|
LongSack posted:I have ipchains set up I haven't seen ipchains since linux 2.4, hopefully you mean iptables fletcher nailed it: - iptables with default input policy DROP and punch a hole for ssh - set up pubkey authentication for ssh then disable PasswordAuthentication - install fail2ban, don't bother whitelisting your DHCP pool unless you're certain about the range - tunnel your mariadb connection over ssh using e.g. LocalForward 3306 localhost:3306
|
# ¿ Apr 25, 2017 03:36 |
|
|
# ¿ Apr 23, 2024 07:48 |
|
Axiem posted:Not that I particularly know a good place to actually register—I don't approve of GoDaddy in general, and something about Hover just feels off—that can let me twiddle with the DNS records as I see fit. Is there a good recommendation there? It sound like you are planning on using your domain registrar's DNS - I suggest instead (as with your web hosting) that you delegate that task to a separate company, e.g. Hurricane Electric or Cloudflare - both of which are free and have the DNS features you want. For the domain itself, Hover are fine (and offer free WHOIS privacy). Other reputable registrars include Google Domains (also free privacy), internet.bs (free privacy) and Namecheap (paid) Rufus Ping fucked around with this message at 04:34 on Jun 20, 2017 |
# ¿ Jun 20, 2017 04:32 |
|
Authoritative DNS has two separate parts you need to concern yourself with Say your domain is axiem.com and you choose Cloudflare to host your DNS
|
# ¿ Jun 20, 2017 18:51 |
|
If you've always used your domain registrar's DNS then the first bullet point is the part of the picture they've been hiding from you
|
# ¿ Jun 20, 2017 18:56 |
|
Axiem posted:(I'm assuming that setting it up through my Domain Registrar updates gtld-servers). Axiem posted:With Cloudflare: is setting up the DNS stuff part of the Free plan? Axiem posted:If I go with them for that, do I also have to put my static site behind their stuff Axiem posted:and what happens when they have an outage, or does that not happen very often?
|
# ¿ Jun 21, 2017 01:34 |
|
Axiem posted:(Much less at NearlyFreeSpeech, which a ballpark estimate puts me at 5$/year) I'll leave the question about Dreamhost vs Lithium for someone else but I can vouch for NFS. I've hosted a static site with them for several years. It got moderate attention at one point, trending on social networks and being featured in print and online media. I put it behind Cloudflare with the most aggressive caching settings and have still not got through my initial $1 deposit from 2013. It's quite astonishing and I would never believe it if it hadn't happened to me.
|
# ¿ Jun 21, 2017 04:31 |
|
you sound right
|
# ¿ Jun 22, 2017 16:59 |
|
Axiem posted:I did discover that Fastmail apparently will also host the DNS records. The advantage of this is that they'll keep the SPF and DKIM records up to date for me You don't need to host your DNS with them to achieve this SPF has an include: directive which tells querying clients to look the records up elsewhere. On fastmail you would do something like v=spf1 include:spf.messagingengine.com ~all similarly DKIM records can be CNAMEd to somewhere else. On fastmail this means fm[1-3].axiem.com.dkim.fmhosted.com or whatever. It's in the docs
|
# ¿ Jun 23, 2017 03:10 |
|
Axiem posted:Hm. Has this changed since about 2 or 3 years ago? That's when I set up my SPF/DKIM things through my domain at Fastmail, and when I went to look a couple of days ago, it had a thing telling me that my DKIM is out of date, and to move from TXT records to CNAME records. yeah the new CNAME system is the one you want because it means they can change the DKIM keys if they want without your assistance I'm surprised they used to make everyone set the TXT records manually tbh, that's a bit of an oversight
|
# ¿ Jun 23, 2017 03:33 |
|
mod_rewrite won't do what you want. If you insist on not updating your shell scripts see if you can make a symlink from the old directory name to the new one instead
|
# ¿ Jun 23, 2017 03:34 |
|
That's only available when you let CF proxy requests to your site (orange cloud mode). They own the cert and terminate SSL for you, then proxy the request to your actual host (optionally over SSL - controlled by you this time) https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-
|
# ¿ Jul 2, 2017 04:52 |
|
Firaga posted:Hey guys, I'm trying to put together something for a friend. He is just looking for online storage that allows multiple users to make accounts and upload files. Kind of like a google drive or drop box but privately hosted. OVH object storage is probably the cheapest safe way to store that kind of amount of data ($0.0112/GB/mo so 2TB=$23/mo). You can then install ownCloud on a much smaller cheaper VPS and configure it to use the OVH cloud as external storage. OVH also now seem to offer a new product called Cloud Archive which is even cheaper. I'm not sure what the difference is so maybe check that out too.
