Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "domains"
My last internship (it was awesome). A programmer developed a vacation/free day request application for internal use.
Asked if I could test it for security.
The dev working on it thought that was a very good idea as he wasn't much into security and explained how the authentication process worked.
I immediately noticed a flaw just from his explanation. He said it was secure anyways (with an explanation but his way of thinking was wrong in this case). Asked if I was allowed to show him. He said he was intrigued by this so gave me a yes right away.
For the record, user levels were normal user, general admin and super admin (he was the only super admin).
Wrote a quick thingy server side (one of my own servers/domains) for testing purposes.
Then I started.
Went from normal user to super admin (his account) through a combination of XSS and Session Hijacking within 15 seconds.
Explained him where he went wrong and he wrote a patch under my guidance 😃.
That felt so fucking awesome.5
2010: PHP, CSS, Vanilla JS, and a LAMP Server.
Ah, the simple life.
2016: Node.js, React, Vue, Angular, AngularJS, Polymer, Sass, Less, Gulp, Bower, Grunt.
I can't handle this, I'm shifting domains to Machine Learning.
2017: Numpy, Scipy, TensorFlow, Theano, Keras, Torch, CNNs, RNNs, GANs and LOTS AND LOTS OF MATH!
Okay, okay. Calm down there fella.
Started talking about Pi-Hole (still trying to install this fucker by the way) today with a collegue.
He had it installed and showed me around a little.
CW: Alright give me an example then I'll show you wildcard blocking.
Me: google.com 😅
CW: *enters and saves it. then tries to load anything related to google.com*
*no google.com domains load, all give a blocked error*
Me: Works great!
Me: Uhm so you aren't like surprised that I went with google.com as example and that I'd genuinely would block it?!
CW: No, why would I be?
Me: Well, most people consider me paranoid/crazy the second they find out I don't want to use google/google's services.
CW: well that's fucking retarded. why would anyone redicule you for not using something you don't want to use. You'll have your reasons.
Me: So if I'd say i do it for privacy reasons, you wouldn't find that redicilous?
CW: No, why would I? Not using google (and for that matter facebook etc) for privacy reasons is very logical really.
FUCKING. THANK. YOU.23
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜
Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.
First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.
Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.
Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.
Dealing with attacks and getting hacked.
Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.
linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)
How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!
One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)
Dealing with different kinds of attacks:
Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.
So yah, hereby :P38
Front-end dev: email domains other than Gmail and Hotmail exist?!1! 😱 And email regex, what the hell is that? 😵31
First rant from a phone without Google services.
Put shitloads of Google/fb etc domains in the hosts file so my phone cant reach those either.
Root firewall blocks everything except for devrant, a download manager, fdroid and firefox focus.
As for my phone, I'm Google free!56
We're currently experiencing major issues with the devrant.io domain due to another outage/problem with .io domains themselves. More info here: https://news.ycombinator.com/item/...
The issue is also being reported on twitter.
If you receive a host not found, connection error, etc. connecting to devRant, this is why. We'll keep you updated and in the future we will probably be switching away from .io at least for our API.
Thanks for the patience.22
For some fucking reason I hate it when people put 'www.' in front of any domain.
It takes longer to type the fucking thing out! And with short domains like the Dutch site nu.nl... www.nu.nl. fucking REALLY?!
Fuck the www subdomain, because that's all what that cocksucker is, a fucking subdomain.58
Just a personal thing (and no clue why) but I can't fucking stand it when people say www. in front of their domains.
Working as a Linux + support engineer, I get quite some calls where people have to give me the domain they're calling about.
"what's the domain if I may ask?"
"oh that's www.theirdomain.com!"
OH FOR FUCKS SAKE JUST SAY THE DOMAIN, WWW. IS *NOT* PART OF IT, IT'S JUST A FUCKING SUBDOMAIN 😤18
Thanks for @PonySlaystation for coming up with this idea!
Wrote my first ever Firefox extension. It loads a json list from a server containing domains which, according to the snowden leaks of 2013, are integrated within a US powered mass surveillance network.
If it finds any urls on the page being loaded, it puts a fullscreen red background with a warning text and the links which match the surveillance criteria.
There's no way to continue to the web page yet, will try to add that later on.31
I don't use Google/Facebook for privacy reasons (and their sub-services etc). Haven't used them for ages but noticed that google still loads a lot of domains like analytics etc. This goes for facebook as well.
I now blocked a lot of google/facebook domains through my hosts file.
It's funny to see the amount of DNS requests to those fb/google connected domains nearly go to zero and also the fact that I literally can't load google/facebook anymore!132
Stop buying domains that you don't use you fucking idiots. Can't find any domain for my new project. But none of them are being used. Fucking retards.16
I get an email from a customer who want to end the contract. I inform him that the contract runs to the end of March and it will be terminated the last of march.
Customer agrees and I do not hear a word from him. Until now when I closed down all his services.
Why did you close the server and email? are you **** stupid!?
21/9 2016, you wanted to terminate all services you had with us. That means that your domains, DNS-services, VPS, email and Office 365 was going to be closed today.
Why is this not uncommon?!5
So just recently my school blocked the following for unknown reasons websites
The hacker news
The Debian package repositories yea all of em
And all domains that end in .io
Now some of you out there are probably just saying "well just use a vpn" the answer to that is I can't the only device I have a locked down school iPad can't install apps cannot delete apps cannot change vpn or proxy setting's I cannot use Safari private tab they have google safe search restricted to "on" they even have "safari restricted mode which lets safari choose what it wants to block" and even when I'm on my home wifi it's s still blocked as they use Cisco security connector THIS IS HELL
Also this is my first post :)29
Holy fuck, this is starting to work!
Problem: I am highly anti google/facebook/few others and I'd rather null route those DNS requests.
The problem is that the pihole only can blacklist domains or wildcard domains but not words. So if Google would come up with a new name for some of their domains, I'd be fucked because I can't filter out the word Google through the pihole.
Today I fucking found the solution (still a work in progress but a PoC is nearly working):
Compiled a program which can monitor DNS queries/requests and logs them to a file.
Have a php (yes I write most of my cli tools in php) script tailing the log file and gathering the requested domains from it.
Then I can see if the domain contains the substring which I don't like (google as word for example) and echo it to the end of my hosts file with 0.0.0.0 in front of it if that's the case.
Holy fuck this seems to be working! 😍25
Wierd Domains Game
Like: pornhub + StackOverflow
Add your entry in comment.
Winner will be get 1 domain + 1 year hosting47
--- Save some time with Google's .new-Domains ---
A few days ago, Google announced their new '.new' domains.
By using them you can save plenty of time when creating new Docs, Sheets, Slides, Sites or Forms.
So instead of going to Google Drive and creating the document there, users can just input the corresponding URL into the browser!
Here are a few examples:
> 'doc.new' or 'docs.new' or 'documents.new' to create a new Google Docs document (https://doc.new/)
> 'sheet.new' or 'sheets.new' or 'spreadsheet.new' to create a new Google Spreadsheets document (https://sheet.new/)
> 'site.new' or 'sites.new' or 'website.new' to create a new Google Sites website (https://site.new/)
> 'slide.new' or 'slides.new' or 'deck.new' or 'presentation.new' to create a new Google Slides document (https://slide.new/)
> 'form.new' or 'forms.new' to create a new Google Forms form (https://form.new/)
This is also useful for creating special bookmarks in the browser!34
Have been working on a frontend with actual stats for the DNS server I'm building. This is the result so far (real stats, red blocked domains are marked by me (in redis) as surveillance domains), thoughts?menu18
Was thinking of a name for my currently biggest project and thought of a funny one, took the first letter of each word and started to use that to refer to the project, was thinking about domain names and such already etc.
Just wrote it down and I suddenly noticed:
ONE OF THE LETTERS IN THE SHORTCUT ISN'T CORRECT.
How the fuck did I miss that for fucking weeks?! It's not like it's a difficult sentence/set of words or anything.
I'm so fucking glad I didn't register domains or shit yet.
How. In. The. Living. Hell.12
I was offered to work for a startup in August last year. It required building an online platform with video calling capabilities.
I told them it would be on learn and implement basis as I didn't know a lot of the web tech. Learnt all of it and kept implementing side by side.
I was promised a share in the company at formation, but wasn't given the same at the time of formation because of some issues in documents.
Yes, I did delay at times on the delivery date of features on the product. It was my first web app, with no prior experience. I did the entire stack myself from handling servers, domains to the entire front end. All of it was done alone by me.
Later, I also did install a proxy server to expand the platform to a forum on a new server.
And yesterday after a month of no communication from their side, I was told they are scraping the old site for a new one. As I had all the credentials of the servers except the domain registration control, they transferred the domain to a new registrar and pointed it to a new server. I have a last meeting with them. I have decided to never work with them and I know they aren't going to provide me my share as promised.
I'm still in the 3rd year of my college here in India. I flunked two subjects last semester, for the first time in my life. And for 8 months of work, this is the end result of it by being scammed. I love fitness, but my love for this is more and so I did leave all fitness activities for the time. All that work day and night got me nothing of what I expected.
Though, they don't have any of my code or credentials to the server or their user base, they got the new website up very fast.
I had no contract with them. Just did work on the basis of trust. A lesson learnt for sure.
Although, I did learn to create websites completely all alone and I can do that for anyone. I'm happy that I have those skills now.
Since, they are still in the start up phase and they don't have a lot of clients, I'm planning to partner with a trusted person and release my code with a different design and branding. The same idea basically. How does that sound to you guys?
I learned that:
. No matter what happens, never ignore your health for anybody or any reason.
. Never trust in business without a solid security.
. Web is fun.
. Self-learning is the best form of learning.
. Take business as business, don't let anyone cheat you.20
How people see me:
Father: computer nerd (he's a coder too)
Mother: website maker and computer nerd
Brother#1: some computer wizard
Brother#2: noob web coder (he codes as well, but systems programming) - thanks bro!
Colleagues: The ALIEN™
Girlfriend: 404 not found
Friends: The NERD™
Dog: some hooman spending lots of time behind those lighty rectangles
Fyi, I am passionate about computers in all domains and always helped debugging people
My solution to not being overwhelmed with futile demands? Talking to them in complicated words, so they will only ask questions about true problems and not garbage :D3
Started working on a pihole alternative a while ago.
I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).
Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.
A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.
For those who are wondering why I chose PHP for this: why the fuck not?
Happy happy happy.18
Namecheap: *cricket noises for over a year*
Today: "hEy ThErE cOnDoR, yOuR dOmAiN WiL eXPirE iN 24 hOuRs!1! rEnEw NoW, yOU rEadY?"
Me: "No you motherfucking bastards, a bank transfer takes 3 days at least. Oh wait you don't even accept bank transfer, how convenient!"
And what if I didn't see that email right after your fucking craptacular automated notification system sent it to me, hmm? Don't you Namecheap of all companies know how fucking *vile* domain squatting on the .com is?!!
