My last internship (it was awesome). A programmer developed a vacation/free day request application for internal use.
Asked if I could test it for security.
The dev working on it thought that was a very good idea as he wasn't much into security and explained how the authentication process worked.
I immediately noticed a flaw just from his explanation. He said it was secure anyways (with an explanation but his way of thinking was wrong in this case). Asked if I was allowed to show him. He said he was intrigued by this so gave me a yes right away.

For the record, user levels were normal user, general admin and super admin (he was the only super admin).

Wrote a quick thingy server side (one of my own servers/domains) for testing purposes.

Then I started.

Went from normal user to super admin (his account) through a combination of XSS and Session Hijacking within 15 seconds.

Explained him where he went wrong and he wrote a patch under my guidance 😃.

That felt so fucking awesome.

Started talking about Pi-Hole (still trying to install this fucker by the way) today with a collegue.

He had it installed and showed me around a little.

CW: Alright give me an example then I'll show you wildcard blocking.
Me: google.com 😅
CW: *enters and saves it. then tries to load anything related to google.com*

*no google.com domains load, all give a blocked error*

Me: Works great!
CW: Yup.
...
...
...
...
Me: Uhm so you aren't like surprised that I went with google.com as example and that I'd genuinely would block it?!
CW: No, why would I be?
Me: Well, most people consider me paranoid/crazy the second they find out I don't want to use google/google's services.
CW: well that's fucking retarded. why would anyone redicule you for not using something you don't want to use. You'll have your reasons.
Me: So if I'd say i do it for privacy reasons, you wouldn't find that redicilous?
CW: No, why would I? Not using google (and for that matter facebook etc) for privacy reasons is very logical really.

FUCKING. THANK. YOU.

2010: PHP, CSS, Vanilla JS, and a LAMP Server.

Ah, the simple life.

2016: Node.js, React, Vue, Angular, AngularJS, Polymer, Sass, Less, Gulp, Bower, Grunt.

I can't handle this, I'm shifting domains to Machine Learning.

2017: Numpy, Scipy, TensorFlow, Theano, Keras, Torch, CNNs, RNNs, GANs and LOTS AND LOTS OF MATH!

Okay, okay. Calm down there fella.
JavaScript doesn't seem that complicated now, does it? 🙈

Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜

Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.

First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.

Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.

Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.

Dealing with attacks and getting hacked.

Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.

linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)

How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!

One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)

Dealing with different kinds of attacks:

Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.

So yah, hereby :P

Who am I to refuse such a flattering offer?

Front-end dev: email domains other than Gmail and Hotmail exist?!1! 😱 And email regex, what the hell is that? 😵

First rant from a phone without Google services.

Put shitloads of Google/fb etc domains in the hosts file so my phone cant reach those either.

Root firewall blocks everything except for devrant, a download manager, fdroid and firefox focus.

As for my phone, I'm Google free!

Thanks for @PonySlaystation for coming up with this idea!

Wrote my first ever Firefox extension. It loads a json list from a server containing domains which, according to the snowden leaks of 2013, are integrated within a US powered mass surveillance network.

If it finds any urls on the page being loaded, it puts a fullscreen red background with a warning text and the links which match the surveillance criteria.

There's no way to continue to the web page yet, will try to add that later on.

I don't use Google/Facebook for privacy reasons (and their sub-services etc). Haven't used them for ages but noticed that google still loads a lot of domains like analytics etc. This goes for facebook as well.

I now blocked a lot of google/facebook domains through my hosts file.

It's funny to see the amount of DNS requests to those fb/google connected domains nearly go to zero and also the fact that I literally can't load google/facebook anymore!

Just registered two new domains. Will be writing two new services tonight 😃

I'm happy yay 😊

Another great thing is pihole.

Blocking more than 2 million domains like an afternoon breeze

Stop buying domains that you don't use you fucking idiots. Can't find any domain for my new project. But none of them are being used. Fucking retards.

Last september:
I get an email from a customer who want to end the contract. I inform him that the contract runs to the end of March and it will be terminated the last of march.

Customer agrees and I do not hear a word from him. Until now when I closed down all his services.

Angry email:
Why did you close the server and email? are you **** stupid!?

I reply:
21/9 2016, you wanted to terminate all services you had with us. That means that your domains, DNS-services, VPS, email and Office 365 was going to be closed today.

Why is this not uncommon?!

Just opened localhost8000 and this is what I get

Holy fuck, this is starting to work!

Problem: I am highly anti google/facebook/few others and I'd rather null route those DNS requests.
The problem is that the pihole only can blacklist domains or wildcard domains but not words. So if Google would come up with a new name for some of their domains, I'd be fucked because I can't filter out the word Google through the pihole.

Today I fucking found the solution (still a work in progress but a PoC is nearly working):
Compiled a program which can monitor DNS queries/requests and logs them to a file.
Have a php (yes I write most of my cli tools in php) script tailing the log file and gathering the requested domains from it.
Then I can see if the domain contains the substring which I don't like (google as word for example) and echo it to the end of my hosts file with 0.0.0.0 in front of it if that's the case.

Holy fuck this seems to be working! 😍

Wierd Domains Game

Like: pornhub + StackOverflow
PornOverflow.Com

Add your entry in comment.

Winner will be get 1 domain + 1 year hosting

Have been working on a frontend with actual stats for the DNS server I'm building. This is the result so far (real stats, red blocked domains are marked by me (in redis) as surveillance domains), thoughts?menu

Was thinking of a name for my currently biggest project and thought of a funny one, took the first letter of each word and started to use that to refer to the project, was thinking about domain names and such already etc.

Just wrote it down and I suddenly noticed:

ONE OF THE LETTERS IN THE SHORTCUT ISN'T CORRECT.

How the fuck did I miss that for fucking weeks?! It's not like it's a difficult sentence/set of words or anything.

I'm so fucking glad I didn't register domains or shit yet.

How. In. The. Living. Hell.

I was offered to work for a startup in August last year. It required building an online platform with video calling capabilities.
I told them it would be on learn and implement basis as I didn't know a lot of the web tech. Learnt all of it and kept implementing side by side.
I was promised a share in the company at formation, but wasn't given the same at the time of formation because of some issues in documents.
Yes, I did delay at times on the delivery date of features on the product. It was my first web app, with no prior experience. I did the entire stack myself from handling servers, domains to the entire front end. All of it was done alone by me.
Later, I also did install a proxy server to expand the platform to a forum on a new server.
And yesterday after a month of no communication from their side, I was told they are scraping the old site for a new one. As I had all the credentials of the servers except the domain registration control, they transferred the domain to a new registrar and pointed it to a new server. I have a last meeting with them. I have decided to never work with them and I know they aren't going to provide me my share as promised.
I'm still in the 3rd year of my college here in India. I flunked two subjects last semester, for the first time in my life. And for 8 months of work, this is the end result of it by being scammed. I love fitness, but my love for this is more and so I did leave all fitness activities for the time. All that work day and night got me nothing of what I expected.
Though, they don't have any of my code or credentials to the server or their user base, they got the new website up very fast.
I had no contract with them. Just did work on the basis of trust. A lesson learnt for sure.
Although, I did learn to create websites completely all alone and I can do that for anyone. I'm happy that I have those skills now.
Since, they are still in the start up phase and they don't have a lot of clients, I'm planning to partner with a trusted person and release my code with a different design and branding. The same idea basically. How does that sound to you guys?

I learned that:
. No matter what happens, never ignore your health for anybody or any reason.
. Never trust in business without a solid security.
. Web is fun.
. Self-learning is the best form of learning.
. Take business as business, don't let anyone cheat you.

How people see me:

Father: computer nerd (he's a coder too)
Mother: website maker and computer nerd
Brother#1: some computer wizard
Brother#2: noob web coder (he codes as well, but systems programming) - thanks bro!
Colleagues: The ALIEN™
Girlfriend: 404 not found
Friends: The NERD™
Dog: some hooman spending lots of time behind those lighty rectangles

Fyi, I am passionate about computers in all domains and always helped debugging people

My solution to not being overwhelmed with futile demands? Talking to them in complicated words, so they will only ask questions about true problems and not garbage :D

Started working on a pihole alternative a while ago.

I like pihole a lot but one of the features I am missing is to be able to define a list of mass surveillance related domains (Snowden leaks; PRISM program and such) and show statistics based on dns queries containing blacklisted domains, prases/words and surveillance-related domains/words (google/facebook/microsoft/apple etc).

