This looks fantastic! Its so nice to finally have dark mode for my meetings, and the other features I've tried are working really well.
I use Google's Personal Blocklist extension (https://chrome.google.com/webstore/detail/personal-blocklist...) to block W3S from my search results, which usually results in the first result pointing to MDN.
I've been tweaking a post on building a solid LEMP stack, that I hope to publish soon that covers your last three points. While security through obscurity isn't a solution, it does help thwart a large portion of the…
I haven't enabled IPv6 on any of my servers yet, as I can say with 99.9% certainty that my visitors do not know what it is, let alone have it enabled. Additionally, this is intended as a quickstart or beginners guide,…
This isn't intended as a be-all-end-all guide to security, like the NSA aims for. Instead, view it as a quickstart guide for those first five minutes on a new server, or as a starting point for beginners that have no…
I do the same, and have found it works beautifully. You need my master password, SSH Key, and my SSH Key's password before you can log into my server. And if you somehow manage to get all of that, you need my account…
Both limit and spindritf's suggestion will mitigate the attack, but they won't notify you about it. In most circumstances, I'd prefer to skip on the thousands of notifications per day, however I sometimes like to know…
I prefer to be actively administrating my server, so that I know if something does go awry. If I'm asleep, it may be a few hours before I realize that an update broke something. On top of that, I clone my servers and…
Don't manually file them in that case. Install Fail2ban and automatically ban anyone with x failed attempts, and have it email fail2ban@blocklist.de. Their system will look up the correct abuse department, and forward…
They still have that option, but you're limited to an additional 12GB (at least on the 2GB plan). Costs $1/mo per GB that you add on.
If you're coming from an HTTPS page (which I think HN forces) to an HTTP page, the referer is not sent. It is only sent for HTTP->HTTP and HTTPS->HTTPS (even cross-domain, despite the info that leaks out)…
I feel like your return on investment is sorely lacking. A good app or post, and you can easily pull off the same results for free.
I'm not sure I'd even go that far. A set of commands showing how to lock down account permissions would work just as well, while allowing me to remain in control. That is a good point though, as Bastio would be able to…
I was thinking the same. Perhaps if the setup procedure included a limited-access account that could only run useradd/userdel, I'd consider trying it, but definitely not while root.
Bring your configs with you - http://dotfiles.github.io/ Vim should be able to do everything that GVim can do, if you add a few lines to your configs. I'm not sure what specifically though. I bring my entire development…
This looks fantastic! Its so nice to finally have dark mode for my meetings, and the other features I've tried are working really well.
I use Google's Personal Blocklist extension (https://chrome.google.com/webstore/detail/personal-blocklist...) to block W3S from my search results, which usually results in the first result pointing to MDN.
I've been tweaking a post on building a solid LEMP stack, that I hope to publish soon that covers your last three points. While security through obscurity isn't a solution, it does help thwart a large portion of the…
I haven't enabled IPv6 on any of my servers yet, as I can say with 99.9% certainty that my visitors do not know what it is, let alone have it enabled. Additionally, this is intended as a quickstart or beginners guide,…
This isn't intended as a be-all-end-all guide to security, like the NSA aims for. Instead, view it as a quickstart guide for those first five minutes on a new server, or as a starting point for beginners that have no…
I do the same, and have found it works beautifully. You need my master password, SSH Key, and my SSH Key's password before you can log into my server. And if you somehow manage to get all of that, you need my account…
Both limit and spindritf's suggestion will mitigate the attack, but they won't notify you about it. In most circumstances, I'd prefer to skip on the thousands of notifications per day, however I sometimes like to know…
I prefer to be actively administrating my server, so that I know if something does go awry. If I'm asleep, it may be a few hours before I realize that an update broke something. On top of that, I clone my servers and…
Don't manually file them in that case. Install Fail2ban and automatically ban anyone with x failed attempts, and have it email fail2ban@blocklist.de. Their system will look up the correct abuse department, and forward…
They still have that option, but you're limited to an additional 12GB (at least on the 2GB plan). Costs $1/mo per GB that you add on.
If you're coming from an HTTPS page (which I think HN forces) to an HTTP page, the referer is not sent. It is only sent for HTTP->HTTP and HTTPS->HTTPS (even cross-domain, despite the info that leaks out)…
I feel like your return on investment is sorely lacking. A good app or post, and you can easily pull off the same results for free.
I'm not sure I'd even go that far. A set of commands showing how to lock down account permissions would work just as well, while allowing me to remain in control. That is a good point though, as Bastio would be able to…
I was thinking the same. Perhaps if the setup procedure included a limited-access account that could only run useradd/userdel, I'd consider trying it, but definitely not while root.
Bring your configs with you - http://dotfiles.github.io/ Vim should be able to do everything that GVim can do, if you add a few lines to your configs. I'm not sure what specifically though. I bring my entire development…