Posts

Welcome home: bonapasogit-dev Organization 🏛️💻 bonapasogit-dev was created as an engineering organization with a social conscience. The spirit is simple: technology should scale capability, not ego. 🛠️ Our Three Pillars Somba Marhula-hula (Maintainer/Contributor Priority) We hold every contribution in the highest regard. Community feedback is the “blessing” that empowers our projects to grow and improve. Elek Marboru (User Experience) We are committed to serving our users with approachable documentation, solution-oriented support, and intuitive libraries. ...

🚀 How to Configure a Robust, Reliable, and Clean HTTP Client in Node.js When building microservices or an API Gateway in Node.js, your HTTP client becomes critical infrastructure. Most engineers rely on default configurations like: const http = require('http'); http.request(options, callback).end(); It works. But in production? It can silently destroy your system under load. This guide explains: Why default HTTP client configuration is dangerous How to properly configure connection pooling Timeout and resilience strategies Handling slow downstream services Migrating to Undici (modern Node HTTP client) Performance comparison (http vs axios vs undici) Why Default HTTP Client Configuration Is Dangerous Since Node 19+, http.globalAgent enables keepAlive: true. That’s better than older versions. But production risk still exists. ...

🚀 Deploy Golang API to VPS with Nginx & HTTPS This guide documents the complete production deployment process of a Golang API to a VPS. Prerequisites: A VPS with Ubuntu 22.04 (You can get one from SumoPod) A domain name (You can get one from Namecheap | Cloudflare | etc) A Golang API We will: Install required packages Configure firewall (UFW) Clone project Configure environment variables Build and run binary Setup systemd service Configure Nginx reverse proxy Point custom domain Enable HTTPS (SSL) Verify auto renewal 🏗 Final Architecture Internet ↓ HTTPS (443) ↓ Nginx Reverse Proxy ↓ http://localhost:6969 ↓ Go Binary (/opt/<appname>/<appname>) ↓ systemd Service Phase 1 — Install Requirements # Connect to your vps ssh root@YOUR_VPS_IP # Update package list sudo apt update && sudo apt upgrade -y # Install Nginx, Git, Certbot, and Build Tools sudo apt install -y git uvw curl nginx build-essential Description: - git: version control system - uvw: (Uncomplicated Firewall) tool for managing firewall rules - curl: tool for transferring data with URLs - nginx: web server and reverse proxy - build-essential: collection of packages required for building software from source code Phase 2 - Create propper user # Create a new user sudo adduser vicktor # Add the user to the sudo group sudo usermod -aG sudo vicktor # Switch to the new user su - vicktor Phase 3 — Configure Firewall (UFW) # Allow SSH, Nginx Full sudo ufw allow OpenSSH sudo ufw allow 'Nginx Full' Enable UFW sudo ufw enable Check status sudo ufw status Output: ...

1. Purpose This document defines the official engineering standard for preventing SQL injection vulnerabilities and ensuring secure database access. This guideline applies to all backend services interacting with MySQL. Our goal is to achieve zero SQL injection risk by architectural design. Not by filtering or detection, but by elimination. It’s a wrong mindset! 2. What is SQL Injection? SQL injection is a web security vulnerability that allows attackers to interfere with queries an application makes to its database. By inserting malicious SQL code into input fields, attackers can view, modify, or delete data, and in some cases, gain administrative control over the application. SQL Injection occurs when untrusted user input is interpreted as SQL code instead of data. ...