Started working on one based on an existing (php based) dns server which is open source and slowly but surely developed something which worked.
Then, I found out that the php resolving function (dns resolving) uses the system default, which can, of course, be google's dns as well. Changing this would be ideal but while the documentation suggested that it could be done some way, it didn't work for me so I chose a library which can do it with specific dns servers (to use as external dns servers).
This library used a different way of showing the retrieved dns query results and really wasn't in for converting everything by hand so i kinda quit the project a while ago.

A few days ago I thought fuck it and started again.
Now have a working version based on the new dns resolving library and made some other good improvements.

For those who are wondering why I chose PHP for this: why the fuck not?

Happy happy happy.

Namecheap: *cricket noises for over a year*
Today: "hEy ThErE cOnDoR, yOuR dOmAiN WiL eXPirE iN 24 hOuRs!1! rEnEw NoW, yOU rEadY?"
Me: "No you motherfucking bastards, a bank transfer takes 3 days at least. Oh wait you don't even accept bank transfer, how convenient!"

And what if I didn't see that email right after your fucking craptacular automated notification system sent it to me, hmm? Don't you Namecheap of all companies know how fucking *vile* domain squatting on the .com is?!!

MOTHERFUCKING CUNTS!!! Jeopardize my domains like that *one more fucking time*, and guess who will be taking his assets to the sexist bastards that I tried avoiding for so long, GoDaddy! FUCKERS!!!

A few weeks ago a client called me. His application contains a lot of data, including email addresses (local part and domain stored separately in SQL database). The application can filter data based on the domain part of the addresses. He ask me why sub.example.com is not included when he asked the application for example.com. I said: No problem, I can add this feature to the application, but the process will take a longer.

Client: No problem, please add this ASAP.

So, the next day I changed some of the SQL queries to lookup using the LIKE operator.

After a week the client called again: The process is really slow, how can this be?

Me: Well, you asked me to filter the subdomains as well. Before, the application could easily find all the domains (SQL index), but now it has to compare all the domains to check if it ends with the domain you are looking for.

Client: Okay, but why is it a lot slower than before?

Me: Do you have a dictionary in your office?

<Client search for a dictionary, came back with one>

Me: give me the definition of the word "time"

<Client gives definition of time>

Me: Give me the definition of all words ending with "time"

Client: But, ...

Never heard from him again on this issues :-P

Since GoDaddy was calling me frequently to buy domains I've added to my cart, I added another domain
'dontcontactmetobuythisdomain.com'

Me: Gets idea, buys a domain name
Me after 2 months: Looks at expenses, questions impromptu spending habits on domains

DigitalOcean

My god, it's so easy and simple to spin up a server for a few minutes without being stuck with a contract of a year. Also, being able to manage all my domains there is a blessing :D

So I used to do some freelancing in web development last year, nothing too fancy just some simple PHP websites. Comes the worst meeting in my life. So I am from India and we have a lot of long lasting business here being passed on over generations. TL;DR the guy was the owner of a very old business which was actually very huge and the guy was educated too, so I assumed that he'll be sensible as compared to other people.

The meeting was in an expensive cafe and he paid for it, he even told me upfront that meeting is on him. Great, right? So we sit down, order some coffee and then start discussing what he needed.
The guy needed an ecommerce website built with backend and logistics system integrated. We discussed possible designs for the website and stuff too and so far the deal looked promising to both of us.
I explained him the cost estimate and told him that I would email him the final quote from myself once we discussed server cost and shit.
So now comes the bargaining part where he asked me to give him server and domain for free.
At this point, I suspected that he didn't know that servers and domains are not something that you make. You have to purchase and renew them periodically.
So I told that guy that he didn't understand the cost estimation and explained to him that X is the cost of making this fucking thing and Y is its monthly maintenance cost, if he wanted annually could be done too. And this Y did not include server and domain costing.
Now came the fucking tide, the guy straight up turned to his shit and told me I am lying and trying to con him. So I gently asked him if he had ever gotten any website made. To which, he said No, but he knows how the costing works.
I was like "Bitch?". So I calmly tried to explain that that's not how websites are done, delivered and maintained.
He didn't seemed to be understanding and kept on fucking repeating that he knows his shit and blah blah.
At this point, I was like "Okay. Fuck this dude then. I can find another project. " and then I told him that he'll need to find someone according to his needs.
Interestingly enough, the guy called someone and then walked out of the cafe while talking on phone. I waited for 5 minutes and he didn't come back so I decided I would pay for my coffee and leave. Turns out the guy had paid his bill before my arrival and ditched me with the excuse of the call.

But oh well, I think working with such an idiot would have been much worse than paying for that coffee.

Needed a list with all domains I run on a server but I don't always give nginx config files the names of their website so I was about to start going through them by hand..... waaait, let's try to automate this with a bash script...

Five minutes later I've got a working bash script which gets all domains from all config files.

Oh, the joys of terminal/bash stuff!

> I noticed you have domains that are not used anywhere, do we need to move them? e.g. domain X?
>> no, they aren't used
*migrate servers and working domains*
>> why did domain X stop working?
> que?

Heres a smartass domain name if anybody is looking for one :^)

I just set up pihole again.

So many things being blocked. Byebye Facebook!

Everything is so fast. I love it.

1.3M domains blocked 😍

We have 1 guy managing everything. He develop our CMS, customers email client, manage our network, servers, domains (our own domain servers), billing system, SSL certificates... In short: everything (as well as bugs). The entire company relies on 1 guy, pretty much.
Brings the phrase "all for one, and one for all" to a whole new meaning.

I hate asking questions but I need to right now.

Any suggestions for an easy installable email server like mailinabox? Multiple domains is a requirement :)

I eat food. And I cook food. Believe it or not, cooking is very similar to coding. Things you do at the very beginning haunt you till the very end. Also, premature optimization is the root of all evil (in both domains).

Motherfucking website style JavaScript rant ahead.

Just tried to register some travel tickets, at FlixBus. Of course alternatively I could go for a train but those would be more expensive. So yeah.

Turns out that the website loads JavaScript from 20 domains including 3 required CloudFront ones (those are the most annoying because it's not possible to tell by the domain what it would be doing). But alright, I'll take it. Web 3.0 amirite?

So I go and find myself a nice bus, add it to my cart.. oh shit it's the wrong one. Change some parameters, hit return.. well guess what. Turns out that in all their JavaScript glory they couldn't implement that much. Awesome!

Go to another site to get another ticket for my travel back, only to find out that while they couldn't implement return, their webdevs are apparently skilled enough to get a giant boner on blinking "(1) Almost ready!" in the site's title, when changing to another tab and there happens to be stuff in the cart. Do you really think I care about that shit! Don't distract me and let me get my shit done!!!

So, to all you webdevs who would pull something like this and wank on it too. Guess what motherfucker. That purchase got cancelled through the power of JavaScript wank, because there's no way I'm supporting that dystopian junk. Guess what, when people shell out money at your shitty online shop, they may want a quarter-ass decent UX too. And no notifications or any of that wank, you hear me?

But yeah fucking Web 3.0!!! Give me a fucking break.

My first job was actually nontechnical - I was 18 years old and sold premium office furniture for a small store in Munich.
I did code in my free time though (PHP/JS mostly, had a litte browsergame back then - those were the days), so when my boss approached me and asked me whether I liked to take over a coding project, I agreed to the idea.

Little did I know at the time: I was supposed to work with a web agency the boss had contracted to build their online shop. Only that he had no plan or anything, he basically told them "build me an online shop like abc(a major competitor of ours at the time)"

He employed another sales lady who was supposed to manage the shop (that didn't exist yet). In the end, I think 80% of her job was to keep me from killing my boss.

As you can imagine, with this huuuuge amout of planning and these exact visions of what was supposed to be, things went south fast and far. So far that I could visit my fellow flightless birds down in the Penguin's republic of Antarctica and still need to go further.

Well... When my boss started suing the web agency, I was... ahem, asked to take over. Dumb as I was, I did - I was a PHP kid and thought that Magento, being written in PHP, would be easy to master. If you know Magento, you know that was maybe the wrongest thing I ever said.

Fast forward 3 very exhausting months, the thing was online. Not all of it worked yet, but it was online and fairly secure.

I did next to everything myself, administrating the CentOS box the shop was running on, its (own) e-mail server, the web server, all the coding required for the shop (can you spell 12 hour day for 8 hour pay?)

