Technical series

Read by operational path, not only by date.

Naxaya articles are grouped into practical paths so a reader can move from context to diagnosis, implementation and runbook-level validation without hunting through the full archive.

Cloud 5 articles

Azure WAF operations

Read WAF blocks in KQL, qualify false positives, then add targeted OWASP/CRS exclusions or custom rules with evidence.

From noisy blocks to defensible WAF changes.

  1. 01 Azure WAF: read Application Gateway blocks with KQL without chasing every layer
  2. 02 WAF and KQL: identify a false positive before creating an exclusion
  3. 03 Azure WAF: add an OWASP/CRS exclusion without weakening all protection
  4. 04 Azure WAF: when to use custom rules before managed OWASP rules
  5. 05 Azure WAF: frame an emergency custom rule without losing evidence
Cloud 10 articles

Azure private networking

Separate private exposure, outbound networking, DNS, Private Endpoint validation and Application Gateway troubleshooting.

Make private Azure paths testable and explainable.

  1. 01 Azure Private Endpoint: build a validation matrix before production
  2. 02 Do not confuse private exposure, outbound networking and application security on Azure
  3. 03 Azure Application Gateway: diagnose 502 errors without mixing DNS, TLS and backend health
  4. 04 Azure hybrid DNS: when to use Private Resolver, on-premises forwarders and private zones
  5. 05 Azure Private Endpoint: detect Terraform, DNS, and network drift before incident
  6. 06 Azure: make private paths verifiable with synthetic probes
  7. 07 Azure internal APIM: diagnose a private API before changing policies
  8. 08 Azure Container Apps: diagnose private ingress before changing revisions
  9. 09 Azure AKS: diagnose private ingress before changing deployments
  10. 10 Azure Functions: diagnose a private HTTP endpoint before changing code
Infrastructure 6 articles

Operations runbooks

Troubleshoot Linux identity, validate Proxmox restores, rotate service identities safely, diagnose managed identity access, and write handover notes that still help after deployment.

Turn architecture and infrastructure into repeatable operations.

  1. 01 Linux and Active Directory: troubleshoot SSSD failures that appear after the join
  2. 02 Proxmox Backup Server: define a testable restore policy, not only a backup policy
  3. 03 Operational architecture documentation: write a note that actually helps run after deployment
  4. 04 Monitoring: turn an alert into an actionable operations runbook
  5. 05 Service identity and secret rotation: a production runbook, not an isolated task
  6. 06 Azure managed identity: diagnose private access before changing permissions