René Mayrhofer :verified: 🇺🇦 🇹🇼<p>I declare partial success with much more aggressive connection, request, and transfer rate throttling in the embedded <a href="https://infosec.exchange/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> instance that serves my static page (plus the dynamic link maze that caught the stupid "AI" scraper bots...) behind <a href="https://infosec.exchange/tags/traefik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>traefik</span></a> (causing the TLS termination part to be overloaded and blocking authenticated users from legitimate access).</p><p><a href="https://www.mayrhofer.eu.org/post/defenses-against-abusive-ai-scrapers/nginx-default.conf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mayrhofer.eu.org/post/defenses</span><span class="invisible">-against-abusive-ai-scrapers/nginx-default.conf</span></a> is the current rate limiting config, <a href="https://www.mayrhofer.eu.org/post/defenses-against-abusive-ai-scrapers" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mayrhofer.eu.org/post/defenses</span><span class="invisible">-against-abusive-ai-scrapers</span></a> has the explanations.</p><p>Something like <a href="https://blog.lrvt.de/configuring-crowdsec-with-traefik/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.lrvt.de/configuring-crowd</span><span class="invisible">sec-with-traefik/</span></a> will probably have to be the next level of escalation to deal with the issue on a global level.</p>
Recent searches
No recent searches
Search options
Only available when logged in.
mamot.fr is one of the many independent Mastodon servers you can use to participate in the fediverse.
Mamot.fr est un serveur Mastodon francophone, géré par La Quadrature du Net.
Administered by:
Server stats:
3.2Kactive users
mamot.fr: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#nginx
15 posts · 14 participants · 3 posts today
Felix Palmen :freebsd: :c64:<p>Just released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>swad</span></a> v0.3!</p><p><a href="https://github.com/Zirias/swad/releases/tag/v0.3" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Zirias/swad/release</span><span class="invisible">s/tag/v0.3</span></a></p><p>swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add <a href="https://mastodon.bsd.cafe/tags/cookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookie</span></a> + login <a href="https://mastodon.bsd.cafe/tags/form" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>form</span></a> <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> to whatever your <a href="https://mastodon.bsd.cafe/tags/reverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>reverse</span></a> <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxy</span></a> offers. It's written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>C</span></a>, portable across <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>POSIX</span></a> platforms. It's designed with <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a>' 'auth_request' in mind, example configurations are included.</p><p>This release brings a file-based credential checker in addition to the already existing one using <a href="https://mastodon.bsd.cafe/tags/PAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PAM</span></a>. Also lots of improvements, see details in the release notes.</p><p>I finally added complete build instructions to the README.md:</p><p><a href="https://github.com/Zirias/swad" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Zirias/swad</span><span class="invisible"></span></a></p><p>And there's more documentation available: manpages as well as a fully commented example configuration file.</p>
nigelFinally have my Prosody server all compliant!<br><br>I had an epiphany last night about something in the nginx config and after sorting that, all the optional XEP listed also pass!<br><br>Now to convince wife and kids to use it for our group chat... they <i>really</i> don't want to install any more apps, because I'm "being difficult" because they already use whatsapp 😑<br><br>The main reason I'm impressed with it over matrix, is reliable notifications. It just works. So far, anyway.<br><br>Thank you to the people that replied to my post last week suggesting I try xmpp after the matrix server we used shut down. I had written it off as an old platform for nerds, but it's... actually really good ❤️<br><br><a href="https://snac.lowkey.party?t=prosody" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#prosody</a> <a href="https://snac.lowkey.party?t=xmpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#xmpp</a> <a href="https://snac.lowkey.party?t=chat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#chat</a> <a href="https://snac.lowkey.party?t=nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nginx</a> <a href="https://snac.lowkey.party?t=matrix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#matrix</a><br>
Wulfy<p><span class="h-card" translate="no"><a href="https://p.antsu.net/@antsu" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>antsu</span></a></span> </p><p>I usually run all the containers on one network in Dev.<br>Then when I go into production, I set up specific networks for containers that need to see each other.</p><p>The other part "How does your reverse proxy access your services?" May betray my naivete working with <a href="https://infosec.exchange/tags/NginX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NginX</span></a> and <a href="https://infosec.exchange/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a>.</p><p>I am using SteveLTN reverse proxy implementation, mainly because it was the first one I found that does static sites and Letsencrypt certs reliably.</p><p>Although I am in the process of moving to "NginX Proxy Manager", but it's different from SteveLTN because it's comfigured with a graphic interface.<br>Also it appears to allow straight ASCII config NginX settings in the advanced tab. Where I never succeeded that with SteveLTN.</p>