MOTHERFUCKING CUNTS!!! Jeopardize my domains like that *one more fucking time*, and guess who will be taking his assets to the sexist bastards that I tried avoiding for so long, GoDaddy! FUCKERS!!!23
Randomly thought of that one 😆
Buying domains is fun 😊14
A few weeks ago a client called me. His application contains a lot of data, including email addresses (local part and domain stored separately in SQL database). The application can filter data based on the domain part of the addresses. He ask me why sub.example.com is not included when he asked the application for example.com. I said: No problem, I can add this feature to the application, but the process will take a longer.
Client: No problem, please add this ASAP.
So, the next day I changed some of the SQL queries to lookup using the LIKE operator.
After a week the client called again: The process is really slow, how can this be?
Me: Well, you asked me to filter the subdomains as well. Before, the application could easily find all the domains (SQL index), but now it has to compare all the domains to check if it ends with the domain you are looking for.
Client: Okay, but why is it a lot slower than before?
Me: Do you have a dictionary in your office?
<Client search for a dictionary, came back with one>
Me: give me the definition of the word "time"
<Client gives definition of time>
Me: Give me the definition of all words ending with "time"
Client: But, ...
Never heard from him again on this issues :-P5
Since GoDaddy was calling me frequently to buy domains I've added to my cart, I added another domain
draw.io is moving to diagrams.net, because .io domains are not secure.
Me: Gets idea, buys a domain name
Me after 2 months: Looks at expenses, questions impromptu spending habits on domains5
My god, it's so easy and simple to spin up a server for a few minutes without being stuck with a contract of a year. Also, being able to manage all my domains there is a blessing :D4
So I used to do some freelancing in web development last year, nothing too fancy just some simple PHP websites. Comes the worst meeting in my life. So I am from India and we have a lot of long lasting business here being passed on over generations. TL;DR the guy was the owner of a very old business which was actually very huge and the guy was educated too, so I assumed that he'll be sensible as compared to other people.
The meeting was in an expensive cafe and he paid for it, he even told me upfront that meeting is on him. Great, right? So we sit down, order some coffee and then start discussing what he needed.
The guy needed an ecommerce website built with backend and logistics system integrated. We discussed possible designs for the website and stuff too and so far the deal looked promising to both of us.
I explained him the cost estimate and told him that I would email him the final quote from myself once we discussed server cost and shit.
So now comes the bargaining part where he asked me to give him server and domain for free.
At this point, I suspected that he didn't know that servers and domains are not something that you make. You have to purchase and renew them periodically.
So I told that guy that he didn't understand the cost estimation and explained to him that X is the cost of making this fucking thing and Y is its monthly maintenance cost, if he wanted annually could be done too. And this Y did not include server and domain costing.
Now came the fucking tide, the guy straight up turned to his shit and told me I am lying and trying to con him. So I gently asked him if he had ever gotten any website made. To which, he said No, but he knows how the costing works.
I was like "Bitch?". So I calmly tried to explain that that's not how websites are done, delivered and maintained.
He didn't seemed to be understanding and kept on fucking repeating that he knows his shit and blah blah.
At this point, I was like "Okay. Fuck this dude then. I can find another project. " and then I told him that he'll need to find someone according to his needs.
Interestingly enough, the guy called someone and then walked out of the cafe while talking on phone. I waited for 5 minutes and he didn't come back so I decided I would pay for my coffee and leave. Turns out the guy had paid his bill before my arrival and ditched me with the excuse of the call.
But oh well, I think working with such an idiot would have been much worse than paying for that coffee.4
Needed a list with all domains I run on a server but I don't always give nginx config files the names of their website so I was about to start going through them by hand..... waaait, let's try to automate this with a bash script...
Five minutes later I've got a working bash script which gets all domains from all config files.
Oh, the joys of terminal/bash stuff!15
> I noticed you have domains that are not used anywhere, do we need to move them? e.g. domain X?
>> no, they aren't used
*migrate servers and working domains*
>> why did domain X stop working?
I just set up pihole again.
So many things being blocked. Byebye Facebook!
Everything is so fast. I love it.
1.3M domains blocked 😍8
We have 1 guy managing everything. He develop our CMS, customers email client, manage our network, servers, domains (our own domain servers), billing system, SSL certificates... In short: everything (as well as bugs). The entire company relies on 1 guy, pretty much.
Brings the phrase "all for one, and one for all" to a whole new meaning.15
For the privacy freaks of devRant, have a host file that blocks all Facebook owned domains:
Blocklist Facebook domains (2016) - https://github.com/jmdugan/...
(not mine, found on HN)7
I hate asking questions but I need to right now.
Any suggestions for an easy installable email server like mailinabox? Multiple domains is a requirement :)46
I eat food. And I cook food. Believe it or not, cooking is very similar to coding. Things you do at the very beginning haunt you till the very end. Also, premature optimization is the root of all evil (in both domains).4
You know what I envy Americans about? Your .gov domain.
It is so difficult here to detect if the website is honest or a scam because our government is too dense to put all their sites as subdomains of one trusted domain. Like dod.country.tld for the department of defense or justice.ministry.country.tld for the ministry of justice.
No, these idiots buy ministry-of-justice.tld, because no scammer ever could conceive the idea of buying ministryofjustice.tld to host a scam site.
At least publish an up2date list with domains I can trust.7
Just tried to register some travel tickets, at FlixBus. Of course alternatively I could go for a train but those would be more expensive. So yeah.
Go to another site to get another ticket for my travel back, only to find out that while they couldn't implement return, their webdevs are apparently skilled enough to get a giant boner on blinking "(1) Almost ready!" in the site's title, when changing to another tab and there happens to be stuff in the cart. Do you really think I care about that shit! Don't distract me and let me get my shit done!!!
But yeah fucking Web 3.0!!! Give me a fucking break.11
Trying to learn some golang after a break.
Made http / https transparent proxy for personal project.
Mind: You need to add configuration file with domains you allow traffic and block everything else using list of regex.
Me: Ok I can do it, 4 hours later ok done
Mind: Why not make it differently by making list of url you can block and test this shit on fucking ads and stop using adblock that downloads content.
Me: ok that will be handy I can watch websites faster and drop traffic I don’t want to.
Funny fact, it works I broke analytics, logging, quantum shit fucks and even youtube plays ok.
Go is awesome for networking stuff lol.12
My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.
Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"
He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.
As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.
Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.
Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.
I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)
3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.
Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".
I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.
I didn't even care to renew the domains and servers for it, I just let it die without notice.
The little free time I had, I spent playing video games and getting drunk/high.
December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.
I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.
In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.
The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.
In August 2014, my replacement arrived and I got him started.
I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.
My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.
HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.
In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.
Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.
As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...
Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!
And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).8
Some 'ethical hacker' living in my country scanned all domains of attachments in tweets of Donald Trump. He found out that one was expired and bought it for 10$. He then placed a arguingly funny movie at the exact location. Quite funny.
So according to google domains I just put in a transfer request 5 days in the future... Fuck me I need to learn to contain these powers...19
My biggest insecurity?
That I'm fascinated by a lot of domains and rather than mastering one I'm just intermediate in all of them, making me a jack of all trades but a master of none.9
Dear Product Owners,
If you tell me how I need to architect my software again I'm going to ask you to provide a network topology of the architecture you want me to build.
I'll also need you to request the new servers, work with the ops teams to setup credentials, provision the NAT, register the domains and document the routes that the proxy will need to use.
then I'll need you to hook the repo up to our non-existent pipeline so that I can make sure I won't do all that testing I already can't do.
I hope you're paying attention, because that framework you told me I needed to use is going to be a pain to setup correctly.
after you're done with that, please attach any documentation you shit out to the ticket you never created.
Looking for a new job
PS: get fucked3
I had forgotten why I hated GoDaddy so much.. until today. It all came back to me.
I have been a GoDaddy customer for over 5 years now. Last year I tried out Namecheap for the first time because someone who was sending me a domain asked me to create an account on NC.
A couple of days on NC and I fell in love with the support and pricing. I started transferring all my domains to NC over the year. (30+)
Now I was left with 3 domains, 1 of them was to expire 4 days ago. but 5 days ago, GoDaddy switched it to pending mode, barring me from transferring to domain or changing any details.
today I called GoDaddy and after a loooong chat, they fucking forced me to renew my domain!! Saying that I need to renew the domain before I attempt to make any more changes!!!
FUCK YOU GODADDY! THIS IS WHY I NEVER SEND CLIENTS YOUR WAY!!!4
It came to me, a brilliant idea, a simple solution to an everyday problem and easy route to market. Great, starts looking for domains and writes down idea in full in case i forget. Later that day, picks up 12 year old son from school, tells him my great idea. He told me how shit it was and why straight away.7
Installed Cookie Clicker yesterday. This app literally bombs my PiHole with ad- and tracker domains.
This is pretty bad...9
I have this side project that I’ve been working on for the past 6 years part time but over the past 2 years just as a sysadmin to keep it running, it’s unpaid work but whatever, dropping in once a month or so doesn’t worry me.
Well the owner of the domain hasn’t been reachable for nearly 9 months and the domain expired a while back, not much I can do about that, so I pushed everything over to work at the IP level while I reach out and wait - that was 2 months ago while I waited for the owner to renew it or for the domain to fall.
Today the domain fell, so I jumped on to buy it back up only to find its already purchased... 😦
so I find the owner, it’s fucking parked on a shitty “buy me” page with a price tag of $4500 USD. Fuck these slimy hoarding domain parking bastards.
I know the site was on its last legs, low membership and traffic but I’ll be fucked if I’m paying that much to reacquire it.
PSA to /[devs who things it's a good idea|management who thinks it's a good idea to force your devs]+/g:
There currently exists 1543 (and counting) top level domains. My email addresses follow the pattern: /^[a-z]+@panduro\.guru$/ and I die a little inside whenever I get told my email addresses aren't valid because you thought it was a good idea (to force your devs) to hardcode "valid" top level domains. There is a reason why the filter for input type email does not include top level domains.
And you can't even begin to comprehend how mildly annoyed I get when I message their support and tell them what the problem is (because I'm nice enough to do that) they instead of telling me "thanks for informing us we'll look into it" they tell me "well just get a gmail or something". I should not have to order social status reducing items with my school mail (especially not since I'll loose that email ¾ pairs of years)7
Client asks to point their domain to a new 'squarespace' they just got, then call you bc they cannot access the admin console to their old site and 'it's so weird that all the requests are now going to squarespace !!'1
Unicode domains is the shittiest feature introduced in web recently.
People who came up with this idea must be fucking dumb or have ties with internet scammers.12
My boss says to me this morning.
Boss: Can you add these links as a redirect 301 to this link.
Me: Ok, I'm not the developer for that domain but I guess I can do it. Let's try to update apache htaccess for that domain through my account.
