Gradle Basics

How to create a new gradle project? 

Pre-requisites:

•  Java
• Gradle

Steps

• Create a folder using command
• mkdir myproject
• Go inside the folder
• cd myproject
• Run command 
• gradle init
• Select type as application
• Select language as java
• Select build script as Kotlin
• Select Unit Test Framework as Junit Jupiter

Different files in gradle project

• settings.gradle.kts

• This is used to define the repositories under
• dependencyResolutionManagement
• pluginManagement
• This is used set the project name and include sub projects
• rootProject.name={Name of the project}
• include("app") Name of all the subprojects to be included

• build.gradle.sts

• This is the build script for particular project
• It has below sections
• plugins - We can add different type of plugins 
• e.g core plugins

                                        plugins{ 

                                            core

                                        }
                                        plugins { 

                                             id ("com.abc.xyz") version "1.0.0"

                                        }

• repositories: Add repositories

                                        repositories{ 

                                            mavenCentral()

                                            mavenLocal()

                                            gradlePluginPortal()

                                            maven{

                                                url = uri("https://repo.com")

                                                artifactsUrls("https://mycom.com")

                                            }

                                        }

• dependencies: Add dependencies

                                        dependencies{ 

                                               implementation("groupid:artifactId:version")

                                               testImplementation("groupid:artifactId:version")

                                        }

• application: Set the main class for the project

                                        application{ 

                                               mainClass.set("abc.Main")

                                        }

• tasks: Create a gradle task e.g. copy task would be like

                                        tasks.register<Copy>("myCustomTask"){ 

                                               from(file("abc.Main"))

                                               into(file("xyz.txt"))

                                        }

• 
  


                                        

Generating Access key ID and Secret Access Key in AWS

Access key ID and Secret Access Key are used to access AWS environments programmatically or via CLI

In order to generate them one needs to follow the below steps

• Go to the AWS console and search for service IAM
• Search and select the User for which key and secret needs to be created
• Go to the tab security credentials and then choose Create access key.
• Access key ID and Secret Access Key will get created for the above user

How to prevent Distributed Denial of Services (DDOS) attack in your application

DDoS stands for Distributed Denial of Service and it's a situation where cyber criminals flood a network with so much malicious traffic that the impacted system cannot operate or communicate as it normally would.

Prevention of DDOS Attacks

• Implement a lockout i.e. prevent an IP from making a login request for X minutes if they fail to log in N times. Tomcat has LockOutRealm configuration for the same

• Implement progressive delay by adding a longer and longer delay to processing each bad login request.

• Ensure that a user has a limit to the number of concurrent sessions (to prevent a hacked account logging on a million times)

• Apply rate limits or use throttling mechanisms to prevent large numbers of requests

• Have different database application users for different services (e.g. transactional use vs. reporting use) and use database resource management to prevent one type of web request from overwhelming all others.

• Have a log format from which you can easily identify 

• The IP of the requesting server

• The URI of the request

• The URI failing the most

• User using the service

• IPs of the users

• URIs called by anonymous users

• Arguments passed to a service

• Audit a specific user actions

• Use CDNs to distribute static resources to different locations and IP addresses. 

• Install a firewall to reject incoming connections that violate rules that you define.

• Update and patch all the resources at regular intervals

• Run vulnerability scans quite oftenly

• Harden applications e.g. adding captcha during login

• Block unused ports on servers and firewalls

• DNS port 53 should be blocked if organization is not using DNS server

• P2P port 4662 and 4672 should be blocked

• ICMP or ping should be blocked

• Overprovision infrastructure by 

• Moving to some cloud based scalable solution.

• Designing it to 200-500% of the baseline needs.

• Applying load balancing to route the traffic.

• Place resources behind the firewall

• Use container level configurations to reject requests

• Tomcat Valve to reject incoming requests by their User-Agents (or any other criterion) as a last line of defense.

In AWS Cloud, AWS Shield can help to prevent DDOS Attacks. This service is provided automatically to all AWS customers at no additional charge.