11 Matching Annotations
  1. May 2021
    1. I want to avoid nginx overhead (especially if they have tons of alias and rewrites) for in-server communication. Basically, you can have sveltekit server, backend server and nginx server, in that case, communicate inside your internal network will be very expensive like: browser->nginx server(10.0.0.1)->sveltekit server(10.0.0.3)->nginx server(10.0.0.1)->backend server(10.0.0.2) instead just: browser->nginx server(10.0.0.1)->sveltekit server(10.0.0.3)->backend server(10.0.0.2)
  2. Feb 2021
  3. Oct 2020
  4. Aug 2020
  5. Mar 2020
    1. The fastest way to preventively block the scripts that require prior consent is to install a module on your own server that we have developed for Apache, IIS and NGNIX. After the initial configuration, the module will autonomously block all the resources that are subject to prior consent, on all sites on that server that are using the Cookie Solution.
  6. Feb 2020
    1. which they estimate to be $230,000 per year.

      There is some good discussion on HN about the realistic nature of this estimated expense and how it is not likely out-of-line with what it should be and may actually be quite reasonable.

      https://news.ycombinator.com/item?id=22317244

  7. Oct 2019
  8. Nov 2018
    1. n the Advanced Security Settings dialog box, make sure that SELF is listed under Permission entries. If SELF is not listed, click Add, and then add SELF.Under Permission entries, click SELF, and then click Edit.In the Permission Entry dialog box, click the Properties tab.On the Properties tab, click This object only in the Apply onto list, and then click to select the check boxes for the following permissions under Permissions:Read servicePrincipalNameWrite servicePrincipalName

      Permissions needed for AD account to write SPN name

    2. rant delegation permission to the SQL Server service account domain user account.

      Computer and SQL service accounts need to be grated delegation permissions in AD users and computers

    1. The client and server computers must be part of the same Windows domain, or in trusted domains. A Service Principal Name (SPN) must be registered with Active Directory, which assumes the role of the Key Distribution Center in a Windows domain. The SPN, after it is registered, maps to the Windows account that started the SQL Server instance service. If the SPN registration has not been performed or fails, the Windows security layer cannot determine the account associated with the SPN, and Kerberos authentication will not be used.

      2 main criteria for linked servers to pass through AD credentials

      1. be on the same domain
      2. have an SPN registered for the AD account running the SQL service