SShortSingh.
Back to feed

How to Self-Host SFTPGo on Ubuntu as a Free AWS Transfer Family Alternative

0
·1 views

SFTPGo is an open-source file transfer server supporting SFTP, FTP/S, and WebDAV protocols, offering a self-hosted alternative to AWS Transfer Family without per-endpoint costs. A developer guide published on DEV Community walks through deploying SFTPGo on Ubuntu using Docker Compose, with Traefik managing automatic HTTPS certificates for the web admin interface. The setup uses SQLite as the data provider and exposes protocol ports directly on the host, while supporting both local disk and S3-compatible object storage as backends. Security hardening steps are included, such as enabling a built-in brute-force defender and configuring two-factor authentication for the admin account. Users can be created via the web UI with optional SSH public key authentication for passwordless SFTP access.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Step-by-Step Guide: Dockerizing a Flask API on Ubuntu for Production

A technical guide published on DEV Community walks developers through containerizing a Flask REST API on Ubuntu using Docker and Gunicorn. The tutorial begins with installing Docker natively on Ubuntu 22.04 or 24.04, then clones a real-world Flask project from GitHub as a practical starting point. A key focus is writing an optimized Dockerfile that copies requirements.txt before application code, preserving Docker's layer cache and speeding up rebuilds. The guide replaces Flask's built-in development server with Gunicorn to handle concurrent requests safely in production environments. It concludes with steps to version and publish the final Docker image to Docker Hub, covering environment variable configuration for security.

0
ProgrammingDEV Community ·

Strix Open-Source Tool Uses AI Agents to Pentest Your App Before Deployment

Strix is a free, open-source security tool that deploys autonomous AI agents to actively attack a running instance of your application, mimicking real-world penetration testing. Unlike static analysis or dependency scanners, Strix spins up the app in a Docker sandbox and attempts to exploit vulnerabilities rather than just flagging suspicious code patterns. It uses a multi-agent architecture where specialized agents work in parallel, covering issues such as SQL injection, access control flaws, XSS, business logic bugs, and infrastructure misconfigurations. Each reported vulnerability includes a working proof-of-concept exploit, reducing false positives that plague traditional SAST tools. Strix supports major LLM providers including OpenAI, Anthropic, and Google, and can target local directories, GitHub repositories, or remote URLs with a single command.

0
ProgrammingDEV Community ·

Layered Architecture Explained: How PHP Apps Are Structured Without Knowing It

Layered Architecture, also known as N-Tier, is the most widely used architectural pattern in software development, organizing code into horizontal layers each with a distinct responsibility. The four core layers are Presentation, Application, Domain, and Infrastructure, where each layer communicates only with the one directly below it. This strict dependency rule means a Controller should call a Service, a Service should call a Repository, and never the other way around. The pattern's main strengths include conceptual simplicity, clear separation of concerns, and the ability to test or replace each layer independently. However, it can become rigid for vertical changes spanning all layers, and may produce redundant pass-through code when a Service layer adds no real logic.

0
ProgrammingDEV Community ·

Lilian Weng's blog post breaks down AI scaling laws and their real-world limits

AI researcher Lilian Weng published a detailed analysis titled 'Scaling Laws, Carefully' on her blog Lil'Log in June 2026, examining how model size, data volume, and compute collectively follow power-law relationships in large language model training. The post revisits the long-standing debate between the Kaplan scaling approach, which prioritized model size over data, and the Chinchilla findings, which showed that model parameters and training tokens should scale proportionally. Weng explains that the Chinchilla model, though four times smaller than DeepMind's Gopher, outperformed it by training on four times more tokens with the same compute budget. The post also addresses data-constrained scenarios, warning that repeatedly training on the same data yields diminishing returns and causes overfitting, especially in larger models. Weng cautions that scaling laws are empirical tools, not physical laws, and that small errors in curve-fitting can lead to vastly wrong predictions when extrapolating to expensive large-scale training runs.