Running a Tor Bridge on Linux: Complete obfs4 & WebTunnel Guide
Guide to running obfs4 and WebTunnel Tor bridges on Linux with Nginx camouflage, firewall hardening, Prometheus monitoring, and CrowdSec.
Blog
Thoughts, tutorials, and engineering notes.
Real projects, AI-assisted drafting. I document my actual experiments and code, using AI tools to structure and polish the final write-ups.
MikroTik PPPoE + DHCPv6-PD: Dual-Stack for DIGI Spain
Configure PPPoE with DHCPv6 Prefix Delegation on MikroTik RouterOS for DIGI Spain. VLAN tagging, SLAAC, prefix change handling, and firewall rules.
MikroTik WireGuard VPN: Complete Dual-Stack IPv4/IPv6 Configuration
Configure WireGuard VPN on MikroTik RouterOS with full IPv4/IPv6 dual-stack. Access your home network with native IPv6 from any connection.
MikroTik Honeypot: Trap & Auto-Block Port Scanners
Configure a MikroTik honeypot to detect port scanners, log malicious activity, and auto-block attackers using firewall address lists and the RAW table.
Implementing a Tarpit in Nginx: Trap Malicious Scanners
Implement an Nginx tarpit to slow down and trap malicious bots, vulnerability scanners, and brute-force attackers. Includes CrowdSec integration.
Mastering QUIC and HTTP/3 with Nginx: The Complete Guide
Deep dive into QUIC and HTTP/3 — technical architecture, security features, and step-by-step Nginx configuration for production deployment.
Content Security Policy (CSP) with Nginx: The Complete Guide
Master Content Security Policy from zero to A+ — nonces, hashes, strict-dynamic, Trusted Types, bypass prevention, and production Nginx configs.
Mastering Virtual Files in Nginx: A Complete Guide
Serve virtual files in Nginx without disk I/O. Covers root vs alias vs try_files, named locations, Kubernetes health endpoints, and containers.
Mastering Mutual TLS (mTLS) with Nginx: A Deep Dive
Implement Mutual TLS (mTLS) with Nginx — create a CA, generate client certificates, configure CRL and OCSP revocation, and enable Zero Trust.