web server Archives

Tech Optimizer

January 14, 2026

Introducing PostgREST, a REST API for any PostgreSQL database written in Haskell

PostgREST is a web server developed in Haskell that converts PostgreSQL databases into RESTful APIs, offering a more efficient and standards-compliant alternative to manual CRUD programming. It achieves subsecond response times for up to 2000 requests per second, utilizing the Warp HTTP server and offloading tasks like JSON serialization and data validation to the database. Authentication is managed through JSON Web Tokens (JWT), with authorization based on database-defined roles. PostgREST avoids using Object Relational Mappers (ORMs) and encourages declarative constraints in databases to maintain data integrity. User feedback has been mostly positive, although some have expressed concerns about complexities in production environments.

Winsage

October 20, 2025

Simplewall is the Windows Firewall tuning tool everyone needs

A firewall acts as a barrier against threats to devices, with most operating systems including one for basic protection. The Windows Defender Firewall has a complex interface, but it features a powerful packet filtering engine. Simplewall is a standalone network filtering application built on the Windows Filtering Platform (WFP) that offers users straightforward control over network traffic. It includes a rules editor that allows users to manage applications and services, enabling them to block or allow specific traffic easily. Users can create custom rules based on protocol, ports, or IP addresses, which is particularly useful in home lab environments. Simplewall also provides an OS-level blacklist to limit Microsoft's data collection and can block known advertising and tracking IPs. It is compatible with various Windows versions, including Windows 7 and ARM64 architecture, and can filter traffic from the Windows Subsystem for Linux (WSL). Simplewall is available in a portable version, does not log telemetry data, and is open-source. However, users must manage rules carefully, as blocking critical services can lead to connectivity issues. The development of Simplewall is supported by a community that contributes to its improvement.

Winsage

October 18, 2025

Microsoft fixes Windows bug breaking localhost HTTP connections

Microsoft has identified a bug affecting HTTP/2 localhost connections and IIS websites after recent Windows security updates, specifically the Windows 11 KB5066835 Patch Tuesday update and the September KB5065789 preview update. Users have reported connection reset errors, such as ERRCONNECTIONRESET and ERRHTTP2PROTOCOL_ERROR, impacting applications like the Duo Desktop app and Visual Studio debugging. The issue is linked to a bug in the HTTP.sys web server used by ASP.NET Core, which can be triggered by various factors including device restarts and update installations. Microsoft has provided steps for resolution, including checking for updates and restarting devices. For non-managed devices, an automatic resolution through Known Issue Rollback (KIR) is available, while enterprise-managed devices require IT administrators to implement KIR group policies. A permanent fix is expected in a future Windows update.

Winsage

October 17, 2025

Windows 11 updates break localhost (127.0.0.1) HTTP/2 connections

Microsoft's recent updates for Windows 11, specifically the October update (KB5066835) and September's preview update (KB5065789), have disrupted the functionality of the "localhost" feature, affecting developers and applications reliant on local connections. Users are experiencing connectivity issues, with errors such as "ERRCONNECTIONRESET" and "ERRHTTP2PROTOCOL_ERROR" when attempting to connect to localhost (127.0.0.1). This has impacted applications like Visual Studio, SSMS Entra ID authentication, and the Duo Desktop app, which relies on local web server connections. Potential workarounds include modifying Registry entries to disable the HTTP/2 protocol and installing the latest Microsoft Defender intelligence update, though effectiveness varies. The most reliable solution appears to be uninstalling the problematic updates using the commands: wusa /uninstall /kb:5066835 wusa /uninstall /kb:5065789 After uninstalling these updates and restarting, users report that the loopback interface is restored, allowing HTTP/2 connections to function correctly again.

Tech Optimizer

September 25, 2025

Building a Video Game Recommender System with FastAPI, PostgreSQL, and Render: Part 2

The project involves deploying a board game recommendation system using FastAPI and PostgreSQL on Render. Key tasks include configuring a PostgreSQL database on Render, populating it with data, Dockerizing the FastAPI application, and deploying it as a Render Web Application. The PostgreSQL database is created on Render with the name “fastapi-database” using the free tier. The database connection is tested using the External Database URL, and tables are populated using a script. The FastAPI application is containerized with Docker, which involves creating a Dockerfile that specifies the base image, working directory, dependencies, and commands to run the application. The Docker image is built, tagged, and pushed to DockerHub. The image is then pulled into Render, where a personal access token is created for secure access. Environmental variables are configured for the FastAPI application, and upon successful deployment, the application can be accessed via a provided link, with Swagger documentation available for testing database connections. The project repository is available on GitHub, along with additional resources for FastAPI and Docker.

