2025-11-27
If your business works with users from Russia, the question of where personal data is stored concerns you directly. Phones, names, email addresses, form submissions, employee data — all of this falls under strict localization requirements.
Many companies have lived for years in a “gray area”: data seemed to be stored both in Russia and abroad, and responsibility was blurred. But as of July 1, 2025 the rules changed so much that many common technical schemes are now considered a direct violation of the law.
2025-11-18
If you use n8n for automations involving large language models (LLM), you probably know not only about their huge capabilities but also about the risks. LLMs remain a “black box”: they can accidentally disclose personal data, generate toxic content, or fall victim to prompt injection.
Until recently, you had to “wrap” an AI workflow with many IF nodes and complex Regex checks. It was cumbersome and unreliable.
Since version 1.119.0 n8n includes the Guardrails node — and it’s truly a game-changer. It’s your personal security layer that you can place at the input and output of any AI process.
2025-10-24
In a world where data privacy and access to resources are often restricted by geoblocks or corporate policies, tools like ProxyChains become indispensable assistants. ProxyChains — or more precisely its modern fork ProxyChains-NG — is an open utility for Unix-like systems (Linux, macOS, etc.) that allows routing the network traffic of any application through a chain of proxy servers. It is especially popular among developers, pentesters, and security enthusiasts. In this article we’ll cover what ProxyChains can do, why it’s useful for developers, provide usage examples, and discuss its limitations.
2025-09-24
Introduction
After we figured out insecure FTP, it’s time to meet its secure successors.
Here’s where confusion often arises: many people think FTPS and SFTP are the same thing.
In reality, these are two completely different protocols — with different histories and principles of operation.
What is FTPS? (FTP + Security)
FTPS (FTP over SSL/TLS) is a direct evolution of classic FTP. It takes standard FTP and “wraps” its connections in the cryptographic protocol SSL/TLS (the same one that protects websites via HTTPS).
2025-09-22
Getting a new VPS is just the beginning. By default, the server is insecure and not ready for production use. This checklist will help you step by step to prepare your VPS: close security holes, enable updates, and configure the basic infrastructure.
1. First login and changing the root password
Connect to the server via SSH:
Change the temporary password to your own unique and complex one:
2. Create a new user with sudo
Working as root all the time is dangerous. Let’s create a regular user:
2025-09-10
In the previous article, we deployed a basic Jitsi Meet server using Docker.
Now let’s look at how to secure your server, enable authentication, and optimize performance for stable video calls.
Authentication: Invite-Only Access
By default, Jitsi Meet allows anyone to create rooms. To restrict access — enable Secure Domain.
- Open the
.env file and find the Prosody (XMPP server) section.ENABLE_AUTH=1
AUTH_TYPE=internal
Here, internal means that users will be stored locally.
2025-08-27
The Problem with Certificates at Scale
In previous articles, we discussed that OpenVPN uses certificates for authentication. This method is reliable but has significant drawbacks:
- Inconvenience for users: Each user must manually receive and install their own certificate.
- Complex management: When an employee leaves, their certificate must be revoked, which requires extra steps.
- Lack of centralization: Each service that requires access has its own authorization system.
The solution to this problem is using a centralized identity provider such as Keycloak.
2025-08-25
OpenVPN: A Time-Tested Standard
Introduction
In a world where the speed and simplicity of WireGuard have become the new standard, OpenVPN remains one of the most reliable and flexible VPN protocols. It works both on traditional computers and on networking equipment, providing cross-platform compatibility and a high level of security. However, to understand how to use it, it is important to distinguish between the protocol itself and its client applications.
2025-08-23
When Control Matters Most
Services like Tailscale and NetBird are convenient, but they rely on a third-party control server responsible for authentication, key distribution, and route exchange. For those who, for security or privacy reasons, don’t want to entrust this function to anyone, there are two paths: Headscale and “pure” WireGuard.
Headscale: Your Own Tailscale
Headscale is a fully open-source implementation of Tailscale’s control server. It allows you to deploy your own Tailscale alternative on a VPS or server while still using the official Tailscale clients.
2025-08-22
When Zero-config VPN Means More Than Just Tailscale
Although Tailscale has become the benchmark for simplicity, it’s not the only player in the Zero-config VPN field. ZeroTier and NetBird offer similar functionality but with important architectural and ideological differences.
ZeroTier: A Virtual Ethernet Switch
ZeroTier is one of the first and most well-known services implementing the mesh network concept. It works on the principle of a virtual local network. Instead of relying on the WireGuard protocol, ZeroTier uses its own protocol and creates a virtual L2 switch (Layer 2) that unites all devices into a single local network. Each device gets an IP address from a virtual subnet and can “see” other devices as if they were connected to the same physical switch.
