BlenderDumbass BDServer Livestream 2005-07-05
#webserver
0 posts0 participants0 posts today
My ultra-budget server powering http://websysctl.alfonsosiciliano.net has been running smoothly for the past 2 months. So far, so good!
#Crawlers hit tens of thousands of sysctl parameter pages daily. That's fine, since robots.txt allows it. But why keep requesting non-existent pages as if the site were built with WordPress 
? Fortunately, the stack (#FreeBSD 
+ #OpenResty 
+ #Lapis 
+ a custom-built #database 
) stays well within the limited resources of my $5/month cloud server.
The code might soon be #OpenSource stay tuned!
My #amateurRadio website is down. Some people are very aggressively trying to scrape my entire #website/#wiki using #bots and #scripts (some being very evasive using VPNs). This reckless behaviour acts as a DDoS for my #Apache #webserver on the #RaspberryPi hosting my web pages.
I have to send a #HTTP 410 response for the time being while I'm looking for an effective solution. Sorry for the inconvenience to those who were visiting my site.
#FreeBSD #server updated to 14.3-RELEASE
Super simple 
, super fast 
, and WebSysctl is live again! #ThePowerToServe
Anubis: New tool for protecting web servers from badly behaved scraper bots
https://xeiaso.net/blog/2025/anubis/
#webserver #capcha #web #llm #dos #ai #+
xeiaso.netBlock AI scrapers with AnubisI got tired with all the AI scrapers that were bullying my git server, so I made a tool to stop them for good.
Replied in thread
Alternatively, you can put #writefreely AND another webservice for your images behind #Ngnix. Lets say `wf.yourdomain` and `images.yourdomain`
DirtSWS is a little #single #binary #webserver that does nothing but host #static #html and files, with a simple single-file remote upload capability. Here's a sample site: https://static.awadwatt.com/index.html
Sicherheitsexperten enthüllen triviale Datenlecks bei Legaltechs
Zwei Legaltechs helfen Bürgern bei der Durchsetzung rechtlicher Ansprüche. Doch deren Daten standen teilweise ungeschützt im Netz, wie Hacker herausfanden.
heise online · Sicherheitsexperten enthüllen triviale Datenlecks bei Legaltechs
More from 
Dr. Christopher Kunz
Security experts reveal trivial data leaks at Legaltechs
Two legaltechs help citizens to enforce their legal claims. But some of their data was unprotected online, as hackers discovered.
heise online · Security experts reveal trivial data leaks at Legaltechs
More from Dr. Christopher Kunz
What is #apache currently being used for as a #webserver? I understand a lot of people are still using it but I have no idea why. Is there something it’s particularly good at? I remember for years it was the default for PHP but that doesn’t seem to be a hard requirement anymore.
#sysadmin #devops
Short blog article about leveraging goaccess to gather website analytics the easy way 
#goaccess #linux #debian #ubuntu #webserver #selfhosted #nginx
Yet Another SysAdmin · Website AnalyticsForay into analytics So far, all the websites I hosted never had any sort of analytics at all - Never.
I think it is high time to change just that.
This small little guide will leverage goaccess to generate static reports that can easily be served via any webserver (In this guide, we will use Nginx).
Prepare the directories First things first - creating the necessary directories.
This is easily done as follows.
Should one use #hugo to generate a #staticwebsite website on #linux for uploading to a #webserver? Or are there other alternatives? What do you use? I am not an #html total novice but like an easy life not chasing missing brackets deep into the night #staticwebsites
Replied in thread
@valorin : thanks, I wasn't aware of the existence of an RFC for a default change-password file!
For those interested: https://internet.nl checks any webserver for, among a lot of other things, the existence of the security.txt file (it shows its results in English, you don't have to know what Goudse kaas, stroopwafels and hagelslag mean ;-)
Best practices: https://internet.nl checks for lawful requirements of Dutch (Netherlands) governmental websites. After more than a year since that law came into effect, still a lot of govt. websites do not fully comply. In particular, many have still not set up HSTS correctly, such as Almere (https://internet.nl/site/almere.nl/2957791/ - not detected by https://developer.mozilla.org/en-US/observatory/analyze?host=almere.nl).
