2024: "Hey Google, wo kaufe ich X?"
2025: "Hey ChatGPT, kauf mir X."
Seht ihr den Unterschied?
Euer Shop auch?
Magento + Agentic Commerce.
Kommt zum morgigen Stammtisch in #Berlin - oder einfach online reinschauen!
www.phoenix-media.eu/de/magento-s...
Am 23.7. ist wieder #Magento Stammtisch bei uns in #Stuttgart! Dieses mal erwarten euch News zu den #Adobe Commerce #SaaS Produkten. Seid dabei - online oder gerne auch in-person! 😍
Weitere Informationen zu den Speaker und den Link zur Anmeldung findet ihr hier: bit.ly/MeetUp-Event
I'm not saying a #WAF isn't essential, but looking at the #ModSecurity logs, I have to say: #Magento is a really robust #eCommerce solution, hardened against many attack vectors. It's impressive to see how much it blocks out of the box.
Phil from #Linbit states: "With the presence of #NVMe drives, I think the time of hardware #RAID controllers is over. RAID1 below #DRBD does not make sense. Set the replica count on the DRBD level to fit your trade-off between cost and resilience against drive failures."
Love it!
I worked intensively with @linbit support to track down a strange network issue in the latest #DRBD version. Last night, we received a PTF version that resolved the issue.
If you love open-source, still consider signing up for professional support - it’s definitely worth every $!
I didn’t expect this, but analyzing #WAF logs is actually pretty interesting. The techniques malicious bots use to trick an application are quite impressive. And it’s mind-blowing how many attacks hit your server every day.
Just found in the log 😅: SQLi bypass attempt by ticks or backticks detected
Matched Data: `600Jq6u` found within ARGS:login[password]: avTq4Y`600Jq6u`bHp`'YIdLH(n62y>=FX&Dr,zp{z[F
#WAF #security
What strategies do you employ to fine-tune a Web Application Firewall (WAF) for specific applications? How do you efficiently analyze large log files to identify false positives? #WAF #cybersecurity #webappsecurity
Tip: Exclude password parameters in #WAF rules – special characters can easily resemble a Remote Command Execution (RCE) 😅
Hard work pays off! Passed the Certified Kubernetes Administrator (CKA) exam with a score of 84!
Time to kubectl apply my skills! 😎
www.credly.com/badges/e9054...
Innovations should enhance #UX - but that doesn’t seem to have been a concern when designing the GW API. But hey, now we have an abstraction for web server configuration languages in YAML, with fancy features like HTTPRoutePathRedirect or HTTPRouteResponseHeaderModification 😅 #K8S
The 'GitLab Access Token Updater/Rotation Manager' is pretty close to the generic solution I had in mind: it renews a list of tokens, handles post-actions, and triggers hooks after rotation. Worth a try!
github.com/iomarmochtar...
Interesting proposal on automated rotation of tokens using GitLab CI/CD jobs: gitlab.com/gitlab-org/g.... This seems to be a highly requested feature!
Expiring access tokens are annoying. Surprisingly, there doesn’t seem to be a tool for easy rotation and client updates. So I wrote a script to automate the renewal for our use cases. #DevOps #toil
Is it okay to say that I don't like the #K8S Gateway API? It feels like manually inserting a complex object into a relational database - only to debug every single entity when it doesn't work.
The good old Ingress resource just gets the job done ❤️
🚀 Exciting news, Magento developers! We’ve just released n98-magerun2 8.0.0! This significant update drops PHP 7 support but opens doors to new features that'll elevate your development experience!
magerun.net/n98-magerun2...
#Magento #Magerun2 #MageOS #Hyva
Exciting update coming soon for our #Magento2 #Helm Chart! v2.8 will include #OWASP CRS integration for Magento2, enhancing security with #ModSecurity.
We’d love your feedback! Test it out & help us fine-tune the #OWASP rules for Magento2. 🔧🔥
github.com/PHOENIX-MEDI...
🚀 Updates incoming! We've rolled out some exciting improvements:
- Latest Magento 2.4.7-p4 with PHP 8.3 image
- New Base Images for PHP 8.3 & 8.4
- Now based on official PHP FPM Alpine images
- AMD & ARM builds available!
hub.docker.com/u/phoenixmedia
#Magento #Docker #DevOps
Kubernetes anti patterns that belong in the 🗑️ in 2025 🧵 (#10 will trigger many)
1) Secret injection in manifests.
Come on, what are we doing here? We have external secrets, the problem is solved. Stop shoving this stuff into manifests.
Container haben sich in der lokalen Entwicklung und in CI/CD-Pipelines längst etabliert. Doch in der Produktion scheuen viele Unternehmen den Einsatz – meist aus Angst vor vermeintlicher Komplexität. Doch diese Zurückhaltung ist ein Fehler!
www.linkedin.com/pulse/contai...
Today is patch day for Magento / AC with 2.4.4-p12, 2.4.5-p11, 2.4.6-p9, 2.4.7-p4 !
The list of vulnerabilities is long and the CVE scores high. Apply the patches ASAP!
helpx.adobe.com/security/pro...
Patches for the most critical CVE are also available:
experienceleague.adobe.com/en/docs/comm...
Tuning #OWASP CSR for #Magento2. Already have a collection of conflicting rules: github.com/PHOENIX-MEDI...
Anyone experienced with #ModSecurity and #OWASP rules and can share knowledge?
Vielen Dank fürs teilen, dadurch habe ich einen guten Vergleich zu meiner Anlage mit süd-ost Ausrichtung! Zwar habe ich etwa nur die Hälfte der Module installiert aber eine fast doppelt so hohe Produktion pro kWp und komme im Januar damit immerhin auf 429kWh ☀️
Kicking off a new development cycle for our #Magento2 #Helm chart by updating sub-charts: github.com/PHOENIX-MEDI....
Already fixed an annoying issue with cron job pod shutdowns.
Now working on integrating #ModSecurity with #OWASP CRS for #WAF capabilities.
Want to contribute or have feature ideas?
🚀 Proud to release the first version of our #ModSecurity #Helm chart! This Helm chart deploys ModSecurity with the official #OWASP Core Rule Set (CRS) Docker container allowing users to integrate a Web Application Firewall (WAF) into their infrastructure.
github.com/PHOENIX-MEDI...
After a year it was time for a #Magento2 #Helm chart update: Try the latest Magento OpenSource 2.4.7-p3 in your #k8s cluster!
github.com/PHOENIX-MEDI...
I highly recommend @markshust.com‘s deep dive on the #Git Ship workflow. We use (almost) the same approach and it works great for our teams! 🤩
m.academy/articles/git...