|
# ¿ Sep 8, 2017 01:01 |
|
WORKSFORME
|
# ¿ Oct 14, 2017 01:03 |
|
Alpha Mayo posted:do I want XAMPP, Are we to assume from this that you are going to be writing your web app in PHP and using MySQL/MariaDB as a database?
|
# ¿ Jan 25, 2018 04:21 |
|
do you actually honestly need gigabit? if not digitalocean can do about 300mbps edit: actually ~530mbps for me Rufus Ping fucked around with this message at 06:22 on Feb 21, 2018 |
# ¿ Feb 21, 2018 06:16 |
|
Contabo do 10 cores + 1.2tb ssd + 50gb ram + unmetered gigabit for ~$34/mo (I can vouch for everything apart from the bandwidth - my servers with them are on 100mbit so I don't know how well their gigabit performs in reality)
|
# ¿ Feb 21, 2018 18:12 |
|
Perhaps VPSDime's premium (KVM) line, though I can't vouch for it personally OVH are supposed to be opening a west coast dc at some point too, which should be in the right price bracket
|
# ¿ Feb 21, 2018 19:33 |
|
fuf posted:Can anyone recommend a registrar that will handle .ae domains? Namcheap and gandi don't do it. here are your options https://www.tra.gov.ae/aeda/en/accredited-registrars.aspx so your best bet is probably instra or markmonitor
|
# ¿ Mar 12, 2018 18:29 |
|
Triglav posted:Does anyone have any experience with Vultr's $2.50/mo plan? https://www.vultr.com/pricing/ Yeah it's only available in certain locations and permanently "out of stock" in others, something I only learned after depositing money in my account
|
# ¿ May 27, 2018 11:27 |
|
Probably just go with cloudflare at this point, who are reputable, good at security, and sell at the same prices it costs them to buy
|
# ¿ Feb 1, 2019 23:38 |
|
if you're planning on using AWS anyway, you can register domains through AWS Route 53 prices here https://d32ze2gidvkk54.cloudfront.net/Amazon_Route_53_Domain_Registration_Pricing_20140731.pdf
|
# ¿ Feb 2, 2019 01:36 |
|
PHP isn't the problem (directly), it's the state of the plugin/theme ecosystem. My personal position, learned the difficult way, is don't go near hosting other people's code - pay someone else to do it instead. That said, the worst that's likely to happen is someone getting code exec inside the container as the same user that wordpress runs as. So consider how your docker setup would fare under those circumstances and weigh up your options accordingly. The most obvious point is make sure the docker control socket isn't accessible from inside the container or an attacker can break out trivially. And make sure the wordpress database user doesn't have access or privs it doesn't need. The linux kernel itself has a fairly poor track record of isolating containers correctly, although this can be mitigated somewhat using seccomp and reducing capabilities.
