Pull to refresh
0.35

Amazon Web Services *

Infrastructure of cloud web services platforms

Show first
Rating limit
Level of difficulty

Cloud Communications: Understanding UCaaS, CCaaS, and CPaaS

Level of difficultyEasy
Reading time4 min
Views1.3K

In today's world, where businesses increasingly rely on effective communication, cloud technologies offer a wide range of solutions to optimize interactions both within the company and with customers. Three of the most popular options are UCaaS, CCaaS, and CPaaS. While they all fall under the umbrella of cloud communications, their functionality and applications differ significantly. Let's delve into the details.

UCaaS (Unified Communications as a Service)

UCaaS unifies various communication channels, such as voice calls, video conferencing, messaging, and email, into a single platform. This allows employees to easily communicate and collaborate with each other, regardless of their location.

Benefits of UCaaS:

Read more

Amazon parsing on easy level and all by yourself

Level of difficultyEasy
Reading time8 min
Views1.9K

I came across a script on the Internet that allows you to parse product cards from Amazon. And I just needed a solution to a problem like that.

I wracked my brain while looking for a way to parse product cards from Amazon. The problem is that Amazon uses different design options for different outputs, in particular – if you need to parse the cards with the search query "bags" – the cards will be arranged vertically, as I need it, but if you take, for example, "t-shirts" – then the cards will be arranged horizontally, and in such way the script falls into an error, it works out opening the page, but does not want to scroll.

Read more

Solving Amazon captcha Waf Captcha fully automatically with almost zero experience in development

Level of difficultyEasy
Reading time8 min
Views1.3K

A small epigraph - if you are making an instruction, then do it to the end, otherwise instructions on how to solve the Amazon captcha for junior developer will be as clear as mud.

What's it all about? When I needed to solve a captcha from Amazon, the notorious Waf Captcha, I started looking for information at a service that I constantly use when I work with Key Collector and some other services (2 captchas - it’s a pity Habr bans articles for referral links).

I found instructions there and posted the link to it above. As you probably understood from the epigraph, I didn’t understand a thing, or rather, I understood that I needed to use the API, but that’s all...

It was much easier with Selenium

The main issue is the short timeout given for a solution from Amazon's side. The time to solve the captcha is limited, and if there's no response, the captcha refreshes (two of its parameters get updated - iv and context)

It turns out the captcha freshness timeout is about 30 seconds, and in that time, you need to find the parameters on the page, copy them, paste them into the script code, and run it. After that, 2captcha should solve it and return the correct answer. I tried to do this for a couple of fruitless hours, developing a routine of actions, but alas, searching for and replacing the changing parameters takes at least 12-15 seconds, leaving only 15 to 18 seconds for the captcha to be solved by the service, which in current realities sounds quite fantastical.

Read more

Managing AWS Auto Scaling Group Instance Refresh: The Harmony of Terraform and Ansible

Level of difficultyMedium
Reading time6 min
Views892

In the DevOps realm, where automation is crucial, the management of resources and updating processes in the cloud is vitally important. Many modern projects, particularly in AWS cloud environments, leverage Auto Scaling Groups (ASG). This mechanism aims to achieve three key objectives: balancing loads, increasing service reliability, and optimizing operational costs for efficiency and effectiveness.

Imagine working at a company where you deploy applications on Amazon's resources. To streamline this process and manage configurations more effectively, you use pre-built AMI images. These are crafted with tools like HashiCorp Packer, ensuring your applications launch swiftly and reliably. For the actual infrastructure deployment, you turn to Terraform. It's widely recognized as the standard in many major companies for managing cloud resources and using the IaC (Infrastructure as Code) approach.

As an IT engineer, you sometimes need to update instance versions to a newer AMI image, either for the latest security patches or to introduce new functionalities. The challenge lies in updating an active ASG without causing downtime. It's crucial to ensure the new AMI performs as reliably as the existing one, balancing the need for updates with system stability and uptime.

