Joined devRant on 12/11/2017
Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Was forced to code like this:
Instead of this
Also I should mention that this happened 4 years ago and my mentor (27 years old economy major at the time) did not know how to use git, we stored projects on a shared networking folder.16
my ISP provides me an external IP address. what is the easiest way to hide that external IP and show only my local ip lets say 192.168.1.113 to the outside world?19
I have a windows vps with a server that I want to protect from DDoS and hide from outside world. Is there a way by using PHP IIS webserver on another vps to somehow whitelist ips or redirect only clean traffic to my windows vps?4
Having problems with getting user's IP address with PHP.
So basically I made a custom DDoS protection for my linux server.
It works like this: php website gathers visitor IP address when he does a certain action (in this case registers an account). All visitor ips are stored in ips.txt securely on my website ftp.
Then my linux server has iptables rules setup in a way where it blocks all traffic except my website traffic.
On linux server I have a cron job which pulls whitelisted ips every 5 minutes from my php website FTP and then whitelists all IP's in iptables.
That way only visitor IP's (of those who registered account in my website) are being whitelisted in my linux server.
In case of a DDoS attack, all traffic is dropped except for the whitelisted visitor's IP's gathered from website ips.txt
Now I'm having a problem. My PHP script is not accurate. Some visitors in my website are not being whitelisted because they might have a different ipv4 ip address than what is given from php website. So basically I am looking for some php script/library that would gather ALL ipv4 ips from a visitor, then whitelist them.
Also regarding ipv6, my iptables are all default (which means that all ipv6 visitor traffic is allowed) so problem is not with visitors that have ipv6. Problem is with my script not getting ALL ipv4 ip addresses assigned to the user.
Can you recommend me some php library for that? So far I've used https://github.com/marufhasan1/... but apparently it's not accurate enough.16
I was asked to make release branches which will change my gitflow. Am I understanding it correctly now? Fix me if I'm wrong
So I do my fixes in develop, once Im done I squash merge them into 1 commit. Then I make a release branch from develop, if everything is fine I release it. After release I merge back release branch to master and thats it?3
Need an advice on what android phone to buy.
I am looking for decent cpu (snapdragon preferribly), decent storage, screen size around 5.5 inch and not too big. A decent battery life. Fingerprint/faceid sensor is a must. Ram at least 4gb.
I am really interested in samsung s10 however they ship s10 devices with snapdragon only to usa and china as far as I know. So In Europe s10 is being sold with exynos cpu which I heard is laggy.
Then I was wondering wether to get a Pixel 4, however I dont like that the battery is only 2800mAh so Im not sure if that will be enough. I looked at Pixel 3a bet then I'm not sure wether 4gb ram will be enough?
Any ideas? Can you tell me about your devices that you are using?9
Question about git. I worked on dev branch and made 10 commits.
Then I squash merged 10 commits from develop to master and made a release build.
Now problem is if I make a pull request from develop to master bitbucket will still show that master is behind (because develop has fixes in 10 commits while master has all of them squashed in 1 commit).
Now my question is whats the best way to make sure master and develop are synced (basically that master would have everything what develop has) ?
should I just merge master into develop back after the release?9
Hands down this year.
10 months ago I left my boring fulltime job and opened my own ltd.
I also had to relocate to another country and basically start my life from 0 (got a nice apartment, new car, new gf and got new exciting remote projects).
Now Im happy, actually never been more happier. I have full control of my life and I dont need to deal with idiots.
I left a boring workplace where no one has an opinion because everybody is trying to stay politically correct meanwhile shit doesnt get done. I also left a toxic relationship where my spoiled by parents gf was constantly nagging me and nothing I would do was ever enough for her.
So my advice is a cliche but follow your gut instinct. Somehow deep down you already know what you are worth, so all is left to do is plan and act accordingly. Take risks. Sooner or later you will get where you want. If not then thats fine, making mistakes means that you actually lived instead of existed like a mindless puppet controlled by strings of outside circumstances.6
Hey guys. I am in a situation where I need to decide wether to take on a new project or not. And if not, how to turn down that client so that I would not burn any bridges. So I need your opinions on this matter in order to make the final decision.
