Skip to content

Sysrant Posts

500$ bounty: Man in the Middle on Slack

I wanted to disclose a security issue/concern which I found a while ago on Slack in a blog post. The issue itself is not very technical on itself. This makes it cool to share it with a somewhat broader public. Hopefully to create more awareness about security in general. Besides that, I hope people will start using bug-bounty programs more often. Either by signing up on programs such as HackerOne with their company or by just trying to hack in one of the programs there 😉 Slack? Just a small intro for those who don’t know Slack (shame on you…

WordPress can be secure

I have encountered many discussions regarding WordPress and it’s security. I love arguments and I believe we should stop see everything in black and white. Hence my title. It can be secure. Because I believe it can also be insecure, but more importantly I want to share my knowledge on the topics regarding security. To make it more secure. I have managed over 150 WordPress websites professionally on my previous job(s) and this website itself is WordPress too. Over a timespan of roughly 3-4 years, I have had 0 breaches. One could argue: but you got “pwned” yet you did…

Everything is still very insecure

I obviously browse the web and sometimes when I do that, I just randomly check for odd behavior. It’s just a simple fact that if we have given some random website, there are issues. In general, it takes me literally about 3 minutes to “find something”. First thing first. I’m actually not a great hacker. I’m probably not even good. I just know what to look for and have my experience of ~10 years as a programmer in my backpack. The second part is when I find “something”, it can be something simple. Most cases it is just misconfigurations and/or…

Creating a static website with Google Cloud’s Storage & App engine

I recently had some experiences with Hugo. Hugo is one of the most popular open-source static site generators. With its amazing speed and flexibility, Hugo makes building websites fun again. https://gohugo.io/ I wanted to create a new website for myself and figured I’d give it a go. These are my experiences with it. General thoughts about Hugo I like the principle of Hugo. It enables you to create content in a fairly easy way and generate static files for it. Out of the box, it provides various internal functions to make that generation easier. Especially when your theme is set…

Cloud native WordPress with Docker on Kubernetes

Perhaps it’s good to start with the definition of cloud native: Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach.These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil. https://github.com/cncf/foundation/blob/master/charter.md So, is WordPress Cloud native? Fuck no. I will explain it further later on but to be honest, no PHP application or even framework is made…

My API was shit – I used it myself

I mostly program in PHP; there is absolutely nothing wrong with it per se. Honestly I can create things within a few hours that would cost a few days in a stricter language. I know the code is not that awesome, but that was not the goal. The goal was to try something out without wasting immense time & resources on making it “perfect”. So back to the API I once created an API that would give me data, data that I could use on my website or any other device / application. I used it only via my website and…

A domain change…

Years ago I bought the domain devrant.com. I had an idea for it; a sort of forum where devs could rant, included some personal blogs by various devs who fancied writing and needed a platform. Over time I did a lot of projects but not this one. A while a go I got contacted by the dudes from devrant.io. Obviously you can guess the question and you already see the answer. Just let me get some facts straight first; I owned the domain way before devrant.io was ‘born’ or even that active. I saw a ‘rant’ on devrant (lol) claiming…

Enjoy life!