Blog
Sharing insights on web development, security, and tools
2025
12/08
DevOps11 min read
Cron Expressions from Basics to Mastery: The Logic Behind 5 Fields and the Traps to Avoid
Five fields look simple — get one wrong and your daily backup might run once a year. This guide systematically covers cron syntax, dialect differences, common mistakes, and real-world examples.
11/17
Self-Hosted14 min read
The Self-Hosted Stack: Run Your Own Cloud with Docker Compose
Move Google Drive, password manager, photos, notes, and monitoring onto your own server. This guide strings 10 worth-it self-hosted apps together with Docker Compose, adds a reverse proxy and backup strategy, and gives you a private cloud that's 100% yours.
10/27
Security12 min read
Hash Algorithms Compared: How to Choose Between MD5, SHA-1, SHA-256, and bcrypt
Can MD5 still be used? Should passwords use SHA-256? bcrypt or Argon2? This guide uses real breach incidents to map every hash algorithm to its right scenarios — and which mistakes you absolutely must avoid.
10/13
Security14 min read
Modern Cryptography Cheat Sheet: Symmetric, Asymmetric, Hashing, Signatures — Which to Use?
AES or ChaCha20? RSA or Ed25519? When do you reach for digital signatures versus HMAC? This guide draws a single decision tree across the four core primitives of modern cryptography, with five mistakes every developer eventually makes.
09/22
Development13 min read
Regex from Zero to Mastery: 5 Real-World Patterns and the Catastrophic Backtracking Trap
Regex is the developer's daily bread — and a frequent source of bugs and outages. This guide covers core syntax, five real-world patterns (email, URL, IP, log parsing), and the catastrophic backtracking that took Cloudflare down globally in 2019.
09/08
Security14 min read
The Complete JWT Guide: Internals, 5 Security Pitfalls, and Production Best Practices
JWT solves stateless authentication in a single string — and brings a whole catalogue of security pitfalls with it. This guide walks the three-part structure, alg=none attacks, key leakage, refresh token design, and everything you actually need to know to use JWT in production.
