Avatar

mfs

mfs

About

Username
mfs
Joined
Visits
993
Last Active
Roles
Member, OG
Thanked
245

Comments

  • (Quote) Assuming you have no shell access (no wp cli, no complete control over your hosting environment) and assuming you certainly have some spare idling boxes laying around (...) I'd at least recompress that behemoth to an appropriate size offerin…
  • And then there's me using IRC Jokes besides (it's not a joke but w/e) an XMPP-compatible IM is all it's required and there's no need to constantly reinvent a wheel. Getsession has been mentioned, there are a few other "secure & pseudonymou…
  • (Quote) From what I've read, it seems to me that there are no hints pointing in an ongoing "enshittification" of NGINX; rather, there's some bickering about how CVEs regarding HTTP/3 have been handled or should be handled. The 1.25.4 relea…
    in NGINX drama Comment by mfs February 19
  • We'll see how this unfolds, I've been living under a rock last week it seems and I missed the memo I'm curios to see if and when and why the codes will differ. I've just learned the term "enshittification" on a mailing list. Every day is s…
    in NGINX drama Comment by mfs February 18
  • (Quote) I'd suggest you to at least give dnsdist a try, it's a "highly DNS-, DoS- and abuse-aware loadbalancer" that can be put in front of authoritative and recursive resolvers (BIND is fine too); when used in front of an authoritative on…
  • (Quote) Generally speaking, "just for the sake of it", nope. It is certainly possible to self-host those nameservers and I can think of quite a few ✨enterprise grade✨ Italian providers who would definitely be outclassed by a couple of VPS…
  • Random order, actual usage in production: Hetzner Liteserver CDLAN/Prometeus Clouvider/InceptionHosting Netcup That doesn't mean I don't keep a worringly high amount of idlng boxes with other providers as well,
  • Did I need it? No Did I buy it? Sure, you can bet on that (Image) yes I have a problem
  • (Quote) The cheapest, most reliable and best performing in MIX-IT is Prometeus, anyway... no way you'll see all that for 1~2€/mo in Milan (and in MIX-IT, too) without someone willing to do NAT. Mikho should be in MIX-IT with Prometeus/Caldera21 if I…
  • I have often fantasised about accessing my servers 'on-the-go' using a smartphone, exploring a few solutions Eventually I prefer to open my Thinkpad-on-the-go and access, for quite a few reasons (mainly: I don't want tmux sessions lingering via a de…
  • (Quote) We have been advised from legal department to ditch GA completely. There has been no evaluation from the competent local authority about GA4. Sure, chances that you'll face any issue if you don't ditch GA are low. Google is obviously interes…
  • If it's supported, I may use it as long as it doesn't involve SMS. Aegis is my favourite 2FA app.
  • I've tried many naming schemes, I'm consistent only on this one: "ISO country code"-"name of a random Roman/Greek/Viking deity"-" generic purpose" example: DE-thor-mail, SG-vulcan-proxy, FR-minerva-server alias & RD…
  • (Quote) € 11.13+VAT/mo, accounting period 6 months (you have to pay for six months in advance), minimum contractual term 12 months
  • (Quote) Testing again a few months later # ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## ## Yet-Another-Bench-Script ## v2022-02-18 ## https://github.com/masonr/yet-another-bench…
  • Setting "UsePAM no" can have undesired effects at least on RH distros Also, you'd prefer to pick a privileged port (<1024)
  • non-standard yet privileged port to slim down the logs, then (as a general rule): LogLevel VERBOSE PermitRootLogin no PasswordAuthentication no KbdInteractiveAuthentication no TCPKeepAlive no Compression no a single IP may or may not be allowed in t…
  • (Quote) True, but there are some corner cases to be covered; sometimes a client can't perform a full install from scratch on really-low-end boxes with a limited amount of available RAM, at least with the usual netinstall ... and sometimes a client c…
  • Ooops, I misread the OP, so I gave an off topic reply. Chances are that there's some resistance over redhat's latest defaults.
  • I'd dare to say that the safest bet could be to use an European provider capable to give you a DPA; bunnycdn does that, many EU and non-EU (yet established in the EU) providers offer some data processing addendum if you request it (e.g. Hetzner). No…
  • As a rule of thumb, if a provider doesn't support IPv6 (they still exist here and there, and especially here) I simply skip them. Having a /64 per server is overly convenient. I've skipped a regional, cheap provider for this sole reason. Being able…