Blacklisting IP Addresses in Apache 2 Web Server

Operating System : Ubuntu

Web Server : Apache 2.4.48

Objective : Blacklist IP Addresses to block it accessing the web application

Steps To Finish Line: 

Step 1: Enable rewrite apache module by executing `a2enmod rewrite` in your bash terminal. Read a2enmod command as "Apache2 Enable Module". Its complementary command to disable an apache module is a2dismod. Putting it here, just in case you want to rollback your changes for whatever reason it be.

Step 2: Edit the Apache configuration file for the default website by executing `vi /etc/apache2/sites-enabled/000-default.conf` in your bash terminal to add the lines below:

so that the configuration file looks like below:

Step 3: Now create a file to hold black listed IP Addresses by executing command `vi /etc/apache2/blacklist` in your bash terminal and add your IP Addresses to be black listed like below in the file opened for editing in the previous step:

Step 4: You may have to change the blacklist file's ownership by executing the command in your bash terminal:

Step 5: Last step to reach the finishing line. Restart the apache2 web server with `sudo service apache2 restart` command in your bash terminal and check for its status by executing, `sudo service apache2 status` to see if it is running again.

Configuring Google Ops Agent for Monitoring Apache 2 Web Server in Ubuntu VM

Google Cloud released Ops Agent as GA in Jan 2021. The Ops Agent collects logs and metrics on Compute Engine instances, sending your logs to Cloud Logging and your metrics to Cloud Monitoring.

I performed the following steps to get this working in the Ubuntu VM in my Google Cloud account.

Step 1 : Install the latest version of the agent per the docs. 

Step 2 : Create and edit `/etc/google-cloud-ops-agent/config.yaml` which is a user-specified configuration that will over-ride built-in configuration for same keys and merge with built-in configuration for different keys. This config file should have the content below:

Step 3 : Restart the agent for the custom configuration to above to take effect. You can restart the agent by executing `sudo service google-cloud-ops-agent restart` in your bash terminal. You can list the available versions of the agent with `sudo apt-cache madison google-cloud-ops-agent`.

Step 4 : To ensure that the agent is ingesting the custom log path, (in our case apache's logs), exec `cat /var/log/google-cloud-ops-agent/subagents/*.log | grep apache` in your bash terminal to see if it shows any output.

NOLOCK in SQL Server ain't your friend

If you are in a team that is obsessed with NOLOCK hints to your SQL queries, because you think it is faster and an all weather reliable friend, this post is for you to help you understand why you should avoid it (almost always) for it is not your friend. 

NOLOCK in SQL Server is often abused as if it is the magical way to speed up read queries. It is unfortunate that teams forget that "there is NO Free Lunch". Every action is trading off one thing for the other and so when you take an action, be aware of what you are trading to give to get something.

The Exceptional Circumstances You Can Use NOLOCK

• When you are querying live DB for some Reporting, where some bad data doesn't alter the overall aggregate numbers that you compute.
• When you are using WITH (NOLOCK) for SELECT query in reporting database where data are already written and committed.
• When you are querying a live production DB to take a peak into it and not use the result as a source of truth, knowing that it might have bad data in it.

Unravelling NOLOCK

• NOLOCK is a Table Hint in T-SQL, that tells the Query Optimizer (which can generally pick the best optimization method without any hints being given to it) on what is the better way to execute the said query, as its author is an expert DB specialist who is fully aware that the data could well be bad and that it is alright.
• NOLOCK is synonymous to READUNCOMMITTED isolation level. Reading uncommitted data implies that you are potentially reading data before it is being committed. 
• In an OLTP database where there are a lot of transactions happening, the database is intelligent to consider INSERT, UPDATE and DELETE statements with higher priority over SELECT query. Write has higher preference over Read. Why bother changing this status quo of inherent intelligence?
• In a highly transactional table NOLOCK hint yields you faster READs having UNCOMMITTED data that could potentially turn out to be bad if it is uncommitted.
• When you are employing WITH(NOLOCK) hint, you are trading rare Dead-Lock occurrence possibility and with Bad Data. 

Conclusion

Always use the NOLOCK hint with great caution and don't be fooled into believing that the results are absolutely true.

Book Review : Hands-on Azure Boards: Configuring and Customizing Process Workflows in Azure DevOps Services

Book Title: Hands-on Azure Boards: Configuring and Customizing Process Workflows in Azure DevOps Services

Author: Chaminda Chandrasekara

Publisher: Apress

My Ratings : 4/5

My Review: 

First off, this book is not your guide to learn the WHYs in Azure Boards. You are expected to have experience in Agile Project/Program management to know the WHYs on the Agile ceremonies or that you got to grab another book for this.

When you have the experience and knowledge on the Agile ceremonies and are looking to adopt Azure Boards for your teams like I had to in my team but don't know where to look at, this book should come to your rescue. It demonstrates it hands-on with screenshots of the GUI and is well organized into relevant topics, that makes you productive with Azure Boards. It served me well and I have recommended it to my team managers and so would to any manager wanting to adopt Azure Board for your project/product management.

Go get your copy and get productive :)

Note: The same is shared in Goodreads as well, where you can follow me for my reviews on books I read.

Book Review : Elasticsearch 7 Quick Start Guide

The author lived up to the expectations of the book title, especially the book serving as "Quick Start Guide" and I am thankful to it. In days of chaotic full-stack development and technology changes, you need a go to book for quick refresher on topics. This book serves that purpose and in fact has gone beyond in the sense that that author also shares some of the best practices based on his experience which are both valid and unfortunately no practices in many implementations.

If your team is using Elasticsearch, I would recommend you have at least a copy of this book as team's go to reference manual.

If you have O'Reilly's Safari Online subscription like I do, you can check it out there.

Check out my review of this book in GoodReads.