kgoetz<p>I want to look up the <a href="https://aus.social/tags/CIDR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CIDR</span></a> associated with <a href="https://aus.social/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>network</span></a> <a href="https://aus.social/tags/IPs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPs</span></a> which appear in my <a href="https://aus.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> logs (for the purpose of limiting ranges).</p><p>So many tools have this sort of thing built in that I assume there is a "best" <a href="https://aus.social/tags/API" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>API</span></a> or method for doing those lookups - but blowed if I can figure out where to go.</p><p>Does anyone have a suggestion?<br><a href="https://aus.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://aus.social/tags/bots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bots</span></a></p><p>Edit: forgot to say, I'm running on <a href="https://aus.social/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> so if there is a db in some package I can install that.</p>
Neustradamus :xmpp: :linux:<p><a href="https://mastodon.social/tags/Freenginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Freenginx</span></a> 1.27.6 has been released (<a href="https://mastodon.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> / <a href="https://mastodon.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> / <a href="https://mastodon.social/tags/http2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http2</span></a> / <a href="https://mastodon.social/tags/http3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http3</span></a> / <a href="https://mastodon.social/tags/httpd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpd</span></a> / <a href="https://mastodon.social/tags/Web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Web</span></a> / <a href="https://mastodon.social/tags/Webserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Webserver</span></a> / <a href="https://mastodon.social/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS</span></a> / <a href="https://mastodon.social/tags/TLS13" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS13</span></a>) <a href="https://freenginx.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">freenginx.org/</span><span class="invisible"></span></a></p>
Neustradamus :xmpp: :linux:<p><a href="https://mastodon.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> 1.27.5 (dev) has been released (<a href="https://mastodon.social/tags/http" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http</span></a> / <a href="https://mastodon.social/tags/http2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http2</span></a> / <a href="https://mastodon.social/tags/http3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>http3</span></a> / <a href="https://mastodon.social/tags/httpd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpd</span></a> / <a href="https://mastodon.social/tags/Web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Web</span></a> / <a href="https://mastodon.social/tags/Webserver" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Webserver</span></a> / <a href="https://mastodon.social/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS</span></a> / <a href="https://mastodon.social/tags/TLS13" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS13</span></a>) <a href="https://nginx.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">nginx.org/</span><span class="invisible"></span></a></p>
Sandro :nixos: :verified_gay:<p>The nginx parser is the worst part about nginx...</p><p>> [emerg] "map_hash_bucket_size" directive is duplicate in /etc/nginx/nginx.conf:62</p><p>In real world this means that before map_hash_bucket_size there was a map...</p><p><a href="https://c3d2.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a></p>
Jessie (they/she) 🍓 🏳️⚧️ 🍉<p>GRRRR!!!</p><p>I just spent the last hour of my life chasing round in circles just because <a href="https://mstdn.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> wouldnt serve up my css file for some reason. I forced the mime types in the nginx config and everything...</p><p>Weirdly, Chrome was fine but firefox wasnt when loading this?</p><p>Anyway, turns out the reason why is because nginx has this *14 year old* bug that means it falls apart whenever there's a dash in a file name. Wtf?! How has no one looked at that yet 😫</p>
6ff334e<p>Web sockets don’t like me. I have set up <a href="https://roko.basilisk.technology/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> on one machine (Podman) and <a href="https://roko.basilisk.technology/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> on another machine (also running as a container). Everything works fine in a browser but all mobile Mastodon clients (apps, iOS) refuse to play media. I don’t see anything suspicious in the logs, it just doesn’t work and I have no idea what’s the cause.</p>