(After a swift ssh connection to the server to check out that domain.)
Me: Er...boss, we don't own that domain. We cannot redirect it's links to our other domains.
Boss: Why? What do you mean?!
Me: well if we don't own that domain, than it is not on our server and we cannot update it's server config files. So we cannot redirect that domain to our other domains.
Boss: Are you sure?
It went on like this for a while. I had a laugh break after.1
Fuck GoDaddy man... Paid extra for the privacy feature thinking I wouldn't get harassed by phone. Think again! Got tons of calls from India in two days. What a rip off...
I guess they're selling our info or something...
What service do you guys use? I want to move my domains, any recommendation?19
IF YOU UPDATE AN ADM PLATTFORM FOR FUCKS SAKE DON'T DO THE FOLLOWING THINGS:
1. ONLY DOCUMENTATE IT IN A POWERPOINT
2. WRITE DOWN IPs AND PORTS ONLY ON A WHITE-BORD
3. MOVE TOOLS TO OTHER SUBNETS OR DOMAINS WITHOUT PROPERLY KNOWING THE WAYS OF COMMUNICATION BETWEEN THEM
4. USE YOUR PERSONAL EMAIL ADDRESS AS RESET OPTION FOR LICENCE-MANAGEMENT ACCESS IF NO ONE KNOWS THE PW
5. LEAVE THE COMPANY THE DAY AFTER THE UPGRADE IS DONE
Because the guy who has to take care of the upcoming problems is not going to like you!
BUT having to deal with all of this at once would not be a problem if your, so called team (30 People who work with those applications e.g. as test-engineers) would actually work together instead of having that "not my daily business, I am going to drink coffee" attitude.
Apparently I am the only one who has enough balls to see, admit, and report a problem to our leadership.
This always leads to Me fixing the issue...
....that's alright I am learning a lot...
...BUT IF A TEAM-MATE, WHO HAS THE SAME DEGREE AS I AM GOING TO GET, LEAVES EARY BECAUSE: "HE DOES NOT KNOW WHATS WRONG", IT TRIGGERS ME!!!
- The apprenticeship guy
PS Needless to say hundreds of clients have access to those systems and I worked through a shittload of official tool docs just to get to know the tools first...6
Why do _devs_ still use shared hosting (and then bitch about it)?
"This thing won't let me use external SMTP" - "I can't use more than 2 domains for my site" - "I can't change X in PHP config" ...
You're a dev, VPS prices are pretty much on the same level as shared hosting, and setting those things up isn't exactly rocket science either.32
They will show you a domain is on sale, make you contact support to buy it, tell you "oh sorry it's your browser cache's fault, please restart your browser" and then JACK UP THE PRICE 10x.
Royally fuck you. This shit should be illegal. If I thought it would solve anything I'd contact ICANN.
God I fucking hate this industry. It's all a fucking scam.22
Holy fcuk! Can anyone here help me understand how this domain is possible?
WARNING: obviously its a spam site. Take necessary security precautions if you are going to visit.
the following domain opens a cluster fuck domain name! >> secret.ɢoogle.com
That ɢ is not what it looks like. How is such domains possible to exist? Even more surprising, how is this sub domain -ception possible?7
Oh boy, this is gonna be good:
TL;DR: Digital bailiffs are vulnerable as fuck
So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:
The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.
So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!
I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.
Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!
Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...
The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.
But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.
So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)
So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"
So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones6
Remote server software installation support is great!
You can watch them trying to understand where what is on the file system, they repeatedly switch between windows without doing something on either of them and they set your IE browser policy to allow all kinds of domains & sites which are preventing them from downloading their software.
Todays guy did not know how to transfer a file between the local machine and one in remotedesktop. 😄
(If you do support like this, then don't get me wrong, I'm not making fun of you personally, it is just funny to watch if you have to actually sit there and wait for the support to finish.) 😉1
Some days ago a friend told me about this good site to by the new .app domains, bigdaddy.com.
So I wanted to look for a domain and ooops, thats gay porn 😮
I confused names with godaddy.com. Maybe a lecture at uni is not the best place to open this site 😅
Just finished setting up PiHole on my RaspberryPi.... no more adblock extensions with shitty performance... no more custom hosts files... and network level adblocking for all devices...
oh, and I added so many lists that it now blocks about 350k domains (ads and malware)
Today was a good day.. time to hibernate...4
In today's episode of kidding on SystemD, we have a surprise guest star appearance - Apache Foundation HTTPD server, or as we in the Debian ecosystem call it, the Apache webserver!
So, imagine a situation like this - Its friday afternoon, you have just migrated a bunch of web domains under a new, up to date, system. Everything works just fine, until... You try to generate SSL certificates from Lets Encrypt.
Such a mundane task, done more than a thousand times already... Yet... No matter what you do, nothing works. Apache just returns a HTTP status code 403 - Forbidden.
Of course, what many folk would think of first when it came to a 403 error is - Ooooh, a permission issue somewhere in the directory structure!
So you check it... And re-check it to make sure... And even switch over to the user the webserver runs under, yet... You can access the challenge just fine, what the hell!
So you go deeper... And enable the most verbose level of logging apache is capable of - Trace8. That tells you... Not a whole lot more... Apparently, the webserver was unable to find file specified? But... Its right there, you can see it!
So you go another step deeper and start tracing the process' system calls to see exactly where it calls stat/lstat on the file, and you see that it... Calls lstat and... It... Returns -1? What the hell#2!
So, you compile a custom binary that calls lstat on the first argument given and prints out everything it returns... And... It works fine!
Until now, I chose to omit one important detail that might have given away the issue to the more knowledgeable right away. Our webservers have the URL /.well-known/acme-challenge/, used for ACME challenges, aliased somewhere else on the filesystem - To /tmp/challenges.
See the issue already?
Some *bleep* over at the Debian Package Maintainer group decided that Apache could save very sensitive data into /tmp, so, it would be for the best if they changed something that worked for decades, and enabled a SystemD service unit option "PrivateTmp" for the webserver, by default.
What it does is that, anytime a process started with this option enabled writes to /tmp/*, the call gets hijacked or something, and actually makes the write to a private /tmp/something/tmp/ directory, where something... Appeared as a completely random name, with the "apache2.service" glued at the end.
That was also the only reason why I managed fix this issue - On the umpteenth time of checking the directory structure, I noticed a "systemd-private-foobarbas-apache2.service-cookie42" directory there... That contained nothing but a "tmp" directory with 777 as its permission, owned by the process' user and group.
Overriding that unit file option finally fixed the issue completely.
I have just one question - Why? Why change something that worked for decades? I understand that, in case you save something into /tmp, it may be read by 3rd parties or programs, but I am of the opinion that, if you did that, its only and only your fault if you wrote sensitive data into the temporary directory.
And as far as I am aware, by default, Apache does not actually write anything even remotely sensitive into /tmp, so...
I wasted 4 hours of my life debugging this! Only to find out its just another SystemD-enabled "feature" now!
And as much as I love kidding on SystemD, this time, I see it more as a fault of the package maintainers, because... I found no default apache2/httpd service file in the apache repo mirror... So...8
Using angry standard;
cout << "So my mom recently started "exploring the web". I'm sure you already know where this is going; she ended up signing up for a free trail of some diet pills with her credit card on some sketchy website. The website never sent any product but attempted to charge her card over $300 multiple times. My mom's bank noticed and froze the account. She has now opened an investigation with the banks fraud department and is awaiting response. I took the liberty of running a whois look up and found the companies website is held by GoDaddy and is hiding behind Domains by Proxy (GoDaddy's sysadmin hider). I'm angry that she's in this situation but I have no idea of how to uncover the real company behind the diet pills site." << endl;
Does anyone own any funny-ish domains?
realog.site - used for testing websites for clients
imgoing.global - will be my personal site / portfolio soon9
A week ago, the team that hired me asked me to fix the s**t they made when they hosted around 30 WordPress sites in a single Bluehost shared server. Several of those were multisite installations. The server eventually gone down because of the load. And the most disturbing part was they were taking money from some of their clients to host the sites, in stead of not having a reseller licence. The server was going down quite frequently so I suggested moving some sites to another host or another server. They asked me to do it, but when I asked for the permission to edit the nameservers, they asked me to make a subdomain and point it to the new server. Which was kind of impossible because the new host was already having some subdomains and it's not easy to work with sub-sub domains. So, on an open statement they said that I am unprofessional and not fit for work. Before that they disturbed me and bursted on me when I was off working hours. -_-8
Why the fuck do I have to work with Windows? AND WHY THE FUCK DO I NEED TO RESTART 3 TIMES TO GET ACCESS TO THE INTERNET? AND... WHY THE FUCKING FUCK IS EVERYTHING 7000 TIMES SLOWER WHEN I PUT MICROSOFT DOMAINS IN MY ROUTER FIREWALL?!11
How common is it for development job applicants to lie about their skillsets and experience?
Had an applicant come interview for a senior software engineer role, has been in the same company for 8 years and his resume is sprayed with almost every tech speciality and language there is, claims to be proficient in 8+ languages, done AWS server migrations, built CI/CD pipelines from scratch, written CloudFormation scripts, built microservices, worked with AWS services and serverless platforms, has managed a team, does salary and performance reviews
My gut feeling is when someone claims to have knowledge and experience across multiple specialities, they’re skills in any of those domains are only skin deep8
When you wanna lunch a product and all domains with good names are taken; and when you find a good domain, the twitter handle is taken by an egg!!
FREE .design domains! 😁
Porkbun is giving away one free .design domain to each customer, after verifying it's legit I had to share - I got a 3 letter domain!
I always have need for an extra domain or 2 and while .design is a bit long/specific it is quite new so there are lots of short names available (I registered jhb.design - jhb is my city). If you have a sense of humour there are plenty of wordplay options too ( buttugly.design, thatsanice.design).
On top of that they are offering $20 per referral for anyone who registers a .design name for free. This is so good it sounds like a scam so to test it I made the above link an affiliate link in the hope of free beer.
Let me know if you managed to register anything good!7
I have been playing around with coinhive because I really like it's concept. Pretty cool so far.
Does anyone here have experience with it? What are your thoughts?
Also.. why can't pihole let me whitelist wildcard domains?? I hate having to disable my DNS server every time I want to test the miner.. I guess I will just have to make a pihole / ftl plugin for it..5
Well, today was a fun day playing with Qubes OS. I really did nothing really difficult, I created a template for multimedia pruposes (Netflix, Amazon Prime, Spotify and VLC) based on debian and then create a domain based on that same template.
Still need to fix the screen tearing, but it is nothing really serious, in fact I probably just change the graphic card to the integrated on the motherboard to see if something change.
Probably the next issue will be set a few domains for specific issues:
- Dev [personal]: This will be used for my personal projects.
