week NN Group released a video by Jakob Nielsen in which he attempts to help designers deal with the problem of customers being resistant to their new site/product redesign. The argument goes thusly:

  1. Humans naturally resist change
  2. Your change is for the better
  3. Customers should just get used to it and stop complaining

There's slightly more to it than that, he caveats his argument with requiring you to have of course followed their best practices on product design, and allows for a period of customers being able to elect to continue to use the old site, although he says this is obviously only a temporary solution as you don't want to support both.