Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "nextjs"
So during my internship I learned a lot about Linux, Docker and servers and I recently switched from a shared hosting to my own VPS. On this VPS I currently have one nginx server running that serves a static ReactJs application. This is temponarily, I SFTP-ed the build files to the server and added a config file for ssl, ciphers and dhparams. I plan to change it later to a nextjs application with a ci/di pipeline etc. I also added a 'runuser' that owns the /srv/web directory in which the webserver files are located. Ssh has passwords disabled and my private keys have passphrases.
Now that I it's been running for a few days I noticed a lot of requests from botnets that tried to access phpmyadmin and adminpanels on my server which gave me quite a scare. Luckily my website does not have a backend and I would never expose phpmyadmin like that if I did have it.
Now my question is:
Do you guys know any good articles or have tips and tricks for securing my server and future projects? Are there any good practices that I should absolutely read and follow? (Like not exposing server details etc., php version, rate limiting). I really want to move forward with my quest for knowledge and feel like I should have a good basis when it comes to managing a server, especially with the current privacy laws in place.
Thanks in advance for enduring my rant and infodump 😅7
I just finished up an absolute cesspool of a project. I was seriously reconsidering a career change to something less stressful, like welding on a high-rise building, or capturing Somali pirates.
Next project is supposed to be a walk in the park, and probably still will be.
MGR: You're starting a new project next week. Prismic for the CMS, and NextJS.
ME: Oh, okay, cool. Well, let me get up to speed on Prismic and Next since I haven't used either of those.
Spent some time last week - easy enough, nothing really new/ground breaking here.
Sprint 0.5 Kick off meeting today
MGR: By the way, we're still using Prismic for the CMS, but we're gonna go ahead and use Gatsby instead of Next.
Me: ... *facepalm5
Best? Clojure docs. They have disqus-like thing under every function description where anyone can submit their usage example. One example times forty submissions equals forty examples!
Also w3c specs, nuff said.
Worst? GunJS. Multiple websites that look like each other plus GitHub wiki all with the same content but idk which one should I use, also there is no complete source, you have to look up everywhere. Also NextJS, they’re too busy pitching to investors, there is no way of contacting them, you’re in your own if you choose nextjs, that’s why I banned it everywhere I have the power to ban things
Taking over a deserter's work, the level of over abstraction and over generalization is off the charts.
WTF-per-minute (WPM): 33
If you’re ever feel tired of annoying corporate presence everywhere, go straight to Next.js issues on github.
Since zeit (the company behind it) are too busy polishing their pitches and building more and more fragile betas, no one will ever help you with your problem there. They literally pitch and release more often than writing anything there.
People are seem to have built the help community there all by themselves, and the more I look at it the more it reminds me of SCP Foundation IKEA (http://www.scp-wiki.net/scp-3008) where people forever stuck in eerie infinite IKEA with no exit just built the whole new society.2
Why the fuck nobody talks about Multi-page apps?! We went from a Web where everything was Multi-page server-rendered, and now everything for Web developers is "Single-page apps".
What about websites who can't do that? Not everything can be a single-page app. Only my uncle's restaurant website, or something which is TRULY a full app. No half choices.
If your website is a multi-page app/portal which actually PRELOADS data, instead of doing 100 fetch to an API within a page that is full of loading bars, well, your life is a pain.
When you want a first contentful paint which isn't a white page, well, your life is a pain.
What are React, Vue, Ember, Angular (let's exclude Svelte and Marko) going to do about Multi-page apps and SSR?
React-router sucks to me. It's performance is weak and it's useful only when you have an SPA with multiple sections which can be treated as pages (e.g. A single SPA divided in tabs).
Server-side rendering is the worst pain ever made by humanity, in React (and prob Vue, I didn't try but I can bet). And even when made easier from libs like Svelte and Marko, I (personally) can't get it to be faster enough compared to a traditional website without a JS framework and with a templating engine.
Anyways, if there's anything that I learnt from React, is to stay away from Next.js. Perfect, beautiful, mess.
All JS frameworks just seem to bloat the code and make it worse and slower, even though they're REALLY helpful.
Why? Why everyone loves them if their downsides are so clear? Why 3 projects out of 3 I made (1 React SSR, 1 Vue, 1 Marko SSR) are and will stay painfully slow and bloated, full of shit, even if in 2020 we should have evolved with the famous three shaking, with the famous lazy loading, etc.?
I am just frustrated.
And let's not even talk about Webpack, Rollup, Lasso, those module bundlers shit which are harder to configure and understand than finding a needle in a haystack.
Lasso was the easiest to configure but I anyways can't understand it. Webpack seems it was made to handle SPAs, as any tool in this freaking world, and not even considering an easy way to integrate multiple bundles for multiple pages (I know it's pretty easy, but with component sharing between pages and big unique bundles Next.js handles it soooo bad it feels like hell).
Am I the only one?
Sorry for the long rant. I just needed to rant right now.17
A few days ago, I thought, "I haven't updated React dependencies since. So, let's do it". Because, its gonna be a new demo app, I just ran "npx create-react-app my-app" and npm start inside the project. Holy cow!! It doesn't even start!!
Its showing this unknown error! So, I googled. but after trying a lot of "Solutions" it still doesn't work. So, I just gave up and thinking, "What about the Frameworks/Libraries build on top of ReactJS? Do the also have the same problem?"
So, I created a NextJS project and you guessed it, The same error exists in the NextJS projects. Then I tried the popular boilerplates created using NextJS ( and React) and Volla! They also contain the same error!
Ugghhh! I thought, tonight I'm gonna play with NextJS a little bit. But unfortunately, because of this React Error, I can't :(4
Ok. If you had a blog made with next.js and mongodb, and you are too depressed and lazy to learn AWS lambda/serverless, where would you deploy?15