- Dev [non personal]: For those times I collab with someone / not my stuff
- [√] Work: mail, msTeams, whatever from my job.
- Bank Stuff: I can asure you that
- [√] Multimedia: chill n stuff
and thats all for now.
PD: Ctrl + C, Ctrl + V Will be a nightmare xD6
You can solve a lot of problems with regex... but you can also create others if you're not careful:
"inadvertently blocked or throttled all domains containing the string t.co rather than blocking only the domain t.co itself"
How do I help my colleague in fighting harrassment?
This is the story of a helpless employee facing everyday harassment. Im trying to help. Seeking for your thoughts
Backstory fast forwarded: My company acquired another company. So we handle all their projects and clients now, but its a completely new domain. So we needed new people. Hired 4 employees + 1 team lead to start with. But the project process got delayed and they were free for a month. So i took 2 of them in my project and gave them some small tasks to help us over. They loved working with my team and were learning new stuff apart from what they usually did. And we were also happy of their contribution. We became good friends. All of this was in March 2020 before covid-19 was taken seriously.
About my company: I love this company. I have been in this company for more than 4 years now. People are really nice. Parties and fun events. Lot of smart and ambitious people. So company and people are awesome.
Coming back to the story. Lets call the team the 4 and team lead T. The 4 were happy that someone like T was in their team. This T had all the best knowledge about stuff and life was going to be awesome for the 4. Or was it?
Story starts: So I talk to one of these 4 on daily basis. Lets call this friend F. F is a real gentle person. Intelligent and dedicated to work. F is awesome to work with. And always enjoyed working. F is a team player and very very soft person. F is fking workoholic. So few days after project starts, F tells me work was not going well. F is getting real frustrated at work and not able to deal with it or find solution.
This person T, who was supposed to help these 4, is real piece of shit. He is impatient, arrogant and MFing dick head. Aaaarggggg.
All the good qualities of a leader like supporting the team, boosting confidence, guiding team when they make mistakes, teaching them, were all missing from this person. T was a machine with no emotion and only clock working jerk. I have no idea how T cleared interview process, because one of the interview round is also about cultural fit into company. I know this because i take interviews for other domains. We have rejected lot of such well qualified but arrogant candidates.
So whats the problem now: this team of 4 are learning new tools and taking over the clients requests from old company. Most of the stuff is new for them. So in tat case people need lot of time to understand and figure out shit. people make mistakes while learning and you know have to deal with it. Person T abuses these 4 when something goes wrong. That's one.
Second, the T definitely knows more than these 4. So if these guys dont understand certain stuff they ask T. But T does not help them learn. T will either say busy or run away by saying thats simple and ull know when time comes. REALLY MF???
Third, T does not talk nice. T is rude and does not listen to team members. For eg, If F says some task cannot be done for some reason T will say, "y cant u do it? U r capable of doing it. Tats y u r in this job". And then point number one and two happens. Never responds to emails and messages. But if someone else does the same will not tolerate that and abuses them. List goes on.
So y not escalate and deal with that T:
This person F and other 3 are still under probation and they think complaint or escalation will back fire. These people do not want to lose job in between all this pandemic shit. They are scared.
So this was happening for a while. And i was giving lot of tips on how to handle certain situations. And how one should communicate these.
But being a gentle, soft and workoholic person, F focussed on work and assumed things will get in place as time goes by.
Today, F could not meet a requirement. So T told some shit which got F all sad. and F called up me late night and started crying explaining what happened. I felt real bad. I asked F to file harrassment case. F refused saying it was F's mistake on not completing requirement. WHO THE FK CARES. PEOPLE CANNOT TALK SHIT. I told ill file harrassment case against T. (We have a policy where others can also file if person is not courageous enough). But F did not allow me.
Then after calming down, I told F that telling the problems to me wont solve them. You have to talk to T directly and tell him on face not to talk like this. Or tell the manager about whats happening. Or tell the the HR about this. F said tat cant be done. I was like Y THE FK NOT.
Because the other 3 are not ready to talk about this to anyone as they fear they'll lose job. So if F talks and people question other 3 they might bail out. WAT THE HOLY SPIRIT.
so after lot of convincing F is still not going to
Talk to anyone about this.
So i have decided ill write an anonymous email to HR, the manager and other senior people in the organisation about whats happening.
I really dont know how itll go. Ill keep updating you guys. Feel free to share ur thoughts.3
Yesterday and today I finally had some time to work on my server. And I learned/did so much.
Gitlab is now moved to a docker container.
Kanboard is now moved to a docker container.
TeamSpeak is now moved to a docker container.
Dnsdock is set up.
Access now via nginx and sub domains instead of different ports.
Nginx is now running in a docker container.
Every http service got a let's encrypt certificate.
Damn productive Saturday.26
Soooo this Canadian mother fuck, own the domain I want, and isn’t using it, and doesn’t wanna sell it.. tells me he is using it for his business.. after a bit of research the domain went inactive after 2007. Hours after sending an email.. a wix site pops up. And then then tells me his buisness has been using it for 25 years.. really??! Per public record your buisness went defunct years ago.
Won’t sell me the domain... fine, I’ll buy all the domains with your name in it variants of your buisness name, and point them to gay porn.. FUCK YOU.. fire with fire BITCH!24
Does anybody find that different styles of programming suits their personality better?
I've put a lot of effort into learning Rust. I think it's type system is fantastic. But after trying to make a basic programming language interpreter in it, I found Rust too complex. I kept struggling to express my types correctly, so I spent more time trying to understand the language instead of designing and writing my program.
Now consider Go. It has some overlap in programming domains with Rust. It has almost none of the high level features of Rust baked in e.g. iterators. It's approach to programming is very imperative and procedural like C before it. If you want abstractions you will have to make them yourself. As someone who enjoys understanding the details I appreciate this step by step approach and its comparatively simple language design.
What do you think? Do you think certan programming languages are more suited to different personalities?18
Ugh been waiting a week already for my domain to transfer to google domains... HURRY UUUUUUUUUUUP!3
New dev domains. Grab them while they are hot. Only $ 11.5k + $ 12 a year!
(or just $ 12 starting from Feb. 28th)
Kubernetes is a breeze they said. Now I‘m sitting here for several hours trying to find out why my pods randomly fail to resolve domain names.
Coming along my adventure: broken systemd configs, systemd-resolved stub causing loops, broken k3s modules and finding out that busybox‘s nslookup is broken for versions greater than v1.28.4.
50 issues later, I figured out that the dude who setup the corporate network (where the machine in question is located) uses two nameservers: one to resolve the internal routes and one for all the external domains. Luckily, coredns randomly picks a nameserver for each request. Therefore, sometimes queries for external domains reach the nameserver dedicated to the internal network which then answers with NXDOMAIN.
I hate networking so so much...5
I started my career 7 years back (at the same company I am currently working) as an Asp.net developer. My company used to work in Microsoft domains back then. 5 years back one of our directors decided to dig into the open-source technologies and move away from Microsoft. And I was the first employee who was assigned to learn python. I thought about switching the company so that my 2 years of asp.net experience doesn't go waste. But I didn't as I started liking python. It was easy, powerful, clean, and same code ran on every fucking platform. And I was introduced to open-source.
Don't know best or worst, but this decision definitely changed my view about software development. I understood that money is not everything, passion is also important. The open-source community runs on passion and dedication. And I love the way it works. The bottom line is, I am happy. And python is beautiful.
So I decided to start using NoScript in Firefox recently, and it's been the most wonderful and annoying experience.
Wonderful - Easy to use whitelist on a domain basis makes it easy to un-break websites I trust while keeping potential malicious JS from other domains out.'
Annoying - Now I get why all the graybeards on Hacker News hate what the modern web has become9
Don’t ring me up all nasty asking why these other domains that you never told me about don’t “work”... and you don’t have dns access ‘cos you don’t know what it is and I need to speak to some geezer from another company that you fired. FUCK OFF, now I have to do some whois fishing to find out the shit you are blaming me for.1
About 5 years ago I worked at a small company developing websites and .NET applications.
They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.
Of course I wouldn't do anything.
But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.
Or redirecting them to a porn site.3
F**king hate Windows for its insanely confusing proxy setup required for software development...
> Setup proxy in Windows network settings
> Then, setup HTTP_PROXY & HTTPS_PROXY environment variable at the system/user level.
> Followed by separate proxy settings for java, maven, docker, git, npm, bower, jspm, eclipse, VS Code, every damn IDE/Editor which downloads plugins...
> On top of everything, find out the domains which does not need to go through proxy and add them to NO_PROXY.. at each level..
> It does not end here. Sometimes, I need to setup proxy for SSH connections... like, if I have to use git with SSH and not HTTP/S... Uhhh....
More than half of the problems me and my dev team face is related to setting the right proxy. Why can't it be like, set in one place and everything picks up from there, like in any linux machine or for God's sake, a Mac ?
Worst of all is, my org uses a configuration script, which resolves into a list of proxy servers, from which one of them will be used. So, I need to download that script, find out which is the right proxy server and then, use it in all the aforesaid places... WTH ?????
Is this a common workplace problem for all developers ??? Will this be solved by Windows Subsystem for Linux ???9
Some guy bought a whole bunch of city specific domain names once and wanted me to code the websites for him and manage and support the sites for 5% equity in his business. I told him you realize I can buy my own domains for very little money and build the sites for 100% ownership. His idea was not so bad for that time but he just thought that I was a nerd and he could just use me and I would just be passive and go along being that I'm desperate to make friends.
Fellow Deviants, I need your help in understanding the importance of C++
Okay, I need to clarify a few things:
I am not a beginner or a newbie who has just entered this community...
I have been using C++ for some time and in fact, it was the language which introduced me to the world of programming... Before, I switched to Java, since I found it much better for application development...
I already know about the obvious arguments given in favour of C/C++ like how it is a much more faster and memory efficient than other languages...
But, at the same time, C/C++ exposes us and doesn't protect us from ourselves.. I hope that you understand what I mean to say..
And, I guess that it is a fair tradeoff for the kind of power and control that these languages (C/C++) provide us..
And, I also agree with the fact that it is an language that ideally suits our need, if we wish to deal with compilers, graphics, OS, etc, in the future...
But, what I really want to ask here is:
In this age and times, when hardware has advanced so much, where technically, memory efficiency or execution speeds no longer is the topmost priority... These were the reasons for which C/C++ was initially created...
In today's time, human concept of time matters more and hence, syntactical less complicated languages like Java or Python are much more preferred, especially for domains like application development or data sciences...
So, is continuing with C++, an endeavour worth sticking with in the future or is it not required...
I am talking about this issue since I am in a dilemma about the use of C++ in the future...
I would be grateful if we could talk about keeping AI, Machine Learning or Algorithms Optimisation in mind... Since, these are the fields in which I am interested in...
