Skip to content

Instantly share code, notes, and snippets.

View itsnikolayy's full-sized avatar
💭
#UseApacheTrafficServer

nikolay itsnikolayy

💭
#UseApacheTrafficServer
1 follower · 1 following
  • usa
  • 01:01 (UTC -05:00)
View GitHub Profile
@itsnikolayy
itsnikolayy / Akamai-Recursive-DNS.txt
Created August 29, 2025 01:51
# Akamai Public Recursive DNS (Observed)
It appears that **Akamai may be running a public recursive DNS service**.
---
## IP Ranges
The following IP ranges have been observed:
- `96.7.136.0/24`
@itsnikolayy
itsnikolayy / Barracuda-Firewall.md
Created July 31, 2025 02:15

Barracuda Web App Firewall tech stack / backend infrastructure

Makes use of the following, not sure if its the primary way the firewall is implemented:

NGINX https://nginx.org/

Rules: Snort (Open Source Intrusion Prevention System) https://snort.org/

Seems to utilize mostly Ruby for its infrastructure. Snort rules appear to be called with fast-cgi via NGINX.

@itsnikolayy
itsnikolayy / Bunny-CDN-Tech-Stack.md
Created July 31, 2025 01:34
@itsnikolayy
itsnikolayy / Cloudflare-Tech-Stack.md
Last active July 31, 2025 04:42

This is the Cloudflare tech stack / backend infrastructure (I want to thank Cloudflare for being so open about their infrastructure and services. They are arguably one of my biggest inspirations.)

Proxy: Pingora [Rust] [Apache-2.0 license] https://github.com/cloudflare/pingora (Formerly, Cloudflare used NGINX)

REST APIs: Golang (mostly) (runs on kubernetes pods)

Databases: PostgreSQL (for REST API and Dashboard) ClickHouse for logs

@itsnikolayy
itsnikolayy / Fastly-Tech-Stack.md
Last active July 31, 2025 01:30

This is the Fastly tech stack / backend infrastructure

Reverse proxy / TLS termination / load balancing: h2o https://github.com/h2o/h2o/tree/master [MIT license] (https://h2o.examp1e.net/configure/proxy_directives.html)

Caching server: Varnish Enterprise https://www.varnish-software.com/products/varnish-enterprise/ [not open source] (there is an open source version of varnish)

Authoratative DNS server: NSD https://github.com/NLnetLabs/nsd [BSD-3-Clause license] (https://www.nlnetlabs.nl/projects/nsd/about/) (does not offer authoratative DNS to customers, but does give customers a CNAME that is tied to Fastly nameservers running NSD)

Web App Firewall (WAF): Signal Sciences https://github.com/signalsciences [not open source] (https://www.fastly.com/products/web-application-api-protection)

@itsnikolayy
itsnikolayy / Aamazon-AWS-CloudFront-Tech-Stack.md
Created July 31, 2025 01:04

This is the AWS (Amazon Web Services) CloudFront tech stack / backend infrastructure

Proxy: NGINX https://nginx.org/ (an in-house proxy built with Rust is used if the client protocol is QUIC)

Cache: Squid https://www.squid-cache.org/

@itsnikolayy
itsnikolayy / README.md
Last active December 16, 2023 07:26

You can find me at GitGud:

@itsnikolayy
itsnikolayy / Barracuda-CloudGen-WAF-nginx-rest.conf
Created August 5, 2023 07:22
location ~ ^/restapi/(v\d+(\.\d+)?)/(.+)$ {
set $directive "RESTful File Handle";
limit_req zone=apilimit burst=10 nodelay;
upload_pass @rest;
upload_store /data/tmp/nginx_uploads 1;
upload_set_form_field $upload_field_name.name "$upload_file_name";
@itsnikolayy
itsnikolayy / Barracuda-CloudGen-WAF-nginx.conf
Created August 5, 2023 07:21
user nobody nogroup;
worker_processes 2;
pid /var/run/nginx.pid;
http {
types {
application/javascript js;
application/json json;
application/pdf pdf;
application/xml xml;
@itsnikolayy
itsnikolayy / Barracuda-ethernet-codes.txt
Created August 5, 2023 07:02
0:0:0 XEROX CORPORATION
0:0:1 XEROX CORPORATION
0:0:10 SYTEK INC.
0:0:11 NORMEREL SYSTEMES
0:0:12 INFORMATION TECHNOLOGY LIMITED
0:0:13 CAMEX
0:0:14 NETRONIX
0:0:15 DATAPOINT CORPORATION
0:0:16 DU PONT PIXEL SYSTEMS .
0:0:17 TEKELEC