Jan ☕🎼🎹☁️🏋️♂️<p>Ive built a setup for hosting websites which consists of:<br>* Host running <a href="https://fedi.kcore.org/tags/microos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>microos</span></a> with <a href="https://fedi.kcore.org/tags/podman" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>podman</span></a><br>* <a href="https://fedi.kcore.org/tags/Treafik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Treafik</span></a> and <a href="https://fedi.kcore.org/tags/sshpiper" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sshpiper</span></a> at the edge<br>* <a href="https://fedi.kcore.org/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a>, php-fpm, <a href="https://fedi.kcore.org/tags/mariadb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mariadb</span></a> + phpmyadmin + nginx or <a href="https://fedi.kcore.org/tags/postgres" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>postgres</span></a> + dbadmin, openssh for each site</p><p>It actually works quite well, openssh keybased access is to transfer files into the containers, traefik does the reverse proxying.</p><p>I'm just wondering if its a sustainable and maintainable setup. Sometimes just going with a "standard" solution seems so much easier.</p>
CrowdSec<p>🇮🇹 Hey Italian speaking <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> friends 👋 </p><p>Our Ambassador <span class="h-card" translate="no"><a href="https://mastodon.uno/@inmarvinwetrust" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>inmarvinwetrust</span></a></span> dives into deploying a Web Application Firewall in a containerized environment using Docker, Docker Compose, <a href="https://infosec.exchange/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> Proxy Manager, and CrowdSec <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AppSec</span></a>. </p><p>Learn how to install, configure, and optimize your setup for scalable and efficient security: <a href="https://blog.marvinpascale.it/posts/2025/waf-docker/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.marvinpascale.it/posts/20</span><span class="invisible">25/waf-docker/</span></a></p><p><a href="https://infosec.exchange/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> <a href="https://infosec.exchange/tags/WAF" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WAF</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Habr 25+<p>Проксирование из коробки: сравнительный анализ HAProxy, Envoy, Nginx, Caddy и Traefik</p><p>Всем привет, меня зовут Стас, я техлид в Mish Product Lab. Тема возникла не просто так: внутри команды у нас было немало споров и дискуссий о том, какой инструмент для проксирования и терминации SSL лучше использовать в различных ситуациях. Изначально все наши гипотезы были основаны больше на личных предпочтениях, чем на реальных данных. Мы долго спорили, надеясь, что истина будет где-то рядом с нашими любимыми решениями. Но в итоге пришли к выводу, что единственный способ получить действительно объективный ответ — это протестировать и сравнить различные варианты на практике. Именно так родилась идея провести сравнительный анализ производительности HAProxy, Envoy, Nginx, Caddy и Traefik с поддержкой SSL/TLS. Мы хотели понять, какой из инструментов «из коробки» предоставляет наилучшую производительность и минимальные накладные расходы, особенно при обработке SSL-трафика, который, как известно, требует дополнительных ресурсов из-за шифрования и дешифрования.</p><p><a href="https://habr.com/ru/articles/900438/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">habr.com/ru/articles/900438/</span><span class="invisible"></span></a></p><p><a href="https://zhub.link/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> <a href="https://zhub.link/tags/envoy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>envoy</span></a> <a href="https://zhub.link/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> <a href="https://zhub.link/tags/caddy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>caddy</span></a> <a href="https://zhub.link/tags/traefik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>traefik</span></a> <a href="https://zhub.link/tags/k6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>k6</span></a> <a href="https://zhub.link/tags/go" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>go</span></a> <a href="https://zhub.link/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>golang</span></a></p>
jexner<p>When you self-host immich behind an nginx reverse proxy, be aware that the nginx default configuration blocks uploads of big files!</p><p>I fell into that trap!</p><p><a href="https://discussion.scottibyte.com/t/immich-how-to-bust-the-upload-limits/475" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">discussion.scottibyte.com/t/im</span><span class="invisible">mich-how-to-bust-the-upload-limits/475</span></a></p><p><a href="https://tooting.ch/tags/immich" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>immich</span></a> <a href="https://tooting.ch/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a></p>
Artanux - Simon Lefort<p>Mon serveur <a href="https://framapiaf.org/tags/yunohost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>yunohost</span></a> est à nouveau opérationnel.</p><p>Cependant, j'ai l'impression de ne pas avoir trouvé la racine du problème. J'ai pu déterminer que Nginx était en cause (il est devenu lent à démarrer alors il timeout et ça a causé les problèmes de mises à jours des applications).</p><p>J'ai résolu en augmentant le temps avant qu'il timeout. Mais ça me semble un contournement du problème...</p><p>Il y a des spécialistes en <a href="https://framapiaf.org/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> dans le coin ? J'ai décris le problème là : <a href="https://forum.yunohost.org/t/applications-qui-se-desinstallent-parce-que-la-mise-a-jour-bloque-nginx-qui-ne-demarre-plus/36447/27" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forum.yunohost.org/t/applicati</span><span class="invisible">ons-qui-se-desinstallent-parce-que-la-mise-a-jour-bloque-nginx-qui-ne-demarre-plus/36447/27</span></a></p>
