Blog

The terraform import command allows you to import into HashiCorp Terraform resources that already existed previously in the provider we are working with, in this case AWS. However, it only allows you to import those records one by one, with one run of terraform import at a time. This, apart from being extremely tedious, in some situations becomes impractical. This is the case for the records of a Route53 DNS zone. The task can become unmanageable if we have multiple DNS zones, each one with tens or hundreds of records. In this article I offer you a bash script that will allow you to import in Terraform all the records of a Route53 DNS zone in a matter of seconds or a few minutes.

Last December Amazon announced its new EBS gp3 volumes, which offer better performance and a cost saving of 20% compared to those that have been used until now (gp2). Well, after successfully testing these new volumes with multiple clients, I can do nothing but recommend their use, because they are all advantages and in these 2 and a half months that have passed since the announcement I have not noticed any problems or side effects.

Creating a MySQL or MariaDB user and granting permissions to him to access a specific database and be able to write data on it is a very usual task that is necessary to perform each time you install a new application based on any of these database engines, like web applications running on top of LAMP stack. Whether it is a simple WordPress, or a more complex application tailor made, one way or another you will always have to complete these steps at some point before its deployment.

One of the most targeted goals when optimizing a website for page load speed is to get a good score on Google PageSpeed Insights test. But it is not enough to work hard on optimization, achieve a good score and go to sleep. It is essential to periodically monitor score changes as a website evolves and undergoes changes over time which affect this metric.

Here’s a little script that will allow you to automatically track Google PageSpeed Insight score and be alerted if it falls below a custom value.

Since the key combination Control+s is widely used as a shortcut to save files in GUI applications such as text editors, image editors, web browsers, etc. sometimes you are betrayed by your subconscious when you are working from the Linux command line and you use that same key combination when you are for example editing a Vim document when trying to save it. Then you notice that no key answers, the shell is locked and you can no longer do anything else in it.  Even worse, you get a cold sweat because you can’t continue editing your document and you can’t save the changes.

It is often common to embed a Facebook «Like» button on your website so that on the one hand you show the number of followers of your Facebook page and on the other hand you invite the user to click on it to start following your page. However, this type of buttons tend to overload a website quite a lot because they consist of Javascript code that dynamically generates the button with the updated number of followers and the functionality needed to give a «Like». This means that every time you load a page of your website you have to send 11 extra requests to the Facebook servers to download all the necessary elements. Given that these servers are currently located on the west coast of the United States and are not available through any CDN or similar service, depending on where the user is located, it is likely that each of these requests will have to cross half the globe to complete the download. All this causes your website to slow down unnecessarily and its loading speed is affected, which is quite negative in multiple aspects.

Less than two days after it was detected a vulnerability (CVE-2014-6271) that affects the Bash shell on Linux, Unix and Mac OS X, a patch was released that solves this issue only partially, which forced to report a new vulnerability (CVE-2014-7169) still pending. This issue has quickly gained a simple name by which it will be remembered for a long time: Shellshock or Shell Shock.

The bug was detected by Stephane Chazelas, a Unix and Linux system administrator from Akamai when he found out that Bash erroneously interpreted as a command wich only was data within a variable when entering a specially crafted string in the command line. As a result, everything coming after that string was executed as a command or function by Bash. This allows any attacker to execute commands on your server arbitrarily. It’s true that this can not be done as root, but there are many harmful actions that can be done without root privileges.