#DRY is an important principle in software development. This post will show you how to apply it to #ApacheAPISIX configuration.
#ApacheAPISIX
When I introduce #ApacheAPISIX in my talks, I mention the massive number of existing plugins, and that each of them implements a specific feature. One of the key features of Apache APISIX is its flexibility. If a feature is missing, you can create your own #plugin, showcasing the platform’s adaptability to your specific needs. In this post, I aim to provide practical alternatives to writing a custom plugin, offering solutions you can quickly implement in your projects.
Lots of service providers offer a #freetier of their service. The idea is to let you kick their service’s tires freely. If you need to go above the free tier at any point, you’ll likely stay on the service and pay. In this day and age, most services are online and accessible via an #API. Today, we will implement a free tier with #ApacheAPISIX.
#RateLimiting is an age-old #ReverseProxy feature focused on protecting against DDoS attacks. It treats all clients the same and is purely technical. In this day and age, most #API providers offer different subscription tiers; the higher the tier, the higher the rate limit, and the more you pay incidentally. It’s not technical anymore and requires to differentiate between clients.
In this post, I want to detail how to do it with #ApacheAPISIX.
Today, I wrote on how to combine #PostgreSQL , #PostgREST and #ApacheAPISIX to expose a developer-friendly #RESTAPI.
Last week, I described how to add a dynamic #watermark to your images on the JVM. Another alternative is to use ready-made components, namely #imgproxy and #ApacheAPISIX I already combined them to resize images on-the-fly.
Here's how to achieve it:
Nearly at the end of my two weeks marathon across Europe. This week was @berlinbuzzwords, DevConf CZ, and JavaDay Lviv 🇺🇦
I came late at night and today, I’ll go to Lyon for Tech and Wine and conduct an #ApacheAPISIX workshop 🔨
Recently, I had to use #GitHubPages to publish my #ApacheAPISIX workshop. Travis is no longer free. #GitHubActions are a thing. I used the now nominal path and faced a few hurdles; here are my findings.
@frankel can lecture about #ApacheAPISIX in a fun way. Something like this will definitely come in handy in our project, so I know where to look.
#devconf_cz
I continue to work on my #OpenTelemetry demo. Its main idea is to showcase traces across various technology stacks, including #asynchronous communication via an #MQTT queue. This week, I added a couple of components and changed the #architecture. Here are some noteworthy learnings; note that some of them might not be entirely connected to @opentelemetry
https://blog.frankel.ch/even-more-opentelemetry/
#Observability #DistributedTracing #ApacheAPISIX @graalvm #Golang #Ruby
In this :foojay: post, @frankel lists five alternatives to pass parameters server-side and explains how to access them on #apacheapisix
https://foojay.io/today/five-ways-to-pass-parameters-to-apache-apisix
I recently read a post on "6 Ways To Pass Parameters to #Spring #REST API". Though the title is a bit misleading, as it’s unrelated to REST, it does an excellent job listing all ways to send parameters to a Spring application. I want to do the same for #ApacheAPISIX; it’s beneficial when you write a custom plugin.
Last week, I wrote an analysis of the #ITEF #Idempotency-Key specification. The specification aims to avoid duplicated requests. In short, the idea is for the client to send a unique key along with the request:
* If the server doesn’t know the key, it proceeds as usual and then stores the respons
* If the server knows the key, it short-circuits any further processing and immediately returns the stored response
This post shows how to implement it with #ApacheAPISIX.
@ondrejkolin indeed, but mine is #ApacheAPISIX and is truly #OpenSource 😉
Back home after my talk #cern. Around 40 people came and listened how to evolve your APIs with #ApacheAPISIX.
Then I had a private tour of the computing center and the Antiproton Accelerator 🔬
Not bad for a Thursday 😊
How do you secure your API? Check it out, two great #ApacheAPISIX solution related articles by @frankel !
https://foojay.io/today/secure-your-api-with-these-16-practices-with-apache-apisix-part-1/
https://foojay.io/today/secure-your-api-with-these-16-practices-with-apache-apisix-part-2
Last week, we listed 16 practices to help secure one’s APIs and described how to implement 7 of them with #ApacheAPISIX.
This week, we will look at the remaining practices.
#owasp regularly publishes a Top 10 Vulnerability Report, targeting vulnerabilities in web applications. On Foojay :foojay:, @frankel describes how to fix some of them via the #ApacheAPISIX Gateway!
https://foojay.io/today/hardening-apache-apisix-with-the-owasps-coraza-and-core-ruleset
I lastly stumbled upon a list of 16 practices to secure your #APIs. In this two-post series, I’d like to describe how we can implement each item with #ApacheAPISIX (or not).
Hardening #ApacheAPISIX with the @owasp's #Coraza and Core Ruleset
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst