Book Image

Jenkins 2.x Continuous Integration Cookbook - Third Edition

By : Mitesh Soni, Alan Mark Berg
Book Image

Jenkins 2.x Continuous Integration Cookbook - Third Edition

By: Mitesh Soni, Alan Mark Berg

Overview of this book

Jenkins 2.x is one of the most popular Continuous Integration servers in the market today. It was designed to maintain, secure, communicate, test, build, and improve the software development process. This book will begin by guiding you through steps for installing and configuring Jenkins 2.x on AWS and Azure. This is followed by steps that enable you to manage and monitor Jenkins 2.x. You will also explore the ways to enhance the overall security of Jenkins 2.x. You will then explore the steps involved in improving the code quality using SonarQube. Then, you will learn the ways to improve quality, followed by how to run performance and functional tests against a web application and web services. Finally, you will see what the available plugins are, concluding with best practices to improve quality.
Table of Contents (11 chapters)

Avoiding sign-up bots with JCaptcha

CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. The most commonly viewed CAPTCHAs are sequential letters and numbers displayed as graphics that you have to correctly feed into a text input.

If you let anyone sign up for an account on your Jenkins server, then the last thing you want are bots (automated scripts) creating accounts. Bots have an economy of scale, being able to scan the internet rapidly and never getting bored. CAPTCHAs are a necessary defense against these dumb attacks.

The negative purposes of bots are as follows:

  • Performing a Denial Of Service (DOS) attack on your server, for example, by automatically creating numerous heavyweight jobs
  • Distributed Denial Of Service attack (DDOS) on other servers by harvesting many Jenkins servers to fire off large numbers of requests
  • Injecting unwanted...