I know that my question could have been posted in a better way.. But, considering the chaos that is present in my mind, regarding this question doesn't allow me to do so...
Any kind of suggestion or thoughts would be welcome and much appreciated...
P.S: I currently use C++ only for competitive programming or challenges...28
Hello, brilliant minds!
I am participating in a hackathon based on web development and I need to submit potential problem statements for the same. They have some predetermined domains, but I am unable to look for a suitable problem. The domains are:
2. eGovernance: Smart City
4. Social Innovation
5. Tool/Library/Extension for devs
7. Women's safety
I will have 6 hours to code. Please suggest some of your best ideas. Thanks in advance!
To every fucking site with an .io domain:
Next time, hype a cheaper TLD...100$/year is just not reasonable...9
ok, so first there were ads.
Then came adblock and the likes.
Then websites started implementing randomly generated strings.
Then came pi-hole.
Now some of the websites are using RNG + hosting ads on their domains...
(the order might not be very accurate, but you get my point)
So what now ?
I'm guessing that the next step for adblock will be to use AI to recognize these RNG strings, and then the websites will use AI to generate better strings (harder to distinguish if it is relevant content or an ad).
In other words - AI vs AI :D
what do you guys think ? :)4
I will major in AI. No, I will major in Big data, wait, I want to major in cloud too. I think I should first complete the courses I enrolled on cloud academy or the tens of courses in enrolled on Udemy on all the domains possible first! So many technologies, so many dreams!
FredBoat, largest open source discord bot.
Making all the things work + making it scale when demand kept climbing was a challenge where we had to learn simple stuff like postgres, working with 3rd party apis, generally good coding patterns and maintainable code, but also rather advanced stuff like making the garbage collector play nice, profiling memory leaks and optimizing the hot path, as well as high level topics like cutting the codebase into scalable domains and services.
Fucking Windows Servers, I just wanted to set a login timeout of a few minutes after several unsuccessful login attempts.
(Windows Active Directory for Domains and shit is installed - just an FYI (otherwise this would be slightly easier))
- Go to Group Policy Management
- Navigate to your domain in a policy tree
- Right click "default policies" and select edit in the right click dropdown.
(Why not just fucking double click and edit it them in the convenient right-side window? Because fuck you!)
- Navigate another god damn policy tree
(And it's not obvious, it's under Windows Settings... Ok that makes sense, but there are so many nests.. Fuck me)
- And only now can you edit the "Account lockout duration" field
Windows Servers are a pain.. This actually isn't completely horrible, but it gets really annoying, because literally everything here is hidden in weird places behind thousands of click navigations and in between that there's some shit sandwhich UX.1
Chrome 63 forces .dev domains to HTTPS via preloaded HSTS.
Well, FUCK YOU google. Why do you even give a shit of my local proxy.13
I got my domain from Swisscom (Switzerlands "T-Mobile") Every damn time I try to renew/adjust the domain it feels like I have to search for the fucking Higgs Boson. Searching for it on DDG only yields wrong results. Domains are hidden deep within the business part of their homepage. Their buisness site barely mentions domains, the login is somehow tied to an account you would normally use in combination with your phone number which only adds more to the confusion and the whole domain thing seems to be a shitty frontend coverup of someone elses service.5
Email was invented a gazillion years ago and it's still a shiit experience to setup on linux. Just give me ONE complete package!!
nooo i need to get postfix, dovecot, spamassassain mailscanner, antivirus, opendmarc, opendkim, dovecot-managesieve dovecot-sieve, roundcube, database, webserver and then i still have to configure everything and setup certs, spf, dnssec, dkimkeys on the domains, domains, mailboxes, deny weak certs etc.
I know the whole do one thing and do that one thing well but how about you just be a mailserver and do that ONE thing well without me needing to putting all of the puzzle pieces together myself! I don't want to waste time setting all this shit up. and don't even get me started on symantec and live.com and their blocking!14
So for a new client, they have their domain on a registrar that has the most ugliest and confusing UI ever.
So I decided to transfer the domain to somewhere better.
Guess what, it takes 5 days for them to release the domain. The site would be down and I won't be able to proceed with my work until transfer is complete.
In hopes to speed up the process, I tried to create a ticket. There is no ticket system and their only available contact email listed is email@example.com
I mailed them yesterday evening hoping for a reply.
Few hrs ago, I received a bunch of automated email on some ticket I never created.
The biggest WTF is that the To: on that email is some other customer's gmail address and I am CC'd along with a bunch of other customers gmail and hotmail addresses.
Seriously, WTF is this?! I'm glad I took the decision to move from them20
Integrating Google recaptcha into my web service. For some reason it always errors, both on a production and development environment, correct domains configured, and with he simplest setup. I'm fucking lost, documentation assumes it actually works. Similar errors on stack overflow and Google groups either got no answers or have obvious issues.
Fuck this man4
tl;dr. web hosting && a panic attack && security threat
i wasn't sure whether my brother's domain was hosted or not (because it wasnt showing a website and he didnt know any better).
so i decided to host a react-app for it on netlify and pointed the domain's nameservers towards it (a separate security threat at bottom).
all went well and now when you punch in the domain it ..all-behold.. shows a website.
NOW, i remember my brother was using the domain's email which probably means it was hosted, right?. so im panicking because im not sure whether i just deleted all his emails or not because it's 1:15 am and he's asleep.
there is a rant in there somewhere but im in too much of a shock as to how much data i might have just accidentally deleted
another tl;dr: my domain registrar let me change someone else's settings..
the reason i didnt know his domain settings is that he didnt know his password.
i had bought a couple of domains and was gonna host them on netlify. while i was doing this a bright idea hit me.. "you should finally build a website for your brother for the domain he bought 7 years ago"..
this is where the fun begins.
i sent an email to my registrar to point all nameservers of all domains to my nameservers and just to try out i included my brother's domain into it (i dont own this domain it's not registered by my email), and the next day i get an email telling me they've successfully made all changes.
Now tomorrow is monday and i'm going to their office to tell them i found a security flaw and see how long i can stall before actually telling them what it was and how their live's could've been made hell.2
I use fucking GoDaddy to manage my domains, just cause, whatever, who cares, right, it's a domain manager, they do have great support.
But everytime I login and try to find a domain, it's like 8 clicks and they try to push their website builder in your face and all kinds of shit.
Can I get a recommendation from a trusted devranter? I want to switch.
I use forge if that matters...
Why do we still speak in direct DNS?
I don't know about you, but I have observed so many DNS mishaps in my day, and also have observed that developers and non-devs consistently fail to have a succinct mental model of how to set DNS properly for a website.
There are lots of services that make setting DNS easier than ever, but I'm kind of surprised so many people still have to think directly in terms of CNAMES, APEX DOMAINS, and all the direct domain knowledge of DNS.
Can't we have a higher level abstraction that compiles to DNS with more safety guards? Sure, let me dip into DNS when I need to, but why are DNS settings tables still such a normal thing?
I write Ruby code so I don't have to write C code. I'm sure there are attempts in DNS abstraction, but the fact that I haven't come across them means they are probably still too leaky or just not mainstream.
Thoughts on the matter?4
Writing codes never been hard.
Making user stories come to life for the stakeholder has never been daunting.
Architecture however I find to be difficult. SOLID principles at a class level and project wide level I find complex. Im finding an all new love for programming in the realm of this abstract planning.
Most of the population with an average IQ and enough patience to learn some basics are able to write enough to solve rather complex issues. The evolutionary jump to simple abstractions is inevitable and the eventual understanding of frameworks is unavoidable as the problems grow more unique. For example, Ive had semi-technical managers as of recent write small web apis in node.js to help them integrate data from a headless CMS into excel. Point being, the problems that use to be trivial in our positions are becoming much less so.
The code writing aspect of development is getting easier. Frameworks are becoming more and more automated. The real world problems are also growing more complex and requiring larger solutions. The problem at hand is rarely the algorithm. Theres a package for most needs that arise.
The size of todays problems require multiple domains of logic and multiple systems to maintain. Throwing code at wall no longer scales far enough for a business to stay alive. Devs come and go, we do not enjoy growing idle as complacency means we are being left behind in such a quickly growing field. Without a sophisticated architecture in place from the class all the way up to an agnostic domain layer, a few cycles of developers will leave a codebase in shambles.
A summarized point of what im finding more and more of is that the writing of code is becoming much less a talent with a high dollar sign. The architects, the well weathered solution builders, the consultants preaching of the past and whats to come are where we will find most of our value as our solutions grow beyond rational understanding.
And what a fucking brilliant problem for us to solve in the coming of days: Mass service communication and organization. Being able to solve that problem cannot be an easy task.2
So basically people in school were playing krunker.io, and shellshock.io in class. The school took notice and decided to "futureproof" their blockage. They basically blocked all io domains, because io domains are definitely all games. So yes, that's the story of how atom.io and every other io domain is blocked at my school4
I just can't get over the fact that the .com domain I have been eyeing for is still out of my reach. This name popped to my brain after brain storming over a week when I started making sites when i was a teen.
The domain has been sitting there unused with a basic webpage containing some ugly web design from 90s era.
I have been eyeing it for over 6 years now and just found out he renewed it for yet another 3 years!
I don't want to approach him about it either, I'm not that desperate for it that I'd pay millions for it.
The wait continues...
Anyone been in a similar situation?3
What are the benefits of using www for a domain? I know it has something to do with cookies, but I can't find any useful info on the webs.8
Remembered that firefox container tabs also allow you to force domains to their own container, so now have again youtube, google and other creepers automatically in their own containered tabs :)2
For crying out loud, no, GoDaddy, you don't just shutdown expired domain without ANY warnings. No!!! Not cool!!!5
When the domain you want to buy has been taken from a domain-dealer who takes ownership of unused domains. When that dealer sells it for more than 10.000€ but also would accept ... 70€?🤔 When you see that the offer decreases automatically a couple 100€ every once in a while. Let's see how cheap it can get ...10
Need to change host for my sites, but no money for a good one. Trying to put everything in one cloud (5 USD) but... How the duck can I create a mail server with multiple domains?
A good fight with postfix, dovecot... The first account, just to the sake of make it work, is almost working (I reckon)10
Why in the fuck can't you transfer a domain name for 60 fucking days? This makes no sense. My dumbass purchased a domain from Google Domains and registered it with Google Sites. Now I just realized that Google Sites is useless as fuck. It's more useless than a plastic bag of dicks. The dust on my window seal serve more purpose on this planet than Google Sites. That's how useless Google Sites is. Now I want to switch to Square Space or host it myself but have to wait 60 fucking days.