3 further months later, my life basically was a wreck, I dragged myself to work, the only thing I looked forward being the motorcycle ride home. The system worked though.

Mind you, I was still, at the time, working with three major customers, doing deskside support and some admin (Win Server 2008R2 at the time) - because, to quote my boss, "We could not afford a full time developer and we don't need one".

I think i stopped coding in my free time, the one hobby I used to love more than anything on the world, somewhere Decemerish 2012. I dropped out of the open source projects I was in, quit working on my browser game and let everything slide.

I didn't even care to renew the domains and servers for it, I just let it die without notice.

The little free time I had, I spent playing video games and getting drunk/high.

December 2013, 1.5 years on the job, I reached my breaking point and just left, called in sick at least a week per month because I just could not see this fucking place anymore.

I looked for another job outside of ALL of what I did before. No more Magento, no more sales, no more PHP. I didn't have to look for long, despite what I thought of my skills.

In February 2014, I told my boss that I quit. It was still seven months until my new job started, but I wanted him to know early so we could migrate and find a replacement.

The search for said replacement started in June 2014. I had considerably less work in the months before, looks like he got the hint.

In August 2014, my replacement arrived and I got him started.

I found a job, which I am still in, and still happy about after almost half a decade, at a local, medium sized ISP as a software dev and IT security guy. Got a proper training with a certificate and everything now.

My replacement lasted two months, he was external and never really did his job - the site, which until I had quit, had a total of 3 days downtime for 3 YEARS (they were the hoster's fault, not mine), was down for an entire month and he could not even tell why.

HIS followup was kicked after taking two weeks to familiarize himself with the project. Well, I think that two weeks is not even barely enough to familiarize yourself with nearly three years of work, but my boss gave him two days.

In 2016, the shop was replaced with another one. Different shop system, different OS, different CI. I don't know why and I can't say I give a damn.

Almost all the people that worked at the company back with me have left for greener pastures, taking their customers (and revenue) with them.

As for my boss' comments, instructions and lines: THAT might not be safe for work. Or kids. Or humans in general. And there wouldn't be much left if you put it through a language filter...

Moral of the story: No, it's not a bad thing to leave a place if you're mistreated there. Don't mistake loyalty with stupidity!

And, to quote one of my favourite Bands: "Nothing matters when the pain is all but gone" (Tragedy + Time by Rise Against).

My biggest insecurity?

That I'm fascinated by a lot of domains and rather than mastering one I'm just intermediate in all of them, making me a jack of all trades but a master of none.

Trying to learn some golang after a break.

Made http / https transparent proxy for personal project.

Mind: You need to add configuration file with domains you allow traffic and block everything else using list of regex.

Me: Ok I can do it, 4 hours later ok done

Mind: Why not make it differently by making list of url you can block and test this shit on fucking ads and stop using adblock that downloads content.

Me: ok that will be handy I can watch websites faster and drop traffic I don’t want to.

Funny fact, it works I broke analytics, logging, quantum shit fucks and even youtube plays ok.

Go is awesome for networking stuff lol.

So according to google domains I just put in a transfer request 5 days in the future... Fuck me I need to learn to contain these powers...

It came to me, a brilliant idea, a simple solution to an everyday problem and easy route to market. Great, starts looking for domains and writes down idea in full in case i forget. Later that day, picks up 12 year old son from school, tells him my great idea. He told me how shit it was and why straight away.

I had forgotten why I hated GoDaddy so much.. until today. It all came back to me.

I have been a GoDaddy customer for over 5 years now. Last year I tried out Namecheap for the first time because someone who was sending me a domain asked me to create an account on NC.

A couple of days on NC and I fell in love with the support and pricing. I started transferring all my domains to NC over the year. (30+)

Now I was left with 3 domains, 1 of them was to expire 4 days ago. but 5 days ago, GoDaddy switched it to pending mode, barring me from transferring to domain or changing any details.

today I called GoDaddy and after a loooong chat, they fucking forced me to renew my domain!! Saying that I need to renew the domain before I attempt to make any more changes!!!

FUCK YOU GODADDY! THIS IS WHY I NEVER SEND CLIENTS YOUR WAY!!!

So it's Saturday.

We're doing a data centre move today. Everything was hosted in a data centre in Derby and we're shutting that all off and migrating everything to new domains in AWS. Every site, every app, everything.

We've tested this week and only this last week. It raised issues every time and nobody feels particularly confident about the move.

If things fuck up badly enough, were in a lot of trouble. Everything is business critical and we only have until Sunday evening to fix it.

What could possibly go wrong?

Installed Cookie Clicker yesterday. This app literally bombs my PiHole with ad- and tracker domains.
This is pretty bad...

PSA to /[devs who things it's a good idea|management who thinks it's a good idea to force your devs]+/g:

There currently exists 1543 (and counting) top level domains. My email addresses follow the pattern: /^[a-z]+@panduro\.guru$/ and I die a little inside whenever I get told my email addresses aren't valid because you thought it was a good idea (to force your devs) to hardcode "valid" top level domains. There is a reason why the filter for input type email does not include top level domains.

And you can't even begin to comprehend how mildly annoyed I get when I message their support and tell them what the problem is (because I'm nice enough to do that) they instead of telling me "thanks for informing us we'll look into it" they tell me "well just get a gmail or something". I should not have to order social status reducing items with my school mail (especially not since I'll loose that email ¾ pairs of years)

Just spent 2$ on mydev.life
(Bought the domain for no damn reason)

I have this side project that I’ve been working on for the past 6 years part time but over the past 2 years just as a sysadmin to keep it running, it’s unpaid work but whatever, dropping in once a month or so doesn’t worry me.

Well the owner of the domain hasn’t been reachable for nearly 9 months and the domain expired a while back, not much I can do about that, so I pushed everything over to work at the IP level while I reach out and wait - that was 2 months ago while I waited for the owner to renew it or for the domain to fall.

Today the domain fell, so I jumped on to buy it back up only to find its already purchased... 😦

so I find the owner, it’s fucking parked on a shitty “buy me” page with a price tag of $4500 USD. Fuck these slimy hoarding domain parking bastards.

I know the site was on its last legs, low membership and traffic but I’ll be fucked if I’m paying that much to reacquire it.

Unicode domains is the shittiest feature introduced in web recently.

People who came up with this idea must be fucking dumb or have ties with internet scammers.

My boss says to me this morning.

Boss: Can you add these links as a redirect 301 to this link.

Me: Ok, I'm not the developer for that domain but I guess I can do it. Let's try to update apache htaccess for that domain through my account.

(After a swift ssh connection to the server to check out that domain.)

Me: Er...boss, we don't own that domain. We cannot redirect it's links to our other domains.

Boss: Why? What do you mean?!

Me: well if we don't own that domain, than it is not on our server and we cannot update it's server config files. So we cannot redirect that domain to our other domains.

Boss: Are you sure?

It went on like this for a while. I had a laugh break after.

Fuck GoDaddy man... Paid extra for the privacy feature thinking I wouldn't get harassed by phone. Think again! Got tons of calls from India in two days. What a rip off...

I guess they're selling our info or something...

What service do you guys use? I want to move my domains, any recommendation?

Client asks to point their domain to a new 'squarespace' they just got, then call you bc they cannot access the admin console to their old site and 'it's so weird that all the requests are now going to squarespace !!'

IF YOU UPDATE AN ADM PLATTFORM FOR FUCKS SAKE DON'T DO THE FOLLOWING THINGS:

1. ONLY DOCUMENTATE IT IN A POWERPOINT

2. WRITE DOWN IPs AND PORTS ONLY ON A WHITE-BORD

3. MOVE TOOLS TO OTHER SUBNETS OR DOMAINS WITHOUT PROPERLY KNOWING THE WAYS OF COMMUNICATION BETWEEN THEM

4. USE YOUR PERSONAL EMAIL ADDRESS AS RESET OPTION FOR LICENCE-MANAGEMENT ACCESS IF NO ONE KNOWS THE PW

5. LEAVE THE COMPANY THE DAY AFTER THE UPGRADE IS DONE

Because the guy who has to take care of the upcoming problems is not going to like you!

BUT having to deal with all of this at once would not be a problem if your, so called team (30 People who work with those applications e.g. as test-engineers) would actually work together instead of having that "not my daily business, I am going to drink coffee" attitude.