|
# ¿ Apr 16, 2019 18:29 |
|
I'd start with this list then narrow it down based on your other requirements https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs
|
# ¿ Jun 29, 2019 14:30 |
|
Grump posted:set up rDNS configurations so that different IPv6 addresses point to different websites on the same server You mean AAAA records not rDNS It's a bunch of additional work for no reason
|
# ¿ Nov 13, 2019 23:36 |
|
henpod posted:I don't know / understand if my website is still somehow connected to the hosting company that is offline, or if its gone completely, and I just have the domain now. I don't think this is a question this thread can answer, at least not without knowing who you host was/is henpod posted:How do I go about getting my website back online? If your old host are gone for good, find a new one, restore your backup, and point your domain's A records at the new host's IP
|
# ¿ Feb 13, 2020 17:57 |
|
Actuarial Fables posted:but would it be true that if another registrar negotiated a better deal with the tld holder (.xyz) that it would be cheaper to keep the domain not on cloudflare? Having said that, I don't think I've seen domains sold below the officially stated registry cost, other than in loss-leader promotions for new registrations only. I actually got a .com for free as a kid in the late 90s, presumably because of all the .com boom VC money washing around. I think they imagined they would recoup the cost on renewals, but actually went out of business lol Actuarial Fables posted:Not sure how much I should shop around or if I should just stick it on cloudflare and be done with it. Just stick with them
|
# ¿ Feb 16, 2020 01:25 |
|
Ramrod Hotshot posted:My boss wants me to find a way to track client downloads (who and when). We host client data on S3 (our servers are on AWS). There's no native way to do this, it seems S3 has "server access logging" which should do what you want
|
# ¿ Mar 10, 2020 00:06 |
|
Ramrod Hotshot posted:So I've got logging enabled, which produces a text file full of garbage. Is there a reallly basic how-to out there on how to interpret these things, using Cloudfront or something. I've been reading the manuals on AWS and it's not helping. It's just a daisy chain of tutorials, none of which are entirely clear they're going to do what I want them to, which is simply tell me the time and source of a file download. Each line in the log corresponds to a request, and the fields are separated by spaces (fields with spaces are enclosed in quotes). You should be able to open it in Excel or write a simple script to parse it. The fields include the remote IP (I assume this is what you mean by "source"?), the date and time, and the key (filename) (If you have CloudFront in front of S3 I'm not sure whether/how that affects the remote IP which gets reported)
|
# ¿ Mar 11, 2020 00:57 |
|
wargames posted:linode has nanodes he wants something "extremely basic", not a linux server to set up and run just another posted:I've only used one stop shops like Wix and WordPress before so this is all new to me. Can you not use these to set up a single page site? I believe wordpress.com allows you to attach PDFs to posts
|
# ¿ Apr 4, 2020 23:52 |
|
Incrediblastic posted:Also my domain is already blacklisted for email by one organization so if anyone could help out with this situation i'd much appreciate it. check blacklist status here https://www.spamhaus.org/lookup/ Incrediblastic posted:Also - I'm already being bruteforced (I assume that's what it's called when random IPs keep connecting with attempts to login to random usernames/passwords) , is there anything I could do to prevent that,like blocking IPs?the IPs are random so i'm assuming a botnet so that won't help probably.
|
# ¿ May 6, 2020 19:02 |
|
I suspect he meant login attempts to IMAP/SMTP not SSH Although you can actually do certificate auth with SASL too, if your clients support it
|
# ¿ May 6, 2020 20:02 |
|
No, separate html file in the same repository
|
# ¿ May 11, 2020 02:47 |
|
Avoid "unlimited" shared hosts because it's a race to the bottom. Instead consider object storage (backblaze b2, wasabi cloud, scaleway object storage) if possible. If you need real hosting with lots of disk, check out kimsufi's atom-based dedicated servers, scaleway dedibox, or contabo's vps line.
|
# ¿ Sep 20, 2020 06:23 |
|
It's called Strong Customer Authentication and was introduced as part of PSD2. It's like the verified by visa / MasterCard securecode interstitial but it can send you a one time pass
|
# ¿ Jan 8, 2021 18:21 |
|
CopperHound posted:if I just check 'Require SSL' I get an error.
|
# ¿ Jan 15, 2021 19:08 |
|
fletcher posted:
I wish it worked this way lol
|
# ¿ Feb 2, 2021 04:07 |
|
Can't say they didn't warn you
|
# ¿ Feb 9, 2021 06:08 |
|
It's pretty easy to get the $1000 free aws credit offer if you have a plausible looking one-page "startup" website with its own domain. Perhaps this could be your first project!
|
# ¿ Feb 15, 2021 20:55 |
|
Is there a reason the videos can't go on YouTube or Vimeo
|
# ¿ Mar 19, 2021 15:41 |
|
|
# ¿ Apr 23, 2024 07:48 |
|
That's a spec violation and isn't the solution
|
# ¿ Mar 26, 2021 03:37 |