I could just buy a new domain for 12 bucks but I had the perfect name. Fuck ICANN for their stupid idiotic pointless motherfucking policy. Fuck.1
Every time I setup a mailserver, spent lots of hours in making it secure, all mails from me are landing in spam folders. I HATE it! A pity that Google doesn't host the free G Suite with own domains anymore :(9
Did anybody buy .dev domain from Google? Their website was quite slow yesterday and somehow I managed to add my first name .dev to the cart. But in the last screen I got stuck with "Registering this domain" message. I closed tab after an hour. Today it is still under pending domains. But if I search for the availability, it says exact match is available. Should I be worried?10
I hate those fucking websites that reject Mailinator email addresses (including alternative domains).
The other day I was so pissed off that I went on Freenom.com, registered a bunch of free domain names, and pointed their MX record to mail.mailinator.com.
Now those fucking dumb websites don't block me anymore.6
I've spent so many years not coding, I could never get over the initial hump, which was definitely a mistake. Mistakes are fine, we all make them. The best thing is to learn from them. On the plus side I've learnt firewalls, Web hosting. Windows domains, Azure cloud, virtual machines etc etc, skills which are hopefully very useful for Dev to have. I look forward to joining the ranks of skilled developers. If you are interested in development but are afraid to take the leap. Just go for it, start to learn and play with it. My recommendation for anyone looking for a starting point is a Udemy course called "The Complete ASP.NET MVC 5 course". I'm not affiliated in any way or advertising it. I just think it's brilliant and you get to the fun stuff really quick. You will start with the basics of getting and setting up visual studio. Also. If anyone could recommend other very good courses they know of I would appreciate it1
I don't fucking understand why certbot never seems to renew my domains. I try everytime I get one of them anoyying emails but still fail.
Currently trying while watching the webroot and apache logs. Nothing fucking happens. Someone experience with these problems?7
I'm back from the dead to rant again. This time it's punycode.
My job has to do with processing the commoncrawl web archives, and for some reason one in 20.000.000 archived webpages crashed my program. After some debugging I found this issue that seems to be the reason my code crashes https://github.com/servo/rust-url/...
To summarize the issue: Since punycode unicode characters can be encoded into domain names. But not every character is allowed. Not only do these invalid domains get registered, I need an in-depth knowledge about unicode to understand what is wrong here.
How did we turn domain names into something so complicated?3
Why do average people insist on buying ridiculous packages from companies like GoDaddy - when they don't know a thing about hosting or domains? They may as well just break a few of my fingers before I start their project.4
You got it all wrong, it's being a dev that helped me a lot in a lot of domains: organization, logic, basic maths that I kept struggling with for years, and the love to learn new stuff everyday
I got stuck in a shitty situatuion in which i have to choose between being a front-end+mobile developper and back-end. I have to answer my company today, the problem is that i like both domains.
hey guys if any of you guys are good with legal stuff some help would be appreciated.
so there’s this brand tld, which i won’t state for privacy sake. it is, coincidentally, my last name. naturally, i thought it would be pretty cool if i could change my personal domain to <my first name>.<my last name> but after contacting them i did not get a response.
do you guys think i have any legal standing to get my domain? could anyone help?8
Note to self: Always do private domain registrations. I've been getting emails for about a week now asking i want custom development services for the domains I registered 😡2
So the De-Cix Frankfurt operater sued the german secret service (BND) for taping into the traffic.
They are apparently trying to exclude Traffic from german citizens by filtering for .de domains... Because id never browse any fucking other websites! And not every german website uses .de domains.
The Government justifies this by saying ""If the calculated reference value (Amount of data collected) is increased only strongly enough, the BND (...) can monitor 100 percent of the traffic it really wants (" full take ")."
("Wenn die rechnerische Bezugsgröße nur stark genug erhöht wird, kann der BND (...) den von ihm wirklich gewünschten Verkehr zu 100 Prozent überwachen ("Full Take").")
When will they fucking learn, that mass surveillance is a fucking bad idea?
Article (German): http://sueddeutsche.de/digital/...2
TL:DR linux newbie, looking for advice/links (skip to bottom for questions)
After i had been looking for a job for quite some time, a couple of months ago i got hired by "smaller" company doing web stuff. So far it have been a great place, good colleagues, and overall just having a great time!.
They seem to value me alot, so that's great!.
Anyway, yesterday i got called into a meeting - and got told they wanted me to start learning "Server stuff (linux)". That got me quite excited, because it always was something i wanted to learn - but never really got around to doing.
But i never touched a linux installation before, so i'm really on ground zero - but im not afraid, i'm a quick learner and quite efficient at googling :)
I figured i would ask here, since other people here always seems to be happy to help other people out.
So far i have manage to setup a server, install various stuff (php, mysql and so on) and done setup a couple of domains/subdomains on my server. Also got a vestacpinstallation working - so overall im quite happy so far.
I figured maybe somebody had some good links/advice for a linux newbie :).
* Performance/Security, will obviously be a big focus - anything i should look at? - any must look at?
* Monitoring tools, how do i monitor various websites running on my server? Here i'm thinking bandwitch, cpu/ram usage and so on pr site basis.
* Any other stuff i should be looking at?
Little about what the server will/should be running :)
* WordPress installations only (e-commerce mainly)
* PHP 7 / MySQL / phpmyadmin5
We're looking to change the domain provider we use to register new client's domains to one that has an API.
So far it looks like it'll either be namecheap or AWS's Route 53.
We're also looking for the same thing with mail inboxes.
Do you have any recommendations / experience with either of these?
I was hoping to find a solution that would provide both the domain registration and the mailboxes with no hosting and accessible via API but I've had no such luck.
(Except for maybe two, but neither looked up to date)10
This guy named Tschache,Using a variation of typosquatting, he uploaded his code to 3 popular communities of developers–PyPi, RubyGems, NPM–and gave them names of the 214 most downloaded packages on.
As a result, over the span of few months, his sketchy code was executed on more than 17,000 domains and more than 45,000 times. Interestingly, more than half the time his code ran with complete administrative rights. His script was also found to affect .mil domains of the US military.
How cool he is!?
Anyone here experienced with Route53?
I have a small issue I'm trying to think through on how to achieve with minimum effort and maintenance, essentially set once and walk away and never care about it again solution.
Basically what I have is:
and I need to get it to redirect over to
Using a 301 would be ideal but how for the life of me do I go about serving a 301 redirect over a dns entry - short answer is I can't unless I'm missing something!
Both domains are owned by the same company so no issue in hijacking a subdomain... well besides internal politics but that's just another day 😏
First thoughts include setting up a S3 bucket with hosting and forcing the dns to that and then, redirect out of the bucket... seems overkill but will work.
Hoping to find a smaller solution that I don't have to justify a S3 bucket being used for a single file - audits suck alright🤷♂️
Oh and setting up a redirect at the originating domain will take longer then it's worth to setup and get approvals for so not worth the effort internally.
Yes I will accept "fuck off @C0D4" as an answer.10
Is GoDaddy any good? I've seen that Google has opened .dev domains floodgate and I was wondering about starting my own page. Dunno which hosting service to choose and if I even should make my own website considering I'm not a Web Dev 😅19
I really, really need some help here.
We have a service provider that is utter shit. Due to their shittyness we have a server to which our customers point their domains and then we forward the request to our shitty provider. This worked well until our provider blocked our server's IP.
They can't come up with a reasonable explanation as to why it's happening, and even though they've whitelisted our IP it keeps happening. I've tried changing the server's IP, but it takes 5 minutes and we're blocked again. Probably some traffic that they deem fishy.
Does anyone have any good or bad idea on how to work around this fuckery? The server at our provider is running PHP, so I'm thinking if I can set up some sketchy tunnel or something, but even then it might be caught on a lower level.
I'm really, really grateful for any ideas or advice. Even of the shitty kind.6
Damn you OVH... You and your goddamn deals again... Now I ended up buying 2 domains for a project again. We all know I'll leave the domain in my cloudflare "keychain" without using it until it expires, because I'll find a fancier and more fun project 😅
I'm at 12 domains right now... I think I might be addicted 🤔
Btw, theres a sick deal going on over at OVH, .com is only 1,20€... Better get your project domain which you'll probably never use again now 😂4
Finnaly got my domain transfered to google domains and I can't figure out how to link my google cloud bucket hooked up so I can access the site from either lxmcf.com or www.lxmcf.com..... well fuck :-)
(In not great at this stuff btw... Obviously)2
I just wanted to transfer my domain from domain operator dns to other dns provider.
Now I lost control over my domain and it redirects to those fuckers website.
I thought fuck them, this is their last fuck up so decided to transfer domains from this piece of shit provider to any other.
It turned out you need to send request using post office or visit their office by yourself to get EEC (authinfo) code
Their office is 300km away but cause it’s fucking faster and more reliable then waiting a month for their mail with fucking numbers I will go and do it next week.
Let the fucking hell begin.
I hope those motherfuckers would food poison and shit themselves into their beds till end of their fucking life.
Fuck those fuckers.8
What's your thoughts on the newly released .app tld? Is it going to be the new .io?
It also seems like Google provides TLS certificates for free to all .app domains. I know there's let's encrypt but I still think that this is great. Google is really pushing a more "Secure" internet.
My works funny man.
Over 12 years we've built out a crazy amount of services utilizing several languages, paradigms and deployment methods.
Apparently we use to have a massive dev team or something but as of now its like barely 9 (that might include QA so like 6).
We have a deployment repo that manages the entanglement of everything on a kubernetes cluster. There you will be forced to work with python, bash scripts, ruby, some lua, and node.js. And of course alot of yaml files.
Move along to one of our many extensions or servers and you will find yourself needing to know angular 1.x, angular 9.x (right big jump), angular 7.x, Php (no frameworks), node.js (express spaghetti code, likely written when it first got hot), ruby on rails, meteor.js.
Sense theres very few of us and we're over customer engineering (fixing bugs primarily to prevent churn), that means Im crossing each of these domains and needing to understand each enough to understand a mess of code that on average 9+ developers have had their hands on.
Im exhausted. Even coming from an agency environment this is still brutal.1
I recently volunteered to be the admin of our student website. Boy was I in for a ride... I can only imagine the conversation went something like this:
IT: previous IT
P: some person
P: we need some additional sites that are unrelated to the main site, where should I put the files?
IT: just put them inside the folder that has the files of the main site, it doesn't matter.
P: we have some sub-domains that we do not use anymore, what do we do with them?
IT: just delete the files, don't bother with deleting the subdomain
P: we are having an event, what do we use to store user applications, we used google forms previously and it worked just fine.
IT: we will have the applications go to our mySQL database, but everything will be in one table so that it's more readable.
I mean I'm still a college student so there might be some deeper meaning to this, but still i can't look at this without my ocd getting the better of me.1
We have a lot of small projects with different domains that we maintain and develop. Most go into maintainence mode now and get no new features. Now our new department lead declared us the SWAT team bc there are no new good projects. This baiscally means we get pushed to other team's projects that have issues with deadlines and support there. So basically we get to projects with fire on the roof and as reward for extinguishing, we get another burning project.
