Share experience of Web development & tell stories of product development

Hot Weekly

Transforming the Blog into "Web is on the edge"

Transforming the Blog into "Web is on the edge"

Transition from traditional server hosting to an "Edge" and "Serverless" architecture for their blog and services

Discussion on Load Balancing

Discussion on Load Balancing

Load balancing, an important technique in distributed systems to ensure performance, availability, and scalability of applications. It helps systems operate stably under unpredictable traffic from users.

Discussing the npm run build command – why is it necessary to build?

Discussing the npm run build command – why is it necessary to build?

npm run build command, which is essential for JavaScript developers preparing to release applications.

How to Delete a Pushed Commit

How to Delete a Pushed Commit

How to delete a pushed commit in Git, addressing a common issue many users face. It highlights that while some resources provide guidance on deleting unpushed commits, the process for pushed commits is more complex and risky.

Measuring the Execution Time of Functions in JavaScript in a Graceful Way

Measuring the Execution Time of Functions in JavaScript in a Graceful Way

The execution time of functions in JavaScript to identify performance issues in applications. It highlights the challenges developers face when unexpected problems arise, such as slow API responses due to certain functions taking excessive processing time.

Search smartly

- 🏷️webhook
- 🏷️security
Some Security Methods for Webhooks
Recently, I had the task of researching the integration of App Store Server Notifications, a type of webhook, to receive notifications from Apple on my server. During the integration process, I discovered some interesting details that I think would be helpful to share. If you're not familiar with what a webhook is, you can refer to the article What is a Webhook? When to Use Webhooks. We all know about making purchases within applications. When a purchase is successfully made, Apple sends a notification to our server, which contains...
🕝1 year ago
- 🏷️other
- 🏷️ddos
I'm Under DDoS Attack
Since the moment I started building my website, I have always considered the possibility of it being targeted for destruction. There are various forms of attacks such as DDoS, spam, or attacks on certain security vulnerabilities... Do you think I have made any enemies that I should be worried about? Actually, no, I have never had any conflicts with anyone, but I can't escape the "watchful eyes" of these malicious actors on the internet. This is not the first website I have built, so paying attention to these unfriendly behaviors is not new to me...
🕝1 year ago
Premium
Me & the desire to "play with words"
Have you tried writing? And then failed or not satisfied? At 2coffee.dev we have had a hard time with writing. Don't be discouraged, because now we have a way to help you. Click to become a member now!
Have you tried writing? And then failed or not satisfied? At 2coffee.dev we have had a hard time with writing. Don't be discouraged, because now we have a way to help you. Click to become a member now!
View all
Me & the desire to "play with words"
Writing is one of the important skills for many people. Research shows that an average person spends 45% of their communication time listening, 16% reading. However, between speaking and writing is very different. While listening is passive information reception, reading is active. Although listening accounts for most of the time, the effectiveness is not high. For example, students usually only remember 50% of the information they hear after 24 hours and decrease to 25% after two weeks. Meanwhile, writing skills are considered important in professional environments.

At 2coffee.dev, we have over 4 years of writing experience. During that time, we continuously innovate learning and writing methods. Showing that writing is a skill that can be honed every day. If you are a beginner or still struggling with how to write a blog post, or even write everything, then don't hesitate any longer. Become a member to learn about our writing skills.
* Membership package is not available. Please come back later.
I understand
- 🏷️javascript
Backdoor in JavaScript Applications through Invisible Character Attacks and Homoglyph Attacks
A backdoor is a method to bypass regular authentication or create a "secret entrance" to remotely access a software system without typical authentication. Backdoors attempt to avoid detection through common monitoring methods like code reviews, logging, etc. Imagine being responsible for developing an API system and cleverly creating an endpoint that no one knows about except you, allowing you to easily steal user information...
🕝2 years ago
- 🏷️other
What is MIME Sniffing? How to Protect Your Website from MIME "Guessing" Attacks
As you may already know, alongside securing your website on the server side to ensure that no one can access it and perform unauthorized actions, client-side security is also crucial. Popular web browsers are constantly being updated with security patches and additional technical specifications to enhance their security. Every user wants a browser that offers maximum protection.
🕝2 years ago
- 🏷️security
- 🏷️other
HSTS and Protecting Websites from Man-In-The-Middle Attacks
Protecting your website and its users from the dangers of the internet is always an important task. No one wants their website to be compromised or cause serious harm to its users. Technical specifications are constantly being updated to find solutions to prevent or at least minimize potential threats to your website and its users...
🕝2 years ago
- 🏷️browser
- 🏷️xss
Preventing XSS Attacks with Content Security Policy (CSP)
Content Security Policy (CSP) is an additional security layer that helps detect and mitigate certain types of attacks, including Cross-Site Scripting (XSS) and data attacks. These attacks can be used for various purposes, from data theft and website defacement to distributing malware...
🕝2 years ago
- 🏷️jwt
- 🏷️authentication
What solutions are there to invalidate jwt tokens (jwt access tokens) when a user logs out?
Authenticating users through token-based authentication is becoming increasingly popular as the client-server model is widely used. While session or cookies were commonly used to identify user sessions in the past, now we have another option which is token-based authentication, especially jwt...
🕝2 years ago