Author Archives: greenido

Business

How to Issue SSL Certificates on AWS with Certbot

SSL/TLS certificates are essential for any web application’s security, credibility, and functionality in today’s digital landscape.

Security is the primary reason certificates matter. They encrypt all data transmitted between users’ browsers and your server, protecting sensitive information like passwords, personal data, and payment details from interception by malicious actors. Without encryption, this data travels in plain text, making it vulnerable to man-in-the-middle attacks and eavesdropping.

Trust and credibility are immediately visible to users. Browsers display clear security indicators for HTTPS sites—a padlock icon and “Secure” label—while flagging HTTP sites as “Not Secure.” This visual cue significantly impacts user confidence and can directly affect conversion rates and user engagement.

Search engine optimization benefits are substantial. Google explicitly uses HTTPS as a ranking factor, meaning certificated sites receive preferential treatment in search results. This can significantly impact your site’s visibility and organic traffic.

Browser compatibility increasingly requires certificates. Modern browsers are progressively restricting features for non-HTTPS sites, including geolocation, camera access, and push notifications. Some browsers even block mixed content or display prominent warnings for HTTP sites.

Compliance requirements often mandate encryption. Many industry standards (PCI DSS, HIPAA, GDPR) require encrypted connections when handling sensitive data. Professional applications simply cannot operate legally without proper certificates in many regulated industries.

Ok, so we got the point that’s important (=critical) – If you’re a DevOps engineer working on an AWS-based setup and need to issue SSL certificates for a domain and its subdomains — like espressolabs.com and *.espressolabs.com — this guide is for you.

In this tutorial, we’ll use:

  • Let’s Encrypt for free SSL certificates
  • Certbot to automate the issuance
  • Route 53 for DNS-01 validation
  • Ubuntu EC2 instance
  • AWS Console
Continue reading
Standard
cloud, webdev

How to Use ngrok and LocalTunnel: Expose Your Local APIs to the World

Intro

As developers, we often face the challenge of testing our local applications with external services, webhooks, or mobile devices. Whether you’re developing APIs that need to communicate with AWS/GCP/Azure services, testing webhook integrations, or simply want to demo your work from different devices, exposing your localhost to the internet becomes essential.

This guide will walk you through two popular solutions: ngrok and LocalTunnel, showing you how to securely expose your local development server to the world.

What Are Tunneling Services?

Tunneling services create a secure tunnel from a public endpoint to your local machine, allowing external services to reach your development server without complex network configuration or deployment.

Common Use Cases

  • Testing webhooks from third-party services (Stripe, GitHub, etc.) — You can connect your local code directly and debug it more efficiently.
  • Sharing your work-in-progress with clients or team members — Instead of pushing it to some remote server. Useful in all the cases, where you are still ‘not ready’.
  • Testing mobile applications that need to connect to your local API — A must have in almost all cases.
  • Integrating with AWS services that require publicly accessible endpoints
  • Cross-device testing and debugging
Continue reading
Standard
webdev

Mastering Clean Code: 15 Key Lessons for Software Developers

Years ago (when Java was ‘new’), I got a recommendation from a good friend to check out “Ah, Clean Code by Robert C. Martin”. He told me, “It’s not just a book; it’s a must-read to anyone who wishes to be a professional software developer.”

He was right. This is still one of the top five books that I recommend developers read. It focuses on some simple but important concepts that will make your Code better, simpler, and easier to debug.

More than aesthetics, clean Code is about clarity, maintainability, and efficiency. Investing in writing clean Code might seem time-consuming, but it pays off exponentially in debugging, collaboration, and scaling efforts.

Think of messy Code as a tangled web: complex to navigate and easy to get stuck in. Clean Code teaches you to weave a well-structured tapestry instead—clear, elegant, and easy to extend.

Here are 15 powerful lessons every developer should carry from this book, with practical examples:

Continue reading
Standard
Business

Leveraging AI for Efficient Code Reviews

In today’s fast-paced development environment, leveraging AI tools for code reviews can significantly enhance productivity and code quality. As developers, we often work in isolation or wait hours (sometimes days) for our colleagues to review our pull requests. Large Language Models (LLMs) like GPT-4, Claude, and others can provide immediate feedback, spot potential issues, and suggest improvements within your favorite IDE.

This blog post explores how to craft effective prompts for LLMs when reviewing your code in VSCode, with specific examples for backend Node.js/Express developers and React frontend developers.

Continue reading
Standard
Business

Securing Your (NodeJS) Backend: A Comprehensive Guide to Preventing Common Attacks

Web security is a critical concern for any backend developer. If you’re building applications using Node.js and Express, it’s essential to safeguard your backend against common security threats such as SQL injections, cross-site scripting (XSS), cross-site request forgery (CSRF), and other vulnerabilities. This comprehensive guide explores these attacks in depth and demonstrates best practices to prevent them with practical coding examples.