Either that or in the first department meeting where our new boss introduced himself and managed to say in the same paragraph that due to corona we "shouldn't expect any salary increases bc these are hard times" and "his department has so much money and doesn't know where to spend it"
What would be the most semantic option for a domain if it's just a personal space? .com means commerce, .net means networking services, I think space means... space, the sky... and it's a bit long... .dev? .xyz?
Should I just forget about this and either go with a regular .com or something cheaper I find?10
rant && what do you think?
so one of our ISP (Orange Slovakia) had troubles with service for like two days. Their DNS servers translated domains to IPs reaaally slow or not at all. So when i saw the dns error in chrome (yes i use chrome and not quantum) I changed my dns to google dns and ignored it.
Two days later when the service was back up and running, this ISP went to the local media and made a statement "we had a DDOS attack, no user data were harmed, blabla" that was when my BS radar went bananas... so somebody DDOSd your DNS server ... for two fucking days straight... this is probably a lie or they have really noob engineers (or both).
I'm not an expert on network services or routing, or servers but, how about turning off this server, IP and setting up a backup on a different IP ? Possibly anyone here with experience how to handle DDOS? Whats the chance of this happening? i'm really curious23
That moment you setup 17 domains on sparkpost as a email delivery system
make your account secure with 2 factor authentication like a good infoSec enthusiast
Go on with your life
Having a Phone crash but nothing to worry because you made them backupz
once again go on with your happy life.
Having to setup a different bounce action on sparkpost
logging in to sparkpost to make the adjustments
opening google authenticator
realising the backup you restored was before you added the sparkpost entry
mailing sparkpost asking to deactivate 2factor authentication
Having them tell me that they have no access to Google authenticator so they can't help me and all they can do for me is delete my account if i answer their 7569357 questions that i entered a year ago ..
You have access to your database yes ? You can delete my account but you can't adjust a fcking Boolean column from true to false? #@?#&!
Why even offer a feature where you have apparently no control over. Stuff like this happens all the time and almost no one saves that fcking authenticator secret.
Make people use authenticators to keep the hackers out, forces them out instead.4
What the fuck is this trend of pricing cloud services by the minute? I mean It's fucking great and all that I buy 2 minutes with a sql db but who the fuck actually does that?
After another night working on a server I (strongly) suggest we move our shit to a cloud service. It's cool providing I promise the costs don't rape us blind folded. Seems easy enough, right? Nope it's not.
6 hours later, halfway to becoming a fucking network engineer and I'm more lost than ever.
Seriously can't the fuck AWS and google cloud show a monthly price - even an estimate for generic shit like $x for the average crappy wp blog!
If anyone has some helpful info / experience on the true cost of hosting generic web apps - the retardedly simple app I'm trying to price is:
1 php web application with 150 domains, 3gb mysql db and 30gb ssd.
I gets has 45000 sessions with 250000 page views.
Your help would be greatly appreciated. Currently I'm leaning towards deploying a clone sending 250 000 random requests and praying my $300 cloud platform credit will cover the bill.4
So, not really a rant. The opposite in fact. With all this frustration about GDPR lately, GUESS WHAT FUCKING HAPPENED?! My domains (at one registrar so far) where all made private because of the law. GOOD DAY!2
So I've been given a task to monitor a whole lot of logs of some servers (whole university ~ 10+ departments). The technologies are diverse so I'm cramming everything into elasticsearch via logstash (and filebeat), viewing it into kibana. Any recommendations for what should be the 'useful' stuff to be viewed into dashboard? I guess:
- Overall traffic wtih respect to previous days/weeks
- Most viewed domains
- Failed logins?
- Dropped connections?
- Critical-load of systems? 90%+2
Anyone here familiar with nginx site configuration?
I'm trying to set up it so that my nginx server serves a static website on my domain, redirects users attempting to access via HTTP to HTTPS and proxies a locally hosted server to a subdomain.
At the moment I'm struggling with how I can make both work as you can only bind a port once.
If you know resources that could help me setting up the domains, I'd appreciate it very much.
Thanks in advance. ;)10
Thinking about dropping Google cloud console and Google domains and just go back to namecheap, just pay the $80 a year to have them host it and not have to worry about the server's and databases personally...
Anyone else got good recommendations other than namecheap?6
Can you tell that fucken Barracuda VPN Client to only route specific domains to the connected vpn?
It makes no sense to route my whole fucken traffic through my workplace's network.
What was the name of the service for acquiring domains for free (or was it with privacy(?)) that was trendy a couple of weeks ago here?
I might be thinking of buying a domain5
Namecheap made whois protection free for everyone, probably because of GDPR, but they cannot be used on .eu domains.5
recent graduate and fresh into the market with little experience in what i've chosen as a career. got my first (tiny) paycheck for my first project.
didnt know what to do with the money so i bought 3 domains of which 2 are my name with different spellings (i am not a narcissist)8
Talking to my architect:
- hey, we have a lot of code smell and data is structured usually in a chaotic way, also its hard to understand what is going on with all these code duplications, maybe we can think about refactoring, better structure, maybe even we can extract some domains and make life less painful?
- what is domain?
Since last update (version 63) Google chrome forces all *.dev domains to use https. Guess who used a *.dev domain for his local development virtual machine and now have to switch to *.local ...
Removing the HSTS Rule from chrome seems not to be possible and surprisingly I could not use a self signed SSL certificate to make it working again.3
Looking for hosting Don’t really know who I should go through? I have used host gator and go daddy in the past and would like to try out some new hosting. What would you guy recommend? And why? Budget for the month would be around 15 usd for hosting max. I would like to host my portfolio and as many domains as possible on the hosting. Please help3
I fucking despise making whatever website that needs to send emails.
The final user won't probably receive the emails bc of spam, the customer wont like this and blame me or the company I work for, but never actually PAY for an email service to send emails.
And almost nothing works with the old-ass domains here in Italy, but people will still use those old-as-fuck emails just because they can't make a new one on gmail or outlook.1
Freenom just removed one of my domains because "it was hosting ads". When I try to re-register it, they want me to pay for it. Is this a common practice of theirs?2
Just wasted whole day with plesk webhosting :D
Decided to move to a DDOS protected hosting by OVH.com
Chose plesk web hosting
Turns out in order to park domain to plesk webhosting it's necessary to change GLUE records and nameservers to point to plesk VPS IP
My domain registrar where I have 10+ domains does not allow changing GLUE records. Only way to make it work would be to move all domains to new registrar and pay for each domain as it's a new one.
FML just wasted 16 euros on this useless plesk webhosting. Need to take regular webhosting :D3
Whoops, my head will be squashed tomorrow. Asked to put monitoring in other week by boss, sysadmin been complaining about high CPU, apparently 10 requests (different domains) to the one VM on our servers every 10 seconds is killing it. However this server is being used for MySQL and serving web requests by Apache and PHP. Then also running a few jobs like consuming queues etc.
Wtf do I do? Every time I tell him about more resources (we have decent 2 rack servers just running 20 vms and only 1 VM is for web sites) he says software should be made to work with what we have.1
QA: This email don't pass validation ( $%^&*&^%$@m.c)
Me: Yes, that's right, where is the problem ?
QA: We allow special characters in email field, so it should be valid, fix it.
Me: "Searching some info about top-level domains"
Me: Look, this is why this email is bad.
QA: So this email is valid ?
QA: Why ?
So if you need a vulgar email domain have look at cock.li it's brilliant and those domains haha
when one of your best domains were taken for a long time and you didn't considered about buying or hijacking it or even thought about what you would even do with it because its taken anyway and you are not an asshole. But then out of nowhere you get an offer to get this domain. and you start thinking... what cool project you could do with it and what it may becomes - and what if your project fails and you wasted a great domainname... but ofcurse you stuggle for too long and the old owner bought it already back again, like he just forgot to renew it and didnt even cared about it that much.
congratulations. you now cant stop thinking about this cool project and what it could may be. instead you see someone else wasting it...
as if dev life is not depressing enough. back to localhost :(
where do you guys register your domains? :) i plan to seperated mine from my hosting provider.
namecheap looks good - any pros/cons i have to consider?7
can someone explain to me why local pi-holes aren't a thing?
can't we just have an application that has a blacklist of domains that get blocked?21
Worst coding mistake was assuming that the NameCheap domain API was an update and not a replacement. I went to added a test sub domain to our company domain and it cleared out 40 unique sub domains taking down our sites and email until I could manually add them back.1
Am I a selfish asshole for not allowing my email server to be the relay whore of the internet?
I just hate postfix log files filled with messages not related to my own domain.3
#1 clean up the internet of domains, use those beautiful and fancy TLDs - blog, photography, gallery, cloud, house, gov, xxx
#2 more fanatical - clean the internet of cat / dog / [supposedly cute animal] pictures, and later - npm packages1
Any disposable e-mail address service:
"FIGHT THE SPAM"
"THANK YOU FIGHTING THE SPAM"
"YOU DID GOOD BY FIGHTING SPAM"
The users of disposable e-mail address:
*creates another spam account*
*creates another multiaccount in order to exploit a system*
Companies actually fighting spam:
Now there is even more spam to fight against. (which is not good)
About 2/3 of the accounts created daily on our website are spam accounts. We have to waste our time with this shit instead of actually improving our services. Since we do not track IP-Addresses and there are countless amounts of disposable e-mail domains AND there is still the option to create countless spam e-mail addresses within legit e-mail providers, there is no easy way of stopping this madness.
"Fight the Spam", you could start by deleting your shitty service or at least give us a list of all the domains you're using, srsly.
Everyone has project builds. Boss comes in and says we need to build 12 landing pages on 12 new domains by end of day. Repurposes PR for content, my designer, and 3 devs.
Happy goddamn Friday.1
i have a question for you. You work for an industry, a factory, in house. You have only one developer to help you.
They ask you for an app to store production and get reports. Ok
Then before a year passed, they want you to start making apps for: project managment, hr 360 evaluation, implementation of SSO without paying a third party service (like auth0 or okta)
Would you feel comfortable, even if the proper time was given, to get involved with so many different domains without anyone above you having any idea about software lifecycle and development?4
I was checking my work Inbox and the first thing that I saw was a recruiter email.
So, let's check, is this my personal email, no.
Hmmm, maybe this is a prank or a test? check email domains and everything looks legit.
It seems that recruiters want to get developer attention at all cost nowadays. :D
Any PHP developers here have experience with Multi DB tenancy app with each tenant can have their our custom domain (tenant-one.com) then it will be pointed via CNAME to my app (tenant-one.myapp.com).
I have enough details for multi DB tenancy app using sub domains but for using custom tenant domain - not so much.
What are some good detailed tutorials on how to do this via CNAME?