Apparently I am the only one who has enough balls to see, admit, and report a problem to our leadership.
This always leads to Me fixing the issue...
....that's alright I am learning a lot...
...BUT IF A TEAM-MATE, WHO HAS THE SAME DEGREE AS I AM GOING TO GET, LEAVES EARY BECAUSE: "HE DOES NOT KNOW WHATS WRONG", IT TRIGGERS ME!!!

- The apprenticeship guy

PS Needless to say hundreds of clients have access to those systems and I worked through a shittload of official tool docs just to get to know the tools first...

So much truth

Holy fcuk! Can anyone here help me understand how this domain is possible?

WARNING: obviously its a spam site. Take necessary security precautions if you are going to visit.

the following domain opens a cluster fuck domain name! >> secret.ɢoogle.com

That ɢ is not what it looks like. How is such domains possible to exist? Even more surprising, how is this sub domain -ception possible?

Why do _devs_ still use shared hosting (and then bitch about it)?

"This thing won't let me use external SMTP" - "I can't use more than 2 domains for my site" - "I can't change X in PHP config" ...

You're a dev, VPS prices are pretty much on the same level as shared hosting, and setting those things up isn't exactly rocket science either.

Oh boy, this is gonna be good:

TL;DR: Digital bailiffs are vulnerable as fuck

So, apparently some debt has come back haunting me, it's a somewhat hefty clai and for the average employee this means a lot, it means a lot to me as well but currently things are looking better so i can pay it jsut like that. However, and this is where it's gonna get good:

The Bailiff sent their first contact by mail, on my company address instead of my personal one (its's important since the debt is on a personal record, not company's) but okay, whatever. So they send me a copy of their court appeal, claiming that "according to our data, you are debtor of this debt". with a URL to their portal with a USERNAME and a PASSWORD in cleartext to the message.
Okay, i thought we were passed sending creds in plaintext to people and use tokenized URL's for initiating a login (siilar to email verification links) but okay! Let's pretend we're a dumbfuck average joe sweating already from the bailiff claims and sweating already by attempting to use the computer for something useful instead of just social media junk, vidya and porn.

So i click on the link (of course with noscript and network graph enabled and general security precautions) and UHOH, already a first red flag: The link redirects to a plain http site with NOT username and password: But other fields called OGM and dossiernumer AND it requires you to fill in your age???
Filling in the received username and password obviously does not work and when inspecting the page... oh boy!

This is a clusterfuck of javascript files that do horrible things, i'm no expert in frontend but nothing from the homebrewn stuff i inspect seems to be proper coding... Okay... Anyways, we keep pretending we're dumbasses and let's move on.

I ask for the seemingly "new" credentials and i receive new credentials again, no tokenized URL. okay.

Now Once i log in i get a horrible looking screen still made in the 90's or early 2000's which just contains: the claimaint, a pie chart in big red for amount unpaid, a box which allows you to write an - i suspect unsanitized - text block input field and... NO DATA! The bailiff STILL cannot show what the documents are as evidence for the claim!

Now we stop being the pretending dumbassery and inspect what's going on: A 'customer portal' that does not redirect to a secure webpage, credentials in plaintext and not even working, and the portal seems to have various calls to various domains i hardly seem to think they can be associated with bailiff operations, but more marketing and such... The portal does not show any of the - required by law - data supporting the claim, and it contains nothing in the user interface showing as such.
The portal is being developed by some company claiming to be "specialized in bailiff software" and oh boy oh boy..they're fucked because...

The GDPR requirements.. .they comply to none of them. And there is no way to request support nor to file a complaint nor to request access to the actual data. No DPO, no dedicated email addresses, nothing.

But this is really the ham: The amount on their portal as claimed debt is completely different from the one they came for today, for the sae benefactor! In Belgium, this is considered illegal and is reason enough to completely make the claim void. the siple reason is that it's unjust for the debtor to assess which amount he has to pay, and obviously bailiffs want to make the people pay the highest amount.

So, i sent the bailiff a business proposal to hire me as an expert to tackle these issues and even sent him a commercial bonus of a reduction of my consultancy fees with the amount of the bailiff claim! Not being sneery or angry, but a polite constructive proposal (which will be entirely to my benefit)

So, basically what i want to say is, when life gives you lemons, use your brain and start making lemonade, and with the rest create fertilizer and whatnot and sent it to the lemonthrower, and make him drink it and tell to you it was "yummy yummy i got my own lemons in my tummy"

So, instead of ranting and being angry and such... i simply sent an email to the bailiff, pointing out various issues (the ones

#include <rant>
Using angry standard;

Int main()
{
cout << "So my mom recently started "exploring the web". I'm sure you already know where this is going; she ended up signing up for a free trail of some diet pills with her credit card on some sketchy website. The website never sent any product but attempted to charge her card over $300 multiple times. My mom's bank noticed and froze the account. She has now opened an investigation with the banks fraud department and is awaiting response. I took the liberty of running a whois look up and found the companies website is held by GoDaddy and is hiding behind Domains by Proxy (GoDaddy's sysadmin hider). I'm angry that she's in this situation but I have no idea of how to uncover the real company behind the diet pills site." << endl;

Return 0;
}

A week ago, the team that hired me asked me to fix the s**t they made when they hosted around 30 WordPress sites in a single Bluehost shared server. Several of those were multisite installations. The server eventually gone down because of the load. And the most disturbing part was they were taking money from some of their clients to host the sites, in stead of not having a reseller licence. The server was going down quite frequently so I suggested moving some sites to another host or another server. They asked me to do it, but when I asked for the permission to edit the nameservers, they asked me to make a subdomain and point it to the new server. Which was kind of impossible because the new host was already having some subdomains and it's not easy to work with sub-sub domains. So, on an open statement they said that I am unprofessional and not fit for work. Before that they disturbed me and bursted on me when I was off working hours. -_-

How common is it for development job applicants to lie about their skillsets and experience?

Had an applicant come interview for a senior software engineer role, has been in the same company for 8 years and his resume is sprayed with almost every tech speciality and language there is, claims to be proficient in 8+ languages, done AWS server migrations, built CI/CD pipelines from scratch, written CloudFormation scripts, built microservices, worked with AWS services and serverless platforms, has managed a team, does salary and performance reviews

My gut feeling is when someone claims to have knowledge and experience across multiple specialities, they’re skills in any of those domains are only skin deep

Just finished setting up PiHole on my RaspberryPi.... no more adblock extensions with shitty performance... no more custom hosts files... and network level adblocking for all devices...
FUCK YEAH

oh, and I added so many lists that it now blocks about 350k domains (ads and malware)

Today was a good day.. time to hibernate...

Why the fuck do I have to work with Windows? AND WHY THE FUCK DO I NEED TO RESTART 3 TIMES TO GET ACCESS TO THE INTERNET? AND... WHY THE FUCKING FUCK IS EVERYTHING 7000 TIMES SLOWER WHEN I PUT MICROSOFT DOMAINS IN MY ROUTER FIREWALL?!

Remote server software installation support is great!
You can watch them trying to understand where what is on the file system, they repeatedly switch between windows without doing something on either of them and they set your IE browser policy to allow all kinds of domains & sites which are preventing them from downloading their software.
Todays guy did not know how to transfer a file between the local machine and one in remotedesktop. 😄

(If you do support like this, then don't get me wrong, I'm not making fun of you personally, it is just funny to watch if you have to actually sit there and wait for the support to finish.) 😉

Some days ago a friend told me about this good site to by the new .app domains, bigdaddy.com.
So I wanted to look for a domain and ooops, thats gay porn 😮
I confused names with godaddy.com. Maybe a lecture at uni is not the best place to open this site 😅

Oops just bought a domain 😁😁

Thanks @ThatDude

This rant covers a lot of topics very quickly; a Lenovo and a Facebook rant. I had a unique experience today:

I realized I missed the launch of the thinkpad 25. Looking at it, I have to say I could not be more disappointed. I had a t41, a t61, and a t510. The 41 gave out from the dreaded graphics chip solder joint failure, and I sold the t510 because it was awful. I still use my 9 year old t61 to this day.

The thinkpad 25 didn’t have the latches, the good chassis design, didn’t have thinklight, had a crappy version of the keyboard everyone wanted them to bring back, had the worst display in recent history, was touch screen for no reason, and worst of all shipped with an nvidia card, a chip that has no free driver, especially when Intel iris OUTPERFORMS that nvidia chip the chose. How disgustingly disappointed I was.

I was so disappointed that I literally in a fit of rage decided to see how the surface book looks.

