DEV Community: Estevez Ben Lajamin

Query Explain Type

Estevez Ben Lajamin — Tue, 20 Aug 2024 04:37:20 +0000

ALL: This type indicates a full table scan where no index is used. It’s generally the slowest option since it scans the entire table.

index: This type represents a full index scan, meaning the entire index is scanned rather than just part of it. It's faster than a full table scan but can still be slow for large indexes.

range: Used for range queries, this type indicates that a range scan is being used on the index. It's more efficient than a full table scan for queries involving ranges.

ref: This type is used when a non-unique index is used to retrieve rows that match a single value or a set of values. It's more efficient than ALL or index for certain queries.

eq_ref: Indicates the use of a unique index where the query matches a single row. It’s very efficient for queries that involve unique indexes.

const: This type is optimized for queries using a primary key or unique index. It’s very fast as it typically returns at most one row.

unique_subquery: This type is used when a unique index is utilized within a subquery. It’s efficient for subqueries with unique constraints.

fulltext: This type shows that a full-text index is being used, which is optimized for text search operations.

primary: Indicates that the primary key index is being used, which is typically the most efficient method for primary key lookups.

[Adventure to Cybersecurity] Common DNS records

Estevez Ben Lajamin — Fri, 05 Apr 2024 02:57:49 +0000

Think of DNS records like entries in a phone book. When you want to call someone, you look up their name in the phone book to find their phone number. Similarly, when you type a website's name into your browser, your computer looks up that name in a DNS database to find the website's address (like a phone number) so it knows where to go.

A Record (Address Record): Used for IPv4 addresses.

AAAA Record (IPv6 Address Record): Similar to the A record, but for the newer IPv6 addresses.

CNAME Record (Canonical Name Record): Used to alias another domain. eg. if you have a domain www.example.net and subdomain blog.example.net, you can use CNAME to point these two to the same ip address. In other way, if you type either one of the domains, it will still showing the same content.

MX Record (Mail Exchange Record): Imagine it as the postal address for email. It tells email servers where to deliver emails for a domain.

TXT Record (Text Record): Think of it as leaving a note. It stores additional text information about a domain, like verification details or security settings.

NS Record (Name Server Record): Like listing the names of phone book publishers. It tells the internet where to find the authoritative name servers for a domain.

PTR Record (Pointer Record): It's like reverse lookup in a phone book. It maps an IP address back to a domain name. (Usually domain owner don't have this control, only the ISP)

SRV Record (Service Record): It's like a directory of services. It provides information about specific services available within a domain, like chat or email. (eg, like a list of gaming server, when client call they will get a list of server and then made the decision which server to call based on the priority and weight)

Subscribe my YouTube channel for my adventure on breaking to cybersecurity. :)

[Estevez Ben Lajamin](https://www.youtube.com/channel/UChR0Pyvibwn_2j6QwfuwZNA)

System Design: Hybrid WebApp using server sent event

Estevez Ben Lajamin — Fri, 05 Apr 2024 02:20:30 +0000

What is a server sent event?

A client subscribes to a “stream” from a server and the server will send messages (“event-stream”) to the client until the server or the client closes the stream

Why such system design?
I am required to design a system architecture that requires on-prem WebApp to be able to interact with Cloud Web App.

Cloud Web App will act as a SAAS service for on-prem WebApp. Each on-prem WebApp is unique for each building. I did the design using websocket and Apache Pulsar but realized that although these two were able to solve the problem, it took a lot more time and ended up dragging the deadline.

Why do I choose a server sent event instead of websocket or publish subscribe mechanism like Apache Kafka or Apache Pulsar?

