Items tagged with: nginx

Search

Items tagged with: nginx


Today has been a busy day. In addition to regular work, I helped a friend determine the cause of #nginx crashing on their #HardenedBSD 15-CURRENT server.

Turns out, #brotli is buggy.


A couple weeks ago, I added some stuff to my #Nginx config to multiplex SSH and TLS on port 443. Turns out, this FUBARs the downstream TLS logging pretty badly.

Anybody have a working config for this use case? #lazyWeb


Finally have my Prosody server all compliant!

I had an epiphany last night about something in the nginx config and after sorting that, all the optional XEP listed also pass!

Now to convince wife and kids to use it for our group chat... they really don't want to install any more apps, because I'm "being difficult" because they already use whatsapp 😑

The main reason I'm impressed with it over matrix, is reliable notifications. It just works. So far, anyway.

Thank you to the people that replied to my post last week suggesting I try xmpp after the matrix server we used shut down. I had written it off as an old platform for nerds, but it's... actually really good ❤️

#prosody #xmpp #chat #nginx #matrix


Wow. For a few months, I was wondering why I suddenly have bandwidth issues when activating my camera in MS Teams meetings, so others can't understand me any more.

A look into my #nginx logs seems to clarify. Bots are eagerly fetching my (partially pretty large) #poudriere build logs. 🧐 (#AI "watching shit scroll by"?)

I see GPTBot at least occassionally requests robots.txt, which I don't have so far. Other bots don't seem to be interested. Especially PetalBot is hammering my server. And there are others (bytedance, google, ...)

Now what? Robots.txt would actually *help* well-behaved bots here (I assume build logs aren't valuable for anything). The most pragmatic thing here would be to add some http basic auth in the reverse proxy for all poudriere stuff. It's currently only public because there's no reason to keep it private....

Have to admit I feel inclined to try one of the tarpitting/poisoning approaches, too. 😏



We just created a #HOWTO for how to set up dev/test servers using our #TLS #EncryptedClientHello #ECH enabled forks of #OpenSSL #nginx and #curl running on #Debian. It should be very quick to get started using a new domain: guardianproject.info/2023/11/1…