I searched on duck duck go, and then clicked a link to the Microsoft website. To my shock and HORROR, it said the server at Facebook.com cannot be found. That’s because I have Facebook domains blocked in my hosts file.

HOW FUCKED UP IS THAT THAT FACEBOOK IS DOING CLICK TRACKING SOMEHOW THROUGH EVEN THE DUCK DUCK GO LINKS? If you don’t think this shit is real you are stupid.

And of course, surface laptop looks great... until you try to get 16gb of ram which is non negotiable IMO, then it becomes more expensive than a MacBook Pro. Guess we’re going back to old faithful Apple.

When you wanna lunch a product and all domains with good names are taken; and when you find a good domain, the twitter handle is taken by an egg!!

Does anyone own any funny-ish domains?
Mine are:

realog.site - used for testing websites for clients

imgoing.global - will be my personal site / portfolio soon

just started learning dev.

why are all the good domains taken :(

Well, today was a fun day playing with Qubes OS. I really did nothing really difficult, I created a template for multimedia pruposes (Netflix, Amazon Prime, Spotify and VLC) based on debian and then create a domain based on that same template.

It works

Still need to fix the screen tearing, but it is nothing really serious, in fact I probably just change the graphic card to the integrated on the motherboard to see if something change.

Probably the next issue will be set a few domains for specific issues:

- Dev [personal]: This will be used for my personal projects.
- Dev [non personal]: For those times I collab with someone / not my stuff
- [√] Work: mail, msTeams, whatever from my job.
- Bank Stuff: I can asure you that
- [√] Multimedia: chill n stuff

and thats all for now.

PD: Ctrl + C, Ctrl + V Will be a nightmare xD

Does anybody find that different styles of programming suits their personality better?

I've put a lot of effort into learning Rust. I think it's type system is fantastic. But after trying to make a basic programming language interpreter in it, I found Rust too complex. I kept struggling to express my types correctly, so I spent more time trying to understand the language instead of designing and writing my program.

Now consider Go. It has some overlap in programming domains with Rust. It has almost none of the high level features of Rust baked in e.g. iterators. It's approach to programming is very imperative and procedural like C before it. If you want abstractions you will have to make them yourself. As someone who enjoys understanding the details I appreciate this step by step approach and its comparatively simple language design.

What do you think? Do you think certan programming languages are more suited to different personalities?

I have been playing around with coinhive because I really like it's concept. Pretty cool so far.

Does anyone here have experience with it? What are your thoughts?

Also.. why can't pihole let me whitelist wildcard domains?? I hate having to disable my DNS server every time I want to test the miner.. I guess I will just have to make a pihole / ftl plugin for it..

Ugh been waiting a week already for my domain to transfer to google domains... HURRY UUUUUUUUUUUP!

So I decided to start using NoScript in Firefox recently, and it's been the most wonderful and annoying experience.

Wonderful - Easy to use whitelist on a domain basis makes it easy to un-break websites I trust while keeping potential malicious JS from other domains out.'

Annoying - Now I get why all the graybeards on Hacker News hate what the modern web has become

me want more domains

I started my career 7 years back (at the same company I am currently working) as an Asp.net developer. My company used to work in Microsoft domains back then. 5 years back one of our directors decided to dig into the open-source technologies and move away from Microsoft. And I was the first employee who was assigned to learn python. I thought about switching the company so that my 2 years of asp.net experience doesn't go waste. But I didn't as I started liking python. It was easy, powerful, clean, and same code ran on every fucking platform. And I was introduced to open-source.

Don't know best or worst, but this decision definitely changed my view about software development. I understood that money is not everything, passion is also important. The open-source community runs on passion and dedication. And I love the way it works. The bottom line is, I am happy. And python is beautiful.

Yesterday and today I finally had some time to work on my server. And I learned/did so much.

Gitlab is now moved to a docker container.
Kanboard is now moved to a docker container.
TeamSpeak is now moved to a docker container.
Dnsdock is set up.
Access now via nginx and sub domains instead of different ports.
Nginx is now running in a docker container.
Every http service got a let's encrypt certificate.

Damn productive Saturday.

Soooo this Canadian mother fuck, own the domain I want, and isn’t using it, and doesn’t wanna sell it.. tells me he is using it for his business.. after a bit of research the domain went inactive after 2007. Hours after sending an email.. a wix site pops up. And then then tells me his buisness has been using it for 25 years.. really??! Per public record your buisness went defunct years ago.

Won’t sell me the domain... fine, I’ll buy all the domains with your name in it variants of your buisness name, and point them to gay porn.. FUCK YOU.. fire with fire BITCH!

Fellow Deviants, I need your help in understanding the importance of C++

Okay, I need to clarify a few things:

I am not a beginner or a newbie who has just entered this community...

I have been using C++ for some time and in fact, it was the language which introduced me to the world of programming... Before, I switched to Java, since I found it much better for application development...

I already know about the obvious arguments given in favour of C/C++ like how it is a much more faster and memory efficient than other languages...

But, at the same time, C/C++ exposes us and doesn't protect us from ourselves.. I hope that you understand what I mean to say..

And, I guess that it is a fair tradeoff for the kind of power and control that these languages (C/C++) provide us..

And, I also agree with the fact that it is an language that ideally suits our need, if we wish to deal with compilers, graphics, OS, etc, in the future...

But, what I really want to ask here is:

In this age and times, when hardware has advanced so much, where technically, memory efficiency or execution speeds no longer is the topmost priority... These were the reasons for which C/C++ was initially created...

In today's time, human concept of time matters more and hence, syntactical less complicated languages like Java or Python are much more preferred, especially for domains like application development or data sciences...

So, is continuing with C++, an endeavour worth sticking with in the future or is it not required...

I am talking about this issue since I am in a dilemma about the use of C++ in the future...

I would be grateful if we could talk about keeping AI, Machine Learning or Algorithms Optimisation in mind... Since, these are the fields in which I am interested in...

I know that my question could have been posted in a better way.. But, considering the chaos that is present in my mind, regarding this question doesn't allow me to do so...

Any kind of suggestion or thoughts would be welcome and much appreciated...

P.S: I currently use C++ only for competitive programming or challenges...

About 5 years ago I worked at a small company developing websites and .NET applications.

They haven't changed any passwords which means, I still have access to ALL of their customers DNS setups.

Of course I wouldn't do anything.

But just the thought, that I could make an infinite loop, by redirecting the domains, is amazing.

Or redirecting them to a porn site.

FredBoat, largest open source discord bot.
Making all the things work + making it scale when demand kept climbing was a challenge where we had to learn simple stuff like postgres, working with 3rd party apis, generally good coding patterns and maintainable code, but also rather advanced stuff like making the garbage collector play nice, profiling memory leaks and optimizing the hot path, as well as high level topics like cutting the codebase into scalable domains and services.

To every fucking site with an .io domain:

Next time, hype a cheaper TLD...100$/year is just not reasonable...

F**king hate Windows for its insanely confusing proxy setup required for software development...

> Setup proxy in Windows network settings
> Then, setup HTTP_PROXY & HTTPS_PROXY environment variable at the system/user level.
> Followed by separate proxy settings for java, maven, docker, git, npm, bower, jspm, eclipse, VS Code, every damn IDE/Editor which downloads plugins...
> On top of everything, find out the domains which does not need to go through proxy and add them to NO_PROXY.. at each level..
> It does not end here. Sometimes, I need to setup proxy for SSH connections... like, if I have to use git with SSH and not HTTP/S... Uhhh....

More than half of the problems me and my dev team face is related to setting the right proxy. Why can't it be like, set in one place and everything picks up from there, like in any linux machine or for God's sake, a Mac ?

Worst of all is, my org uses a configuration script, which resolves into a list of proxy servers, from which one of them will be used. So, I need to download that script, find out which is the right proxy server and then, use it in all the aforesaid places... WTH ?????

Is this a common workplace problem for all developers ??? Will this be solved by Windows Subsystem for Linux ???

Hello, brilliant minds!

I am participating in a hackathon based on web development and I need to submit potential problem statements for the same. They have some predetermined domains, but I am unable to look for a suitable problem. The domains are:

1. eCommerce
2. eGovernance: Smart City
3. Fitness
4. Social Innovation
5. Tool/Library/Extension for devs
6. Travel
7. Women's safety

I will have 6 hours to code. Please suggest some of your best ideas. Thanks in advance!

Love,
TheSlug

Why in the fuck can't you transfer a domain name for 60 fucking days? This makes no sense. My dumbass purchased a domain from Google Domains and registered it with Google Sites. Now I just realized that Google Sites is useless as fuck. It's more useless than a plastic bag of dicks. The dust on my window seal serve more purpose on this planet than Google Sites. That's how useless Google Sites is. Now I want to switch to Square Space or host it myself but have to wait 60 fucking days.

I could just buy a new domain for 12 bucks but I had the perfect name. Fuck ICANN for their stupid idiotic pointless motherfucking policy. Fuck.

Some guy bought a whole bunch of city specific domain names once and wanted me to code the websites for him and manage and support the sites for 5% equity in his business. I told him you realize I can buy my own domains for very little money and build the sites for 100% ownership. His idea was not so bad for that time but he just thought that I was a nerd and he could just use me and I would just be passive and go along being that I'm desperate to make friends.

I got my domain from Swisscom (Switzerlands "T-Mobile") Every damn time I try to renew/adjust the domain it feels like I have to search for the fucking Higgs Boson. Searching for it on DDG only yields wrong results. Domains are hidden deep within the business part of their homepage. Their buisness site barely mentions domains, the login is somehow tied to an account you would normally use in combination with your phone number which only adds more to the confusion and the whole domain thing seems to be a shitty frontend coverup of someone elses service.

Don’t ring me up all nasty asking why these other domains that you never told me about don’t “work”... and you don’t have dns access ‘cos you don’t know what it is and I need to speak to some geezer from another company that you fired. FUCK OFF, now I have to do some whois fishing to find out the shit you are blaming me for.

I will major in AI. No, I will major in Big data, wait, I want to major in cloud too. I think I should first complete the courses I enrolled on cloud academy or the tens of courses in enrolled on Udemy on all the domains possible first! So many technologies, so many dreams!

Integrating Google recaptcha into my web service. For some reason it always errors, both on a production and development environment, correct domains configured, and with he simplest setup. I'm fucking lost, documentation assumes it actually works. Similar errors on stack overflow and Google groups either got no answers or have obvious issues.

Fuck this man

ok, so first there were ads.
Then came adblock and the likes.
Then websites started implementing randomly generated strings.
Then came pi-hole.
Now some of the websites are using RNG + hosting ads on their domains...
(the order might not be very accurate, but you get my point)

So what now ?
I'm guessing that the next step for adblock will be to use AI to recognize these RNG strings, and then the websites will use AI to generate better strings (harder to distinguish if it is relevant content or an ad).
In other words - AI vs AI :D

what do you guys think ? :)

Nothing like migrating to a new domain registrar.

Time to start waiting for it to process....

Fucking Windows Servers, I just wanted to set a login timeout of a few minutes after several unsuccessful login attempts.

(Windows Active Directory for Domains and shit is installed - just an FYI (otherwise this would be slightly easier))

Steps:
- Go to Group Policy Management
- Navigate to your domain in a policy tree
- Right click "default policies" and select edit in the right click dropdown.
(Why not just fucking double click and edit it them in the convenient right-side window? Because fuck you!)
- Navigate another god damn policy tree
(And it's not obvious, it's under Windows Settings... Ok that makes sense, but there are so many nests.. Fuck me)
- And only now can you edit the "Account lockout duration" field

Windows Servers are a pain.. This actually isn't completely horrible, but it gets really annoying, because literally everything here is hidden in weird places behind thousands of click navigations and in between that there's some shit sandwhich UX.

Did you guys notice that the new Chrome update removes the www from domains along with the https.

I use fucking GoDaddy to manage my domains, just cause, whatever, who cares, right, it's a domain manager, they do have great support.

But everytime I login and try to find a domain, it's like 8 clicks and they try to push their website builder in your face and all kinds of shit.

Can I get a recommendation from a trusted devranter? I want to switch.

I use forge if that matters...

thanks.

So basically people in school were playing krunker.io, and shellshock.io in class. The school took notice and decided to "futureproof" their blockage. They basically blocked all io domains, because io domains are definitely all games. So yes, that's the story of how atom.io and every other io domain is blocked at my school

Chrome 63 forces .dev domains to HTTPS via preloaded HSTS.

Well, FUCK YOU google. Why do you even give a shit of my local proxy.

When the domain you want to buy has been taken from a domain-dealer who takes ownership of unused domains. When that dealer sells it for more than 10.000€ but also would accept ... 70€?🤔 When you see that the offer decreases automatically a couple 100€ every once in a while. Let's see how cheap it can get ...

WHY!
Email was invented a gazillion years ago and it's still a shiit experience to setup on linux. Just give me ONE complete package!!
nooo i need to get postfix, dovecot, spamassassain mailscanner, antivirus, opendmarc, opendkim, dovecot-managesieve dovecot-sieve, roundcube, database, webserver and then i still have to configure everything and setup certs, spf, dnssec, dkimkeys on the domains, domains, mailboxes, deny weak certs etc.

I know the whole do one thing and do that one thing well but how about you just be a mailserver and do that ONE thing well without me needing to putting all of the puzzle pieces together myself! I don't want to waste time setting all this shit up. and don't even get me started on symantec and live.com and their blocking!

Wow WTF!

So for a new client, they have their domain on a registrar that has the most ugliest and confusing UI ever.

So I decided to transfer the domain to somewhere better.

Guess what, it takes 5 days for them to release the domain. The site would be down and I won't be able to proceed with my work until transfer is complete.

In hopes to speed up the process, I tried to create a ticket. There is no ticket system and their only available contact email listed is sales@shittiestdomainregistarever.com

I mailed them yesterday evening hoping for a reply.

Few hrs ago, I received a bunch of automated email on some ticket I never created.

The biggest WTF is that the To: on that email is some other customer's gmail address and I am CC'd along with a bunch of other customers gmail and hotmail addresses.

Seriously, WTF is this?! I'm glad I took the decision to move from them

2 new favourite acronyms for CLI work;
RIBEYE - Read it before execution ya' 'eejit
RIBBED - Read it before breaking everyone's domains

I hate those fucking websites that reject Mailinator email addresses (including alternative domains).

The other day I was so pissed off that I went on Freenom.com, registered a bunch of free domain names, and pointed their MX record to mail.mailinator.com.

Now those fucking dumb websites don't block me anymore.

I don't fucking understand why certbot never seems to renew my domains. I try everytime I get one of them anoyying emails but still fail.

Currently trying while watching the webroot and apache logs. Nothing fucking happens. Someone experience with these problems?

I've spent so many years not coding, I could never get over the initial hump, which was definitely a mistake. Mistakes are fine, we all make them. The best thing is to learn from them. On the plus side I've learnt firewalls, Web hosting. Windows domains, Azure cloud, virtual machines etc etc, skills which are hopefully very useful for Dev to have. I look forward to joining the ranks of skilled developers. If you are interested in development but are afraid to take the leap. Just go for it, start to learn and play with it. My recommendation for anyone looking for a starting point is a Udemy course called "The Complete ASP.NET MVC 5 course". I'm not affiliated in any way or advertising it. I just think it's brilliant and you get to the fun stuff really quick. You will start with the basics of getting and setting up visual studio. Also. If anyone could recommend other very good courses they know of I would appreciate it

Need to change host for my sites, but no money for a good one. Trying to put everything in one cloud (5 USD) but... How the duck can I create a mail server with multiple domains?

A good fight with postfix, dovecot... The first account, just to the sake of make it work, is almost working (I reckon)

Every time I setup a mailserver, spent lots of hours in making it secure, all mails from me are landing in spam folders. I HATE it! A pity that Google doesn't host the free G Suite with own domains anymore :(

Did anybody buy .dev domain from Google? Their website was quite slow yesterday and somehow I managed to add my first name .dev to the cart. But in the last screen I got stuck with "Registering this domain" message. I closed tab after an hour. Today it is still under pending domains. But if I search for the availability, it says exact match is available. Should I be worried?

I just can't get over the fact that the .com domain I have been eyeing for is still out of my reach. This name popped to my brain after brain storming over a week when I started making sites when i was a teen.

The domain has been sitting there unused with a basic webpage containing some ugly web design from 90s era.

I have been eyeing it for over 6 years now and just found out he renewed it for yet another 3 years!

I don't want to approach him about it either, I'm not that desperate for it that I'd pay millions for it.

The wait continues...

Anyone been in a similar situation?

Too dumb to be better at your domain
Too invested to switch domains

Remembered that firefox container tabs also allow you to force domains to their own container, so now have again youtube, google and other creepers automatically in their own containered tabs :)

What are the benefits of using www for a domain? I know it has something to do with cookies, but I can't find any useful info on the webs.