Me 🐶<p><span class="h-card" translate="no"><a href="https://techhub.social/@negative12dollarbill" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>negative12dollarbill</span></a></span> <a href="https://techhub.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> keeps popping up in my findings, i may start with it</p>
Blabla Linux<p><a href="https://mastodon.blablalinux.be/tags/GoAccess" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GoAccess</span></a> pour les journaux <a href="https://mastodon.blablalinux.be/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> <a href="https://mastodon.blablalinux.be/tags/Proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Proxy</span></a> Manager passe en version 1.1.35 😎<br>👉 <a href="https://github.com/xavier-hernandez/goaccess-for-nginxproxymanager" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/xavier-hernandez/go</span><span class="invisible">access-for-nginxproxymanager</span></a></p>
Felix Palmen :freebsd: :c64:<p>Just released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>swad</span></a> v0.2</p><p>SWAD is the "Simple Web Authentication Daemon", meant to add <a href="https://mastodon.bsd.cafe/tags/cookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookie</span></a> <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> with a simple <a href="https://mastodon.bsd.cafe/tags/login" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>login</span></a> form and configurable credential checker modules to a reverse <a href="https://mastodon.bsd.cafe/tags/proxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>proxy</span></a> supporting to delegate authentication to a backend service, like e.g. <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a>' "auth_request". It's a very small piece of software written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>C</span></a> with as little external dependencies as possible. It requires some <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>POSIX</span></a> (or "almost POSIX", like <a href="https://mastodon.bsd.cafe/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a>, <a href="https://mastodon.bsd.cafe/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeBSD</span></a>, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.</p><p>Currently, the only credential checker module available offers <a href="https://mastodon.bsd.cafe/tags/PAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PAM</span></a> authentication, more modules will come in later releases.</p><p>swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:</p><p><a href="https://github.com/Zirias/swad/releases/tag/v0.2" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Zirias/swad/release</span><span class="invisible">s/tag/v0.2</span></a></p>
Heals :heart_nb:<p>I recently started to replace <a href="https://indiepocalypse.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> with <span class="h-card" translate="no"><a href="https://infosec.exchange/@caddy" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>caddy</span></a></span> and it's as satisfying as it is scary to replace a complex config that spans five included files and a total of about 400 lines with a single Caddyfile of around 80 lines. </p><p>And on top of that <a href="https://indiepocalypse.social/tags/Caddy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Caddy</span></a> also made certbot redundant as it takes care of fetching and renewing the tls certs from <a href="https://indiepocalypse.social/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LetsEncrypt</span></a> and keeps a <a href="https://indiepocalypse.social/tags/ZeroSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ZeroSSL</span></a> backup for all of my domains. </p><p>I think I'm in love..</p>
Felix Palmen :freebsd: :c64:<p>Released: <a href="https://mastodon.bsd.cafe/tags/swad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>swad</span></a> v0.1 🥳 </p><p>Looking for a simple way to add <a href="https://mastodon.bsd.cafe/tags/authentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>authentication</span></a> to your <a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> reverse proxy? Then swad *could* be for you!</p><p>swad is the "Simple Web Authentication Daemon", written in pure <a href="https://mastodon.bsd.cafe/tags/C" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>C</span></a> (+ <a href="https://mastodon.bsd.cafe/tags/POSIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>POSIX</span></a>) with almost no external dependencies. <a href="https://mastodon.bsd.cafe/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS</span></a> support requires <a href="https://mastodon.bsd.cafe/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSL</span></a> (or <a href="https://mastodon.bsd.cafe/tags/LibreSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LibreSSL</span></a>). It's designed to work with nginx' "auth_request" module and offers authentication using a <a href="https://mastodon.bsd.cafe/tags/cookie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cookie</span></a> and a login form.</p><p>Well, this is a first release and you can tell by the version number it isn't "complete" yet. Most notably, only one single credentials checker is implemented: <a href="https://mastodon.bsd.cafe/tags/PAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PAM</span></a>. But as pam already allows pretty flexible configuration, I already consider this pretty useful 🙈</p><p>If you want to know more, read here:<br><a href="https://github.com/Zirias/swad" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/Zirias/swad</span><span class="invisible"></span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload