2025-11-03
pfSense — a tank in the world of firewalls.
Is updated less often, but runs for years without surprises.
🏢 Who pfSense is for
- Corporation with 100+ users
- Needs official support
- Has old but reliable hardware
- Value stability
📚 pfSense Features
- Multi-WAN and automatic failover
- Traffic Shaping — bandwidth management
- Captive Portal — guest authentication
- OpenVPN and IPsec — encrypted tunnels
⚙️ Installation
- ISO → USB
- Install → configure WAN/LAN
- In about 10 minutes — a ready firewall
Example HAProxy config:
2025-11-02
OPNsense — it’s like pfSense, but prettier, faster, and with an API.
Want an office firewall you wouldn’t be embarrassed to show your boss? Here it is.
💼 Who OPNsense is for
- Office of 10–50 people
- VPN for all employees
- Backup internet connection
- Modern web interface
🎨 Apple-like interface
- Dark theme
- Real-time graphs
- REST API for automation
- WireGuard out of the box
⚙️ Installation in 5 minutes
- Download the ISO from opnsense.org
- Write it to a USB stick (
dd or Rufus) - Boot → assign interfaces → done!
Auto-update via API:
2025-11-01
Imagine: an old router for 2000 ₽ blocks ads, shares a VPN, works as a Mesh system and doesn’t slow down even with 50 devices.
This is not magic — this is OpenWRT.
🏠 Who needs OpenWRT
OpenWRT turns an ordinary router into a mini-server. If you have at least one item from the list — it’s definitely time to try it:
- Want AdBlock for the whole house
- Need a VPN without a subscription
- Have an old router lying around
- Like to tinker with settings
90% of users install OpenWRT — and forget about the router forever.
2025-10-31
n8n is a powerful open-source workflow automation tool that allows building complex workflows without deep programming. One of the key scaling mechanisms in n8n is queue mode, where the main instance delegates task execution to separate processes called workers. Workers allow distributing load, enabling parallel workflow execution and improving system performance.
In the n8n community and practical guides, two types of workers are often distinguished: light workers and heavy workers. Although the official documentation doesn’t use these terms directly, they reflect differences in task types and configuration. Light workers are aimed at fast, frequent operations, while heavy workers handle resource-intensive tasks. In this article we’ll examine their differences, how they work, and why they are necessary for effective scaling.
2025-10-30
A PostgreSQL proxy or connection pooler is an intermediary application that sits between your client applications and one or more PostgreSQL servers. It speaks the PostgreSQL network protocol, which allows any standard client (for example, your web server or an application in Java/Python/Go) to connect to the proxy believing it is talking directly to a PostgreSQL server.
Unlike MySQL, where proxies are often used for read/write splitting (R/W split) or caching, in the PostgreSQL world the main task of a proxy is efficient connection management.
2025-10-28
MySQL Proxy is a proxy application that sits between client applications (for example, your web server) and one or more MySQL servers. It uses the MySQL Network Protocol, which allows any standard MySQL-compatible client to connect to the proxy without changes, believing it is talking directly to a MySQL server.
How MySQL Proxy Works
In its basic configuration the proxy simply forwards requests from the client to the MySQL server and returns responses back.
However the key feature of MySQL Proxy and its counterparts is monitoring, analyzing, and modifying the passing traffic:
2025-10-25
In the world of modern applications, especially in the era of AI and big data, storing unstructured data is a key challenge. MinIO is a high-performance object storage distributed under the AGPLv3 license. It is fully compatible with the Amazon S3 API and allows you to deploy storage locally or in the cloud. Designed to scale to exabytes, MinIO is ideal for AI/ML workloads, analytics and web applications. In this article we’ll cover why it’s useful for a developer, evaluate pros and cons, and look at alternatives.
2025-10-21
Tired of intrusive ads that slow down page loads and track your every move?
Browser extensions are good, but what if you could block ads for your entire home network — smartphones, Smart TVs and IoT devices — all at once?
Meet: Pi-hole. It’s a free open-source tool that turns your small computer (for example, a Raspberry Pi) into a DNS server and network-wide ad blocker. It works at a level browser plugins can’t reach, providing a clean and fast internet for all your gadgets.
2025-10-13
Introduction
Sysinternals is a collection of free utilities from Microsoft, created by Mark Russinovich and Bryce Cogswell.
It helps system administrators access low-level information about Windows Server: processes, the file system, network connections, and autostart.
The suite includes more than 60 tools and is the de-facto standard for troubleshooting and diagnostics.
Key features
- CPU, disk and memory performance diagnostics.
- Troubleshooting application crashes and errors.
- Security monitoring and analysis of suspicious processes.
- Remote administration via PsTools.
- Work with Active Directory and services.
Key utilities
| Utility | Purpose | Interface |
|---|
| Process Explorer | Advanced Task Manager; shows process relationships, loaded DLLs and handles. | GUI |
| Process Monitor (ProcMon) | Monitors file, registry and network operations. | GUI |
| PsTools | Remote management suite (PsExec, PsList, PsKill). | CLI |
| Autoruns | View and manage program and service autostart entries. | GUI |
| TCPView | Monitor all TCP/UDP connections and associated processes. | GUI |
| Sysmon | Logs security events and system changes. | CLI |
Practical scenarios
- Slow system boot — use
Autoruns to disable unnecessary autostart items. - “File in use” error —
Handle or Process Explorer will show which process holds the file. - High CPU load —
PsList or Process Explorer can help find the source. - Suspicious network activity —
TCPView will show who is establishing connections. - Security auditing — configure
Sysmon and analyze logs in the Event Viewer.
Sysinternals is great for automation. With PsExec you can run PowerShell scripts or CMD commands on dozens of servers at once.
For example, to restart the Windows Update service:
2025-10-10
Thanks to Let’s Encrypt HTTPS has become the standard for the entire internet. This project made it possible for any site administrator to get a free SSL certificate in just a few commands.
But other players have appeared on the market, offering more convenience, integrations, and flexibility.
If you want to try something besides Let’s Encrypt — below is an overview of the most reliable and popular alternatives.
1. ZeroSSL — same automation, but with a friendly interface
ZeroSSL (Austria) — the main competitor to Let’s Encrypt. It is fully compatible with the same ACME protocol, but emphasizes convenience.