For crying out loud, no, GoDaddy, you don't just shutdown expired domain without ANY warnings. No!!! Not cool!!!

Why do average people insist on buying ridiculous packages from companies like GoDaddy - when they don't know a thing about hosting or domains? They may as well just break a few of my fingers before I start their project.

I got stuck in a shitty situatuion in which i have to choose between being a front-end+mobile developper and back-end. I have to answer my company today, the problem is that i like both domains.
HELP !!!

We're looking to change the domain provider we use to register new client's domains to one that has an API.
So far it looks like it'll either be namecheap or AWS's Route 53.
We're also looking for the same thing with mail inboxes.

Do you have any recommendations / experience with either of these?

I was hoping to find a solution that would provide both the domain registration and the mailboxes with no hosting and accessible via API but I've had no such luck.
(Except for maybe two, but neither looked up to date)

You got it all wrong, it's being a dev that helped me a lot in a lot of domains: organization, logic, basic maths that I kept struggling with for years, and the love to learn new stuff everyday

Namecheap made whois protection free for everyone, probably because of GDPR, but they cannot be used on .eu domains.

Looking for hosting Don’t really know who I should go through? I have used host gator and go daddy in the past and would like to try out some new hosting. What would you guy recommend? And why? Budget for the month would be around 15 usd for hosting max. I would like to host my portfolio and as many domains as possible on the hosting. Please help

hey guys if any of you guys are good with legal stuff some help would be appreciated.

so there’s this brand tld, which i won’t state for privacy sake. it is, coincidentally, my last name. naturally, i thought it would be pretty cool if i could change my personal domain to <my first name>.<my last name> but after contacting them i did not get a response.

do you guys think i have any legal standing to get my domain? could anyone help?

An e-mail told me to verify if this information for my domain is correct. Ehm I'm not sure... :D

Damn you OVH... You and your goddamn deals again... Now I ended up buying 2 domains for a project again. We all know I'll leave the domain in my cloudflare "keychain" without using it until it expires, because I'll find a fancier and more fun project 😅

I'm at 12 domains right now... I think I might be addicted 🤔

Btw, theres a sick deal going on over at OVH, .com is only 1,20€... Better get your project domain which you'll probably never use again now 😂

Note to self: Always do private domain registrations. I've been getting emails for about a week now asking i want custom development services for the domains I registered 😡

Is GoDaddy any good? I've seen that Google has opened .dev domains floodgate and I was wondering about starting my own page. Dunno which hosting service to choose and if I even should make my own website considering I'm not a Web Dev 😅

What's your thoughts on the newly released .app tld? Is it going to be the new .io?
It also seems like Google provides TLS certificates for free to all .app domains. I know there's let's encrypt but I still think that this is great. Google is really pushing a more "Secure" internet.

TL:DR linux newbie, looking for advice/links (skip to bottom for questions)

!rant
After i had been looking for a job for quite some time, a couple of months ago i got hired by "smaller" company doing web stuff. So far it have been a great place, good colleagues, and overall just having a great time!.
They seem to value me alot, so that's great!.

Anyway, yesterday i got called into a meeting - and got told they wanted me to start learning "Server stuff (linux)". That got me quite excited, because it always was something i wanted to learn - but never really got around to doing.

But i never touched a linux installation before, so i'm really on ground zero - but im not afraid, i'm a quick learner and quite efficient at googling :)

I figured i would ask here, since other people here always seems to be happy to help other people out.

So far i have manage to setup a server, install various stuff (php, mysql and so on) and done setup a couple of domains/subdomains on my server. Also got a vestacpinstallation working - so overall im quite happy so far.

I figured maybe somebody had some good links/advice for a linux newbie :).

* Performance/Security, will obviously be a big focus - anything i should look at? - any must look at?
* Monitoring tools, how do i monitor various websites running on my server? Here i'm thinking bandwitch, cpu/ram usage and so on pr site basis.
* Any other stuff i should be looking at?

Little about what the server will/should be running :)

* Centos
* vestacp
* WordPress installations only (e-commerce mainly)
* PHP 7 / MySQL / phpmyadmin

!rant

Anyone here experienced with Route53?

I have a small issue I'm trying to think through on how to achieve with minimum effort and maintenance, essentially set once and walk away and never care about it again solution.

Basically what I have is:

sub.domain.com

and I need to get it to redirect over to

otherdomain.com/folderToGetTo/

Using a 301 would be ideal but how for the life of me do I go about serving a 301 redirect over a dns entry - short answer is I can't unless I'm missing something!

Both domains are owned by the same company so no issue in hijacking a subdomain... well besides internal politics but that's just another day 😏

First thoughts include setting up a S3 bucket with hosting and forcing the dns to that and then, redirect out of the bucket... seems overkill but will work.

Hoping to find a smaller solution that I don't have to justify a S3 bucket being used for a single file - audits suck alright🤷‍♂️

Oh and setting up a redirect at the originating domain will take longer then it's worth to setup and get approvals for so not worth the effort internally.

Yes I will accept "fuck off @C0D4" as an answer.

I just wanted to transfer my domain from domain operator dns to other dns provider.
Now I lost control over my domain and it redirects to those fuckers website.

I thought fuck them, this is their last fuck up so decided to transfer domains from this piece of shit provider to any other.
It turned out you need to send request using post office or visit their office by yourself to get EEC (authinfo) code
Their office is 300km away but cause it’s fucking faster and more reliable then waiting a month for their mail with fucking numbers I will go and do it next week.
Let the fucking hell begin.
I hope those motherfuckers would food poison and shit themselves into their beds till end of their fucking life.
Fuck those fuckers.

Both [mylastname].de and [mylastname].com are taken. Sad.

And it is not even such a common name.

So, not really a rant. The opposite in fact. With all this frustration about GDPR lately, GUESS WHAT FUCKING HAPPENED?! My domains (at one registrar so far) where all made private because of the law. GOOD DAY!

I recently volunteered to be the admin of our student website. Boy was I in for a ride... I can only imagine the conversation went something like this:

IT: previous IT
P: some person

P: we need some additional sites that are unrelated to the main site, where should I put the files?
IT: just put them inside the folder that has the files of the main site, it doesn't matter.

P: we have some sub-domains that we do not use anymore, what do we do with them?
IT: just delete the files, don't bother with deleting the subdomain

P: we are having an event, what do we use to store user applications, we used google forms previously and it worked just fine.
IT: we will have the applications go to our mySQL database, but everything will be in one table so that it's more readable.

I mean I'm still a college student so there might be some deeper meaning to this, but still i can't look at this without my ocd getting the better of me.

Tried to use one of our test domains, but it's been left to expire by the boss (auto-renew off...)

rant && what do you think?

so one of our ISP (Orange Slovakia) had troubles with service for like two days. Their DNS servers translated domains to IPs reaaally slow or not at all. So when i saw the dns error in chrome (yes i use chrome and not quantum) I changed my dns to google dns and ignored it.

Two days later when the service was back up and running, this ISP went to the local media and made a statement "we had a DDOS attack, no user data were harmed, blabla" that was when my BS radar went bananas... so somebody DDOSd your DNS server ... for two fucking days straight... this is probably a lie or they have really noob engineers (or both).

I'm not an expert on network services or routing, or servers but, how about turning off this server, IP and setting up a backup on a different IP ? Possibly anyone here with experience how to handle DDOS? Whats the chance of this happening? i'm really curious

What the fuck is this trend of pricing cloud services by the minute? I mean It's fucking great and all that I buy 2 minutes with a sql db but who the fuck actually does that?

After another night working on a server I (strongly) suggest we move our shit to a cloud service. It's cool providing I promise the costs don't rape us blind folded. Seems easy enough, right? Nope it's not.

6 hours later, halfway to becoming a fucking network engineer and I'm more lost than ever.

Seriously can't the fuck AWS and google cloud show a monthly price - even an estimate for generic shit like $x for the average crappy wp blog!

If anyone has some helpful info / experience on the true cost of hosting generic web apps - the retardedly simple app I'm trying to price is:
1 php web application with 150 domains, 3gb mysql db and 30gb ssd.

I gets has 45000 sessions with 250000 page views.

Your help would be greatly appreciated. Currently I'm leaning towards deploying a clone sending 250 000 random requests and praying my $300 cloud platform credit will cover the bill.

where do you guys register your domains? :) i plan to seperated mine from my hosting provider.
namecheap looks good - any pros/cons i have to consider?

