apigban

Fiber. Yum.

Hello! I'm a hobbyist in this space (scripting/coding), does anyone here have a:

• gold standard of what commit messages should look like?
• common practice/etiquette for commit message?

I never had a team or guide or mentor and when I saw this i felt that my commits are like smoke signals describing that there's a fire. which isnt really helpful.

I tried to contribute to a python module that I use daily, my PR was so over engineered (iirc i added just 3 lines, but with tests, screenshots, CI/CD) i think to compensate for my lack of experience that I got called out ("wow this is pretty extreme just for that feature").

Depends on what kind of service the malicious requests are hitting.

Fail2ban can be used for a wide range of services.

I don't have a public facing service (except for a honeypot), but I've used fail2ban before on public ssh/webauth/openvpn endpoint.

For a blog, you might be well served by a WAF, I've used modsec before, not sure if there's anything that's newer.

I'd make my own nas.

I agree with this, what I suggested is not a best practice, I should preface my post with that.

And I feel your pain! I get calls that are extremes, like people putting too much security where the ticket is "P1 everything is down, fly every engineer here" for an nACL/SG they created.

The other extreme is that deliberate exposure of services to the public internet (other service providers send us an email and ask us to do something about it, but not our monkeys, shared responsibility, etc).

Edit: **this will make your oci instance less secure **and will break integrations with other oci services. Do not use this in production, but ONLY for testing if the host fw rules affect your app.

I'm currently using oraclecloud for my bots. I work in the space (cloud/systems engg) and the first thing that got me was that the oracle ubuntu instances have custom iptables in place for security.

I'm not sure if it still has, but last i checked a year ago I had to flush iptables before I was able to use other ports. I didint really want to deal with another layer of security to manage as I was just using the arm servers for my hobby.

It might be something worth checking, it isn't specific to lemmy though.

I found it unintuitive because other major cloud providers do not have any host firewall/security in place (making it easier to manage security using SG/NACL, through the console).

That's the setup when I started.

I picked up an x230 with a broken screen and used it as a hypervisor (proxmox 5.4).

I used whatever resources available to me at the time and learned weird networking (passing through nics for a router on a stick configuration).

I used that x230 until the mobo gave up.

This is what I'm doing since the elsagate scandal, and a recent one where there was an ad of an obese dude jacking off (I'm in the middle east, this happened about 6 months ago).

I just automate the downloads of new youtube videos and let use jellyfin to watch it.

I don’t use youtube much, but I had to selfhost because the youtube kids app is fucking nasty. I have my pihole block youtube domains for my kid's device (firewall does captive dns/redirection of all dns requests to pihole).

My child likes dr binocs and brave wilderness.

I started with jerboa, then I'm now trying out connect.

I've customized both to feel likewhat I have with RiF (just text, no cards, amoled black).

I think I'll stay for a while with connect for a while.