ASG's instance refresh is a crucial feature that allows for updating instances within a group while minimizing downtime, thereby maintaining high availability. However, ensuring the success of such updates, especially in large, complex systems, can be a challenge. Terraform resources, such as aws_autoscaling_group, can initiate this process but don't provide progress tracking. This limitation becomes apparent when other infrastructure components, such as certificate renewals or DNS updates, depend on the state and version of the instances. Monitoring the update process is essential to maintain an accurate infrastructure state after Terraform's execution.

To overcome this challenge, Ansible can be utilized...

Read more

The journey of scaling up a production Elasticsearch cluster

Reading time6 min
Views3.4K

In this article, I will tell you about a-few-years journey of scaling the Elasticsearch cluster in production environment, which is one of the vital elements of the iPrice technology stack. 
I will describe challenges we encountered and how we approached them.

Read more

Setting up network sales channels for DO-RA gadgets

Reading time7 min
Views932
image

Introduction


In early March 2019, Intersoft Eurasia team completed work on a test batch of DO-RA gadgets — personal, cross-platform dosimeters-radiometers to monitor the radiation situation at the measurement site, compatible with iOS and Android smartphones and tablets.

By buying such a device, the user receives the following: reliable electronics which have undergone radiation testing in the factory laboratory, stylish colored case in the spirit of Malevich ;) for every taste, gift packaging, color insert instructions in Russian and English, special USB charging cable, a free updateable DO-RA.Pro application from the App Store and Google Play.

The next step in our project implementation is to find the best sales channels for Made in Russia products in the challenging environment of stagnant purchasing power.
Read more →

Automatically obtaining SSL certificates by Let's Encrypt using DNS-01 challenge and AWS

Reading time5 min
Views5.8K

This post describes the steps needed for setting up automatic SSL certificates creation and renewal, using Let's Encrypt as the automated Certificate Authority, which provides a well-maintained API.
acme-dns-route53 is the tool to obtain SSL certificates from Let’s Encrypt using DNS-01 challenge with Route53 and Amazon Certificate Manager by AWS. acme-dns-route53 also has the built-in functionality for using this tool inside AWS Lambda, and this is what we are going to do.

Read more →

Web application firewalls

Reading time6 min
Views4.1K

Web application firewall


Web application firewalls (WAFs) are a type of intrusion detection and prevention system and might be either a hardware or software solution. It is specifically designed to inspect HTTP(s) and analyse the GET and POST requests using the appalling detection logic explained below. Web application firewall software is generally available as a web server plugin.

WAF has become extremely popular and various companies offer a variety of solutions in different price categories, from small businesses to large corporations. Modern WAF is popular because it has a wide range of covered tasks, so web application developers can rely on it for various security issues, but with the assumption that this solution cannot guarantee absolute protection. A basic WAF workflow is shown below.



Its main function is the detection and blocking of queries in which, according to WAF analysis, there are some anomalies, or an attacking vector is traced. Such an analysis should not make it difficult for legitimate users to interact with a web application, but, at the same time, it must accurately and timely detect any attempted attack. In order to implement this functionality, WAF developers usually use regular expressions, tokens, behavioural analysis, reputation analysis and machine learning, and, often, all these technologies are used together.



In addition, WAF can also provide other functionality: protection from DDoS, blocking of IP-addresses of attackers, tracking of suspicious IP-addresses, adding an HTTP-only flag to the cookie, or adding the functionality of CSRF-tokens. Each WAF is individual and has a unique internal arrangement, but there are some typical methods used for analysis.
Read more →

Searching for errors in the Amazon Web Services SDK source code for .NET

Reading time17 min
Views1.5K

Picture 1


Welcome to all fans of trashing someone else's code. :) Today in our laboratory, we have a new material for a research — the source code of the AWS SDK for .NET project. At the time, we wrote an article about checking AWS SDK for C++. Then there was not anything particularly interesting. Let's see what .NET of the AWS SDK version is worth. Once again, it is a great opportunity to demonstrate the abilities of the PVS-Studio analyzer and make the world a bit better.
Read more →

Authors' contribution