That moment you setup 17 domains on sparkpost as a email delivery system

make your account secure with 2 factor authentication like a good infoSec enthusiast

Go on with your life

Having a Phone crash but nothing to worry because you made them backupz

Restore backupz

once again go on with your happy life.

Having to setup a different bounce action on sparkpost

logging in to sparkpost to make the adjustments

opening google authenticator

realising the backup you restored was before you added the sparkpost entry

mailing sparkpost asking to deactivate 2factor authentication

Having them tell me that they have no access to Google authenticator so they can't help me and all they can do for me is delete my account if i answer their 7569357 questions that i entered a year ago ..

--
You have access to your database yes ? You can delete my account but you can't adjust a fcking Boolean column from true to false? #@?#&!

Why even offer a feature where you have apparently no control over. Stuff like this happens all the time and almost no one saves that fcking authenticator secret.

Make people use authenticators to keep the hackers out, forces them out instead.

Since last update (version 63) Google chrome forces all *.dev domains to use https. Guess who used a *.dev domain for his local development virtual machine and now have to switch to *.local ...

Removing the HSTS Rule from chrome seems not to be possible and surprisingly I could not use a self signed SSL certificate to make it working again.

Where do you buy your domains from? What are your experiences with various registrars?

I fucking despise making whatever website that needs to send emails.
The final user won't probably receive the emails bc of spam, the customer wont like this and blame me or the company I work for, but never actually PAY for an email service to send emails.

And almost nothing works with the old-ass domains here in Italy, but people will still use those old-as-fuck emails just because they can't make a new one on gmail or outlook.

What was the name of the service for acquiring domains for free (or was it with privacy(?)) that was trendy a couple of weeks ago here?

I might be thinking of buying a domain

So I've been given a task to monitor a whole lot of logs of some servers (whole university ~ 10+ departments). The technologies are diverse so I'm cramming everything into elasticsearch via logstash (and filebeat), viewing it into kibana. Any recommendations for what should be the 'useful' stuff to be viewed into dashboard? I guess:
- Overall traffic wtih respect to previous days/weeks
- Most viewed domains
- 200
- 404
- 503
- Failed logins?
- Dropped connections?
- Critical-load of systems? 90%+

QA: This email don't pass validation ( $%^&*&^%$@m.c)
Me: Yes, that's right, where is the problem ?

QA: We allow special characters in email field, so it should be valid, fix it.
Me: "Searching some info about top-level domains"
Me: Look, this is why this email is bad.

QA: So this email is valid ?
Me: No.

QA: Why ?

Me: O_O
QA: O_O

(╯°□°）╯︵ ┻━┻

Can you tell that fucken Barracuda VPN Client to only route specific domains to the connected vpn?

It makes no sense to route my whole fucken traffic through my workplace's network.

Anyone here familiar with nginx site configuration?
I'm trying to set up it so that my nginx server serves a static website on my domain, redirects users attempting to access via HTTP to HTTPS and proxies a locally hosted server to a subdomain.
At the moment I'm struggling with how I can make both work as you can only bind a port once.

If you know resources that could help me setting up the domains, I'd appreciate it very much.

Thanks in advance. ;)

Thinking about dropping Google cloud console and Google domains and just go back to namecheap, just pay the $80 a year to have them host it and not have to worry about the server's and databases personally...

Anyone else got good recommendations other than namecheap?

Talking to my architect:

- hey, we have a lot of code smell and data is structured usually in a chaotic way, also its hard to understand what is going on with all these code duplications, maybe we can think about refactoring, better structure, maybe even we can extract some domains and make life less painful?

- what is domain?

- *facepalm*

i have a question for you. You work for an industry, a factory, in house. You have only one developer to help you.

They ask you for an app to store production and get reports. Ok
Then before a year passed, they want you to start making apps for: project managment, hr 360 evaluation, implementation of SSO without paying a third party service (like auth0 or okta)

Would you feel comfortable, even if the proper time was given, to get involved with so many different domains without anyone above you having any idea about software lifecycle and development?

Can you guys recommend the best domain host? GoDaddy are ok but it never hurts to ask

Am I a selfish asshole for not allowing my email server to be the relay whore of the internet?

I just hate postfix log files filled with messages not related to my own domain.

Any disposable e-mail address service:
"FIGHT THE SPAM"
"THANK YOU FIGHTING THE SPAM"
"YOU DID GOOD BY FIGHTING SPAM"

The users of disposable e-mail address:
*creates another spam account*
*creates another multiaccount in order to exploit a system*

Companies actually fighting spam:
Now there is even more spam to fight against. (which is not good)

About 2/3 of the accounts created daily on our website are spam accounts. We have to waste our time with this shit instead of actually improving our services. Since we do not track IP-Addresses and there are countless amounts of disposable e-mail domains AND there is still the option to create countless spam e-mail addresses within legit e-mail providers, there is no easy way of stopping this madness.

"Fight the Spam", you could start by deleting your shitty service or at least give us a list of all the domains you're using, srsly.

Freenom just removed one of my domains because "it was hosting ads". When I try to re-register it, they want me to pay for it. Is this a common practice of theirs?

Just wasted whole day with plesk webhosting :D

Decided to move to a DDOS protected hosting by OVH.com

Chose plesk web hosting

Turns out in order to park domain to plesk webhosting it's necessary to change GLUE records and nameservers to point to plesk VPS IP

My domain registrar where I have 10+ domains does not allow changing GLUE records. Only way to make it work would be to move all domains to new registrar and pay for each domain as it's a new one.

FML just wasted 16 euros on this useless plesk webhosting. Need to take regular webhosting :D

Worst coding mistake was assuming that the NameCheap domain API was an update and not a replacement. I went to added a test sub domain to our company domain and it cleared out 40 unique sub domains taking down our sites and email until I could manually add them back.

Everyone has project builds. Boss comes in and says we need to build 12 landing pages on 12 new domains by end of day. Repurposes PR for content, my designer, and 3 devs.

Happy goddamn Friday.

I was checking my work Inbox and the first thing that I saw was a recruiter email.

So, let's check, is this my personal email, no.

Hmmm, maybe this is a prank or a test? check email domains and everything looks legit.

It seems that recruiters want to get developer attention at all cost nowadays. :D

So if you need a vulgar email domain have look at cock.li it's brilliant and those domains haha

Loves.dickinhisan.us 😂

Whoops, my head will be squashed tomorrow. Asked to put monitoring in other week by boss, sysadmin been complaining about high CPU, apparently 10 requests (different domains) to the one VM on our servers every 10 seconds is killing it. However this server is being used for MySQL and serving web requests by Apache and PHP. Then also running a few jobs like consuming queues etc.

Wtf do I do? Every time I tell him about more resources (we have decent 2 rack servers just running 20 vms and only 1 VM is for web sites) he says software should be made to work with what we have.

#1 clean up the internet of domains, use those beautiful and fancy TLDs - blog, photography, gallery, cloud, house, gov, xxx
#2 more fanatical - clean the internet of cat / dog / [supposedly cute animal] pictures, and later - npm packages

!dev
when one of your best domains were taken for a long time and you didn't considered about buying or hijacking it or even thought about what you would even do with it because its taken anyway and you are not an asshole. But then out of nowhere you get an offer to get this domain. and you start thinking... what cool project you could do with it and what it may becomes - and what if your project fails and you wasted a great domainname... but ofcurse you stuggle for too long and the old owner bought it already back again, like he just forgot to renew it and didnt even cared about it that much.

congratulations. you now cant stop thinking about this cool project and what it could may be. instead you see someone else wasting it...

as if dev life is not depressing enough. back to localhost :(

Does anyone knows namesilo.com? Is it a good service?

Hey guys, I have almost developed the backend of an app like reddit. My question is about authentication. How should I authenticate my user. Is phone number necessary to add phone otp?Because I don't want to get any legal trouble if someone posts objectionable content on the platform. Most of the apps today need phone number, I dont know why except reducing spam accounts.

Or shall I verify email by otp. But its hard to track disposable emails. I cant go for only gmail too as its banned in china. Email domains of china are weird.

Can I get into legal trouble for objectionable content posted by any evil user?

I dont want to go for auth.

What domains of software development, other than Web development, guarantee a good salary?

I also heard that Web Development has the lowest barrier of entry in the industry, is that true? I'm not particularly passionate about the web, so is it worth not to dabble in web too much?