Winsage

September 5, 2025

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

Cybersecurity researchers have identified a new threat cluster named GhostRedirector, which has compromised at least 65 Windows servers mainly in Brazil, Thailand, and Vietnam. The attacks involve the installation of a C++ backdoor called Rungan and an IIS module named Gamshen. The threat actor is believed to have been active since at least August 2024. Rungan can execute commands on compromised servers, while Gamshen provides SEO fraud services by manipulating search engine results, specifically targeting Googlebot to avoid detection by regular users. GhostRedirector has also impacted entities in various countries, including the U.S., Canada, and India, across multiple sectors. Initial access is likely gained through SQL injection vulnerabilities, followed by the use of PowerShell to deliver additional malware from a staging server. Rungan listens for commands from a specific URL and supports various functions, including user creation and command execution. Gamshen is part of a family of IIS malware and operates similarly to previously documented malware. The group employs deceptive SEO techniques to generate artificial backlinks to promote gambling websites. Evidence suggests that GhostRedirector may be linked to a China-based threat actor, supported by Chinese strings in the code and a certificate from a Chinese company. This group exemplifies persistence by using multiple remote access tools and creating rogue user accounts for long-term access.

AppWizard

August 31, 2025

I’m obsessed with this 3D-printed Minecraft compass that uses GPS to point to any location

A 3D-printed Minecraft compass has been developed by chaosgoo on GitHub, utilizing an ESP32 microcontroller and GPS technology. This compass not only mimics the in-game item but also functions in the real world by guiding users to specific locations based on latitude and longitude coordinates. It features modes for setting a "spawn point" and navigating to chosen coordinates. The device includes various functionalities accessed through button presses, such as toggling between modes, revealing the IP address, sensor calibration, and performing a factory reset. Resources for creating the compass, including code and a 3D printable file, are available on its GitHub page.

Winsage

August 11, 2025

Win-DDoS: Attackers can turn public domain controllers into DDoS agents

SafeBreach researchers have identified critical vulnerabilities in Windows Active Directory domain controllers (DCs), particularly CVE-2025-32724, which can be exploited for distributed denial-of-service (DDoS) attacks using a method called Win-DDoS. This vulnerability allows attackers to manipulate public DCs into connecting to a controlled Lightweight Directory Access Protocol (LDAP) server, directing them to flood a target server with requests. The researchers also highlighted additional vulnerabilities: - CVE-2025-26673 and CVE-2025-49716 enable uncontrolled resource consumption in Windows LDAP and Windows Netlogon, respectively. - CVE-2025-49722 affects Windows Print Spooler Components, potentially crashing DCs and other Windows machines. The first three vulnerabilities can be triggered remotely by unauthenticated attackers, while the last one requires minimal privileges. Microsoft has released security updates for all four vulnerabilities in 2025, and organizations are advised to implement these patches and strengthen their defenses against potential DDoS attacks.

Winsage

May 10, 2025

Microsoft’s New Windows Update — 1 Billion Users Warned: Do Not Delete

Windows users are facing security challenges, including zero-day vulnerabilities and hackers bypassing Windows Defender. Microsoft has removed VPN provisions for Windows Defender and discontinued security support for Windows 10, but users can upgrade to Windows 11 for free. Following the April 8 Patch Tuesday updates, a new folder named "inetpub" appeared on user devices, which Microsoft has warned users not to delete, as it is essential for security protections. This folder is generated after installing updates and is traditionally associated with the Internet Information Services (IIS) web server platform, regardless of whether IIS is installed. If users have deleted the inetpub folder, it can be restored by enabling IIS through the Windows Control Panel.

Winsage

April 25, 2025

Windows “inetpub” security fix can be abused to block future updates

A recent Microsoft security update has created a new 'inetpub' folder in the root of the system drive, linked to a fix for a Windows Process Activation elevation of privilege vulnerability (CVE-2025-21204). This folder has appeared on systems without Internet Information Services (IIS) installed. Microsoft advises users not to delete the folder, as it enhances system protection. However, cybersecurity expert Kevin Beaumont has shown that the 'inetpub' folder can be manipulated by non-administrative users to create a junction that redirects to a Windows file, potentially obstructing future Windows updates and resulting in a 0x800F081F error code. Microsoft has classified this issue as "Medium" severity and has closed the case, indicating it may be addressed in future updates.