Unfortunately HSTS (which too often does not work) still has to help internet users, as browsers still do not *enforce* https connections in a sensible way (https://infosec.exchange/@ErikvanStraten/113045241408077702).
(Coen Wesselman @wsslmn : do you like the idea of adding a check for "/.well-known/change-password", and if so, is that something you could ask to be included in the tests by internet.nl?)
internet.nlTest for modern Internet Standards like IPv6, DNSSEC, HTTPS, DMARC, STARTTLS
and DANE.Test for modern Internet Standards IPv6, DNSSEC, HTTPS, HSTS, DMARC, DKIM, SPF, STARTTLS, DANE, RPKI and security.txt
Bring back the #SmallWeb, #indieweb, #static #html #PersonalSites by hosting your own stuff!
There are many small/single binary #webserver for static sites but you still have to bother about how you get your files up there.. so I built one on top of .NET's Kestrel that lets you do that, in a single binary; no config, just a few command line params.
**DirtSWS** - Dirt simple Singlebinary Web Server. https://github.com/tezoatlipoca/DirtSWS
First release: https://github.com/tezoatlipoca/DirtSWS/releases/tag/v0.0.1-beta
GitHubGitHub - tezoatlipoca/DirtSWS: Dirt Simple (single binary) Web ServerDirt Simple (single binary) Web Server. Contribute to tezoatlipoca/DirtSWS development by creating an account on GitHub.
Kennt jemand einen #Webserver, der mir einfach nur Directory Listing auf eine gemountetes Verzeichnis per HTTP ausgibt?
Irgendwas kleines.
Ein kleines Fire&Forget Container-Image?
Edit: Hab was gefunden!
https://github.com/svenstaro/miniserve
GitHubGitHub - svenstaro/miniserve: 🌟 For when you really just want to serve some files over HTTP right now!🌟 For when you really just want to serve some files over HTTP right now! - svenstaro/miniserve
Continued thread
I really think I need some kind of flood protection. As in, if you request more than >=1 req/sec for more than a minute, you're a bad bot (likely in this day and age some shitty #AI scraper) and you end up on some kind of deny-list for an hour.
Does something like this exist? Or are there better approaches? #sysadmin #web #webserver #freebsd
Holy crap! #Huawei is *very* aggressively #crawling my #webserver. As in, 6+ requests/sec for many hours coming from quite a few IPs. Here are the subnets I blocked which kills most of the traffic so far:
49.0.200.0/21
94.74.80.0/20
101.44.160.0/20
111.119.192.0/20
114.119.172.0/22
114.119.176.0/20
119.8.160.0/19
119.13.96.0/20
124.243.128.0/18
159.138.96.0/20
166.108.192.0/20
166.108.224.0/20
190.92.192.0/19
The user agent string is the typical "every browser in existence". #webcrawler
#Mastodon seems to be more popular in #China than I expected - at least, I'm seeing my brave little #WebServer being hammered by a #DDoS attack that by far exceeds both its importance in the world, and the reach of my posts on the #Fediverse.
Anyway: thank you for validating me, #WinnieThePooh, and for letting me learn a few more useful things about web servers.
#NGinx #ISPConfig question: If I want to redirect all traffic to a domain *except* one directory can I do that using the rewrite rules?
#AskMastodon #WebServer
I'm thinking about switching from Axum to Ntex for web development in Rust. Since it seems to have the same functionality but is faster than Axum framework, this could be a possibility for a new project. What is your experience or opinion on this? 
–
#axum #rust #rustlang #ntex #web #code #webdev #ntexweb #webserver #website
ntex.rsNtex