IT notes

redis over TLS

Using socat: brew install socat Create the tunnel: socat -v TCP-LISTEN:6379,fork,reuseaddr ssl:your.redis.example.com:6379 Use redis-cli as usual

nginx + lua + redis

Basic WAF example using lua + redis within nginx. -- -- lua_package_path "/usr/share/lua/5.1/nginx/?.lua;;"; -- lua_shared_dict ip_blacklist 4m; -- local redis_host = "your.redis.tld" local redis_port = 6379 local redis_connection_timeout = 300 local redis_pattern = "block-" local cache_ttl = 3 -- seconds local ip = ngx.var.remote_addr local ip_blacklist = ngx.shared.ip_blacklist local last_update_time = ip_blacklist:get("last_update_time"); -- block if ip found in the local nginx dict if ip_blacklist:get(ip) then ngx.log(ngx.DEBUG, "Banned IP detected and refused access: " .