What tips can you share about this? Thanks! 😃2
1. Windows domains as user@domain
2. Starting tape backups at 13:37, realizing they need about 5 hours and all company servers run on ~5% speed for others
3. Repeatedly opening and closing devRant multiple times a minute realizing it has been open currently
4. accidentally executing "apt-get update && apt-get update"
5. Trying every earlier password if the current windows domain password timeouted until I come to an not yet used one.
I spent hours setting up Laravel Valet on Ubuntu (virtual hosts with a custom TLD) e.g myproject.dev
I just found out why it was not working. Because fucking Google bought 100+ domains in the .dev gTLD and added them in Google Chrome Hosts as well. Now they redirect the url automatically to HTTPS.
Any ideas on a new test development TLD?
I was thinking .fuckgoogle but that's too long7
"Ultimate beginner" guides that leave you hanging, because it isn't a beginners guide!
Trying Firebase (coming from vanilla JS) and it works fine in local enviroment. Tries it on server: nope. That environment is different, with different paths and multiple "roots" (addon domains).
Google that? Sure. Nobody has had this issue. Stackoverflow doesn't seem to know (or care).
"Ultimate beginner" guides that leave you hanging, because it isn't a beginners guide..11
Hey guys, I have almost developed the backend of an app like reddit. My question is about authentication. How should I authenticate my user. Is phone number necessary to add phone otp?Because I don't want to get any legal trouble if someone posts objectionable content on the platform. Most of the apps today need phone number, I dont know why except reducing spam accounts.
Or shall I verify email by otp. But its hard to track disposable emails. I cant go for only gmail too as its banned in china. Email domains of china are weird.
Can I get into legal trouble for objectionable content posted by any evil user?
I dont want to go for auth.13
What email service are you using for your domains? I used zoho for a while, but those assholes keep randomly locking my accounts (an email always activates those again, but fuck knows how much emails I missed during not noticing it) - thought about going with the general hype of Tutanota around here, but it seems like it doesn't really support multiple custom domain mailboxes? Also tried just now msgsafe.io - it seems fine, but the way it handles multiple domain mailboxes is just disgusting, because it just throws them all together and you have to "filter" to get mails from only one domain.26
In general why do many companies hide the price of things like renewals, upkeep, etc. Just tell me how much urgh1
For an web app suggest sub-domains instead of directory structures. Got escalations, not fired, then I quit my job.
For 2020 I want to achieve more insight of my already running collaboration service/tool for businesses by talking more to managers, chiefs and workers.
And for a better internet community a GUI for NGINX for home servers (any PC) that could interface with purchased domains to make configuration become automatic, to make self hosted web-apps/services more accessible and streamlined.
Anyone worked with WordPress + React?
I'm trying to think how I can host WP as my back-end and React as my front-end.
Currently I'm thinking of hosting them separately as two different domains as the back-end can be called as an API by the front-end.6
Ok, so I have a lot of work to finish and wanted some random people talking on youtube as background noise. When I tried to visit youtube, I accidentally misspelled it to youutbe.com and visited a site that stays empty but seems to be loading a lot of js. It is pretty intriguing. My question is, what could be the possible use case for such a site and what is the maximum harm that could be done by creating websites on misspelled domain names of frequently accessed other domains? Thoughts?4
“Epstein promotes concepts. He urges individuals—and parents especially—to abandon the desire for instant gratification and easy answers as early performance on tests isn’t an indicator of professional success. He emphasizes traits over particular skills—be curious, flexible, open-minded, adventurous, experimental, and playful. Try and fail and try again. Explore. Read outside your field. Supply your mind with lots of ideas so that you can make the connections that specialists miss, helping you thrive.
Never decide you are too old or too late to the game to try something new. “The tidy specialization narrative cannot easily fit even [the] relatively kind domains that have most successfully marketed it,” Epstein concludes. “So, about that, one sentence of advice: Don’t feel behind…research in myriad areas suggests that mental meandering and personal experimentation are sources of power, and head starts are overrated.”
What do you think is the best software for an e-mail server running on Ubuntu 16.04 (Gotta use Ubuntu for a few different reasons). Haven’t been able to find a good solution for me to use. Needs to be able to run a few different email domains, roughly 5 domains.
Hell, any suggestions on a VPS host? I’ve been thinking of OVH. (Best bang for the buck so far that I’ve found)10
A community-based project which aspires to democratize learning. The platform assists you in identifying webinars happening across the world in various domains. It makes your discovery for relevant content simpler and also assists webinar organizers.9
Do you know about any Linux tools to migrate records from existing nameserver to a new (self-hosted) nameserver? We have multiple domains and it will be pain to migrate all of them manually. Thanks!7
I need to have domainB show the contents of domainsA without redirect. Oh and its WordPress if that makes it worse.
Support just said "You gotta clone the website" but there's gotta be a better way.
It's cloud hosting from HostGator so I don't have access to virtualhosts.6
Yum -y update
CWP error 404 on all domains
1. Purpose: Being at the forefront of discovering how and helping to automate business processes in all domains and learn about "how things work"
2. Relative autonomy
3. Mastery (of languages, concepts, methods)
I need some help with parking a domain in ovh.com webhosting. It's a real pain in the ass so any input is strongly appreciated. I kinda figured out what todo already, but still need some clarification.
Normally after buying a webhosting all I would need to do is login to my domain registrar's website and in the control panel just change nameservers to webhosting nameservers and that's all. Webhosting provider would take care of the rest (subdomain creation, e-mail creation and etc.) But because OVH are assholes, they support this type of domain parking only for domains registered at OVH.
For external domains, procedure is as follows:
For the configuration to function, you will need to make the following adjustments with the current provider:
Insert a TXT record for the domain ovhcontrol.mydomain.com with the value jwyPolzgrZyIShzaQItqw
Point the A record of your domain mydomain.com to 220.127.116.11
Point the A record of your domain www.mydomain.com to 18.104.22.168
So basically I had to login to registrars cPanel and first of all I had to park my domain back to my registrar (I had to switch to default nameservers which are provided by domain registrar)
Only then I got advanced access to dns zone in order to add the required records above.
When I open my domain registrars dns zone cpanel this is what I see:
So basically, as I understand, I just need to add these required records like this?
Am I correct?
So basically my OVH webhosting doesn't deal with dns zone at all, I will have to use my own registrar for adding subdomains?
What about e-mail addresses? OVH doesnt allow me to create emailboxes for "externally" parked domain addresses. Will I have to search for some e-mail provider, and add some additional records?
Any input/help would be appreciated.1
Just a thought, would you pay a monthly fee to manage your domains? I've been using DNSimple for about 2 years now, hands down, one of the best I've used but just recently they started charging 5 USD per month for the basic plan :/1
Need some help,
I am setting up postfix and I need it to accept all emails, from any domain (without a domain list), and forward it to a local address on the machine (It pipes into PHP, toscript@).
I have a catch-all working where it is forwarding the emails to the toscript@ mailbox dispite of the to address. But if I send an email to it that is not in the domain list it gets rejected as it's not in the domain list, Is their a known way to force Postfix to accept all domain emails without having a list of the domains in the server.
I have searched but no luck of a working solution, I have looked at the following with no working solution
Server Fault: 133190
Server Fault: 422468
Server Fault: 179419
Server Fault: 105641
Server Fault: 161321
Server Fault: 318426
Server Fault: 514643
Server Fault: 410053
Stack Overflow: 4772229
Super User: 353488
Looking at the docs I do not see anything for it but making it an open relay but I can't figure what settings to update to make it the open relay to capture all of the mail.
I know I am missing something but I can't figure out what it is!
I'd like to use Postfix as it seems very stable and it's not a hack job as some of the projects that I have seen. It also can communicate with all of the proper channels for SMTP and the Protocol as well as some very easy configs.2
Todays website fail, looks like someone is using a NFS mount for the site:
"Deprecated: Non-static method PageLinesTemplate::current_admin_post_type() should not be called statically, assuming $this from incompatible context in /nfs/c03/h03/mnt/166492/domains/makerspace.com/html/wp-content/themes/pagelines/admin/class.options.metapanel.php on line 30"
Shit thoughts and self conflicts.
The typical middle class scenario : grab whatever opportunity that comes and delay decision making for anything that's not immediately affecting you , as long as you can. Anyone relate with me one this?
My last 7 months have been gone a little less stressful just because i was able to score an offer letter from India's biggest service based MNC. Yeah sure, the salary they would have given would be less than $400 per month , but working in a company employing 400k employees and later reaching to heights there would be so awesome
They did publically said they would be rolling out joining letters for their fresh recruits later in the year, they won't be backing out on the lives of 40k people. And they didn't they are really rolling out those letters and i got one.
But i hat to stay jobless for 6months because of this. Why couldn't they generate employment much earlier when our families were going out of business?
At that time i had to go work in different domains to get some cash inflow.
Now , as i read their email, which gives a date of around 10 days... I am again torn at the thoughts that i had 4 months ago .. should i be joining this big ass firm where people claim to have entered and stayed their entire lives, rising and gaining more authority? The pesudo government like job,where work is less but pressure of work is a lot
Or should i keep doing my job in this startup, where i am working in the domain that i love, getting the cash that satisfies me and have a relaxed environment where everyone is willing to help ? Startups feel like the way to go, but those big firms are so lustrous while these small teams feel like they are gonna kick my ass out the moment they are at loss
I guess i would not be leaving my startup job for those big company dreams. Someday i hope to reach into a company that's doing something good at a scale , no matter their own size . But doing something i like is also equally important , I don't wanna be putting data into excel sheet when i could make helpful software , just because the former has a job security
Damn... Job life is risky1
Did any of you have found a viable and reliable email hoster for custom domains that doesn't force you to transfer your domain(just setup the DNS records properly)?
And that can make programmatically possible write emails?13
MRW I deploy to production server and forget to add a server domain in "OAuth redirect domains" in Firebase.
Before that I was debugging for 6 hours without success.1
Someone posted a link to a 30-day-security-challenge here on devRant some time ago and I just thought well, why not try to migrate away from the big companies - I've been using OneDrive as my only cloudstorage since the time when it was called SkyDrive and I've been hosting my Emails at outlook (via Live Custom Domains, a service that does not even exist anymore) for about 8 years now. Since I've always been lazy and since exchange activesync is a great feature if you have multiple calendars and want to sync them and your contacts to several devices I never tried to switch but now I am half done with migrating my data to my own nextcloud installation and my emails to my own mail server - since I don't want to loose the exchange functionality I am also setting up Z-Push and oh boy, this thing is bitching around but my webmail is already nicely integrated into nextcloud, IMAP / SMTP is up, configured and secured (still have to mess around with spamassassin as this email adress is floating around the web for about 10 years now). The only things to do is to get Z-Push work with STARTTLS and the card/caldav backend running and then the basic setup should be done.
I am just wondering if someone could hand me over a guide on how to sign / encrypt emails (GPG?)
What do you guys use for email providers these days?
I'm talking more for custom domains, not sending/receiving5