What is TLS/HTTPS?
- HTTPS = HTTP + TLS (Transport Layer Security)
- Encrypts data between client and server.
- Provides:
- Confidentiality – No one can read the data.
- Integrity – Data can’t be tampered with.
- Authentication – Confirms site is genuine.
TLS Certificates
- Issued by a Certificate Authority (CA) (e.g., Let’s Encrypt, DigiCert).
- Types:
- DV (Domain Validated) → free, common
- OV (Org Validated) → verified business
- EV (Extended Validation) → green bar (rare now)
Get free HTTPS:
# Install Certbot sudo apt install certbot python3-certbot-nginx # Generate TLS cert for domain sudo certbot --nginx -d example.com -d www.example.com
Domains & DNS Basics
- Domain Name System (DNS): Internet’s phonebook. Converts names → IP addresses.
Common DNS Records
RecordPurposeExampleAIPv4 addressA → 192.0.2.1AAAAIPv6 addressAAAA → 2001:db8::1CNAMEAlias to another domainwww → example.comMXMail servermail.example.comTXTInfo/verificationv=spf1 include:_spf.google.com
Redirect HTTP → HTTPS
Example in Nginx:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://$host$request_uri;
}
Best Practices
- Always enable HTTPS everywhere.
- Use HSTS (Strict Transport Security):
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
- Use DNS providers with low latency (Cloudflare, AWS Route 53).
- Enable DNSSEC for extra protection.
Quiz
Q1: What does TLS provide?
A) Faster load speeds
B) End-to-end encryption and authentication
C) Reduced hosting cost
D) Easier DNS resolution
✅ Answer: B) End-to-end encryption and authentication
Q2: What does an A record in DNS do?
A) Points domain to another domain
B) Stores website SSL certificate
C) Maps domain to IPv4 address
D) Handles email routing
✅ Answer: C) Maps domain to IPv4 address
Monitoring & Observability (Prometheus, Grafana, Sentry)
Difficulty: Intermediate
Description: Learn how to monitor apps with metrics, logs, and error tracking. Use Prometheus for metrics, Grafana for dashboards, and Sentry for error reporting.
Time to read: 12 minutes
Content
Why Monitoring Matters
- Detect problems early
- Improve uptime & reliability
- Debug production issues
- Optimize performance
Observability Pillars
- Metrics → Numeric measurements (CPU, memory, requests/sec).
- Logs → Event details (errors, warnings).
- Traces → Request journey across services.
Prometheus (Metrics Collection)
- Time-series database for metrics.
- Pulls metrics from apps & servers.
Example Node.js Metrics Exporter:
import express from "express";
import client from "prom-client";
const app = express();
const collectDefaultMetrics = client.collectDefaultMetrics;
collectDefaultMetrics();
app.get("/metrics", async (req, res) => {
res.set("Content-Type", client.register.contentType);
res.end(await client.register.metrics());
});
app.listen(3000, () => console.log("Metrics at http://localhost:3000/metrics"));
Prometheus scrapes /metrics endpoint regularly.
Grafana (Visualization)
- Connects to Prometheus, ElasticSearch, Loki, etc.
- Create dashboards:
- API latency
- Error rates
- System health
Example dashboard panels:
- CPU Usage (%)
- Requests per second
- 95th percentile response time
Sentry (Error Monitoring)
- Captures runtime errors in frontend/backend.
- Provides stack traces, user info, breadcrumbs.
Example (Node.js setup):
import * as Sentry from "@sentry/node";
Sentry.init({
dsn: process.env.SENTRY_DSN,
tracesSampleRate: 1.0,
});
app.use(Sentry.Handlers.requestHandler());
app.use(Sentry.Handlers.errorHandler());
Best Practices
- Use dashboards for system health.
- Set up alerts (PagerDuty, Slack).
- Collect structured logs (JSON format).
- Always monitor user-facing metrics (latency, errors).