Continue reading
Standard
Business

How to Set Up Nginx on Ubuntu with Let’s Encrypt SSL and Port Forwarding

Introduction

Setting up Nginx on Ubuntu (18+) with Let’s Encrypt SSL ensures that your website or application is secure and accessible over HTTPS, providing a safe browsing experience for your users. This process not only includes the installation of the Nginx web server but also entails configuring the server to handle SSL certificates issued by Let’s Encrypt, enabling automatic renewal of these certificates to maintain uninterrupted security. By following best practices for security and performance, you can optimize your server’s settings to ensure fast loading times and reliable uptime, which are crucial for retaining visitors and improving search engine rankings. Additionally, implementing SSL helps to build trust with your audience, as it demonstrates a commitment to protecting their data and enhancing their online safety.

In this guide, we will:

  • Install and configure Nginx.
  • Set up port forwarding for your Node.js application.
  • Obtain a free SSL certificate from Let’s Encrypt.
  • Ensure proper firewall and AWS security group settings.
  • Troubleshoot common issues.

Let’s get into it…

Continue reading
Standard
Business

The Science of Better Sleep: Lessons from Huberman

The Vital Importance of Sleep

We all know sleep is important, but few of us truly grasp just how critical it is to our overall wellbeing. According to a landmark study published in the journal Science, sleep deprivation is linked to a 10-30% increase in mortality risk. Research has demonstrated that even a single night of inadequate sleep can reduce immune function by up to 70%, while chronic sleep deprivation has been directly linked to increased risk of diabetes, cardiovascular disease, and Alzheimer’s.

Perhaps most striking is a 2017 study published in Nature showing that after just one night of less than six hours of sleep, the body shows measurable signs of metabolic dysfunction, with over 700 genetic changes occurring. Sleep isn’t just about feeling rested—it’s a fundamental biological necessity for cellular repair, memory consolidation, and emotional regulation.

With sleep playing such a crucial role in our health, Dr. Andrew Huberman’s evidence-based recommendations from his popular podcast offer valuable insights for optimizing our sleep. Watch or listen to some of his episodes on this topic here.

Let’s explore these practical strategies that can transform your sleep quality and overall health.

Continue reading
Standard
Business

Speeding Up Node & ReactJS Build Times

Speeding up Node or React build times on an EC2 instance involves optimizing your build process, leveraging the instance’s resources efficiently, and potentially tweaking your environment. Below are practical steps to reduce build times:

Continue reading
Standard
Chrome, JavaScript, webdev

Optimize NodeJS Apps in Production on Ubuntu

Why PM2 is Essential for Applications in Production?

When deploying a Node.js application in a production environment, ensuring stability, efficiency, and reliability is crucial. This is where PM2, a powerful process manager for Node.js applications, becomes an invaluable tool. PM2 simplifies process management, enhances performance, and provides robust monitoring capabilities. In this post, we’ll explore why PM2 is essential for running Node.js applications in production.

To ensure a Node.js app keeps running smoothly in production on Linux/Ubuntu, there are many ways to achieve this, but here are some of the essential steps that will help you elevate your application’s performance to the ‘next level’:

  1. Regularly monitor system resource usage to prevent bottlenecks
  2. Implement error handling and logging to quickly diagnose and fix issues as they arise
  3. Utilize process managers like PM2 or Forever to automatically restart your application in case of failures
  4. Ensure that your dependencies are always updated and secure to avoid vulnerabilities
  5. A bonus step: consider employing load balancing and clustering techniques to enhance the app’s scalability and availability. Nginx is great here even if you have one instance.

1. Use a Process Manager (PM2)

PM2 is a popular process manager for Node.js applications that provides automatic restarts, logging, and monitoring.

Install PM2 globally:

npm install -g pm2

Start your application with PM2:

pm2 start app.js --name myNodeJSAppButInProd

Managing different configurations for development, testing, and production environments can be cumbersome. PM2 allows you to define environment-specific variables using an ecosystem file:

module.exports = {
  apps: [{
    name: "my-app",
    script: "app.js",
    env: {
      NODE_ENV: "development",
    },
    env_production: {
      NODE_ENV: "production",
    }
  }]
};

This ensures that your application loads the appropriate settings based on the environment, reducing configuration errors.

Ensure PM2 restarts on reboot:

pm2 startup
pm2 save
Continue reading
Standard
Chrome, JavaScript, webdev

Top Resources to Learn JavaScript and TypeScript Effectively

JavaScript is the backbone of modern web development. TypeScript (TS)—its statically typed super-set — has rapidly gained traction in professional environments.

Whether you’re an aspiring developer or a seasoned programmer, this guide will help you level up your skills. It will assist you in navigating the learning path for JS and TS.

We’ll share various resources and courses to suit different learning styles. We will finish with three exciting project ideas to put your knowledge into practice.

Getting Started with JavaScript

Before diving into TypeScript, it’s crucial to have a solid understanding of JavaScript fundamentals.

Here are some steps and resources to get you started:

Continue reading
Standard