Complexity on implementing
Complexity of hiring expertise
Complexity on distribution (Human Training)
Lack of team member (There only 2 of us)

Diagram

Laravel route code

Route::get('/sse/{id}', function ($id) {
    $random_string = chr(rand(65, 90)) . chr(rand(65, 90)) . chr(rand(65, 90));
    $data = [
      'message' => $random_string,
      'name' => 'Sadhan Sarker',
      'time' => date('h:i:s'),
      'id' => $id,
    ];

    $response = new StreamedResponse();
    $response->setCallback(function () use ($data){
      echo 'data: ' . json_encode($data) . "\n\n";
      ob_flush();
      flush();
      usleep(200000);   

    });
    $response->headers->set('Content-Type', 'text/event-stream');
    $response->headers->set('X-Accel-Buffering', 'no');
    $response->headers->set('Cach-Control', 'no-cache');
    $response->headers->set('Access-Control-Allow-Origin', '*');
    $response->send();
});

Nodejs EventSource client

var ess = require('event-source-stream')

ess('http://mydomain.com/sse/1122')
  .on('data', function(data) {
    console.log('received event:', data)
  })

NGINX Configuration

server {
    listen 80;
    server_name mydomain.com;
    root /var/www/mydomain.com/wee/public;

    index index.html index.htm index.php;

    location / {
        ## try_files $uri $uri/ =404;
        try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php/php8.0-fpm.sock;
     }

    location ~ /\.ht {
        deny all;
    }
}

Benefits on using server sent event

Reduce complexity of entire system design. (Compared with websocket and pubsub)
Easier and faster to code.
Not require prior knowledge on websocket or pubsub.
Less changes on software distribution. (If you're in a desktop software business, even a slight changes will cause a lot of problems especially if you're dealing with non technical peoples)

Note that this blog post is meant to help you on designing your system better and give you a sense on where to start. The codes are merely just for education and demonstration purposes.Feel free to code based on your use case.

Peace out :)

[Adventure to Cybersecurity] How DNS Work

Estevez Ben Lajamin — Fri, 05 Apr 2024 02:16:30 +0000

DNS, or Domain Name System, is like the internet's phonebook. It translates human-readable website addresses into computer-friendly IP addresses. eg. www.example.com to 192.168.12.45

Subscribe my YouTube channel for my adventure on breaking to cybersecurity. :)

[Estevez Ben Lajamin](https://www.youtube.com/channel/UChR0Pyvibwn_2j6QwfuwZNA)

[Adventure to Cybersecurity] Diagram on how DNSSEC work

Estevez Ben Lajamin — Fri, 05 Apr 2024 02:11:56 +0000

DNSSEC adds an extra layer of security to the Domain Name System (DNS) by allowing DNS clients to verify that the responses they receive from authoritative DNS servers are authentic and haven't been tampered with.

Subscribe my YouTube channel for my adventure on breaking to cybersecurity. :)

[Estevez Ben Lajamin](https://www.youtube.com/channel/UChR0Pyvibwn_2j6QwfuwZNA)

How SSL certificate works? Easy reference

Estevez Ben Lajamin — Thu, 05 Aug 2021 13:37:54 +0000

SSL certificate plays an important role in building trust between a browser and a web server. Below is a simple sequence diagram that I created for easy reference and understanding.

A digital signature is create by a CA's private key.

Hope this help :)

Reference LINK:
How SSL certificate works? by Sunny Classroom

How-to-use guide for SSH

Estevez Ben Lajamin — Fri, 09 Jul 2021 14:46:32 +0000

If you want to watch the video version of this, here the link (https://youtu.be/lWWlEDRO2uo).

SSH Authentication Methods

Password [Using your server's user's password]
Public/Private Key Pair

Don't use root to login. Instead create a new user

Create a new user

adduser chloe[Can be any name]

Now add chloe to sudo group

sudo usermod -aG sudo chloe.

Since you created a new user, add the public key to that user .ssh folder. It's usually located at /home/chloe. Create a new .ssh folder and create authorized_keys if not exist and paste public key inside.

# Login into remote server and navigate to /home/chloe
# Create a new .ssh folder
sudo mkdir /home/chloe/.ssh

# Create file 'authorized_keys'
# Paste client public key inside
# Save it
sudo nano authorized_keys

Next, change the ownership of the folder to chloe.

sudo chown -R chloe:chloe /home/chloe

chown - change ownership
R - Everything
chloe:chloe - user:group
/home/chloe - folder path

Now, on client side, if you're using new public/private key pair then you have to add them.

ssh-add /path/to/privatekey [eg. ~/.ssh/id_rso_new]

[optional]There a possibility that ssh agent inactive. Active by run

eval `ssh-agent -s`

That all. Hope the steps simple enough to understand. Peace :)