To make things clear heres some background info. 10 months ago I quitted my fulltime position in another EU country and went back to my own home country. 10 months forward till today and I have my own ltd company which currently has 5 projects. Its doing pretty well money wise. All projects combined, I already earn more then I ever did and I need to work max 10 hours a week since all projects are remote projects so I dont waste time on useless meetings and etc. However I dont feel fulfilled or challenged anymore because surprise surprise doing well paid projects doesnt guarante your sense of fulfillment.
So I noticed that I have lots of spare time which I spend diving into rabbitholes with hobby projects. I decided that its time to scale my company and take on more projects and maybe even hire more people.
So I started searching for other projects I could work on (prefferibly remote projects or flexible ones where I could come in 2-3 days a week in office and work remotely rest of the week). Reason being that I am already out of sync with fulltime position lifestyle and I am totally result oriented, not punch in my hours and go home oriented.
For exampleIf i get my weekly tasks I prefer to do them in 1-2 days (even if it requires doing double shifts which rarely but happens) but then I want to have rest of the week off. Thats how my brain works and thats how Im wired. I cant stand fulltime positions especially in enterprise bigger companies where I come in and do maybe 2 hours of actual work everyday because of all useless meetings and blockers from backend/etc. Its soul crushing to me.
So I posted linkedin ads and started searching for new clients/projects. One month ago I went to an interview for an android project in a startup.
The project looked interesting enough. Main task was to rewrite their android app from java to kotlin. Apparently their current current app was built by a backend developer who wants to focus solely on backend.
So during the interview they showed me their app which was quite simple frontend wise but not so simple backend wise from what I was able to figure out.
Their project lead (also a backed guy) asked me my estimation of price and completion of task. I told them maybe 2-3 months to do everything properly.
Project lead was basically shocked because all other candidates told him they can rewrite the app from java to kotlin in 2-3 weeks. I told him that everything is possible but his app quality will suffer and for a better estimation he would we would need to sign an NDA so I could evaluate the costs. So we ended the interview.
After that we kept in touch for one month (it took them one month to google a generic NDA and sign it digitally with me).
So heres the redflags I noticed:
1. They dont respect my time. Wasted 1 month of my time and after signing NDA gave me 2days to estimate their project and go to a meeting and give them detailed info about what I can offer. I thats not a brain rape then I dont know what it is
2. They are changing initial conditions we talked about. We agreed on rewriting the codebase and be done with it. Now they prefer a fulltime worker who would be responsible for android app as his own product. So basically project lead was not able to find a fulltime dev so now hes trying to convert me (a company owner) to his fulltime worker.
3. Lack of respect. During the interview he started speaking in his own native language to me with some expression (he seemed pissed off at that moment when he switched languages).
4. Bad culture fit. As I said Im used to relaxed clients and projects where I dont need to be chained to a desk a monitored and be micromanaged. I mean lets sign a contract give me access to your codebase and tell me what to do, I will produce results and lets be done with it.
5. Project lead is a backend guy who doesnt understand how complicated android apps can be. No architecture and no unit tests are in his frontend app. He doesnt care about writing proper app since he ships it in his own device so he doesnt need to worry about supporting custom devices or different api levels of android and etc. But not having any architecture? Cmon.
So basically I am confused. Project lead needs a fulltime dev but hes in contact with me in hopes that I would sign a fulltime contract. But how I can work fulltime if all what I can see are redflags?
Basicaly I thinkthis was a misundersanding. Im searching for fulltime remote projects and hes offering fulltime inhouse projects. Project lead never outsourced so hes confused as well.
As you can see decision is already basically made to turn him down, I just need to know how to tell him to fck off in the most polite manner and thats it.6
Having problems with some users ipv6 addresses in my server. For testing purposes I would like to find a free or very cheap vpn so I could obtain a ipv6 ip address proxy/vpn (if its even possible) for testing purposes. Can you recommend something?13
Looking for a way to generate an encrypted string (with salt) in C++ then send that string over to a java server and decrypt it on java as well. Any suggestions?9
Question about linux iptables. I am currently blocking all access and whitelisting only when my users launch my software. When software is launched a socket client is also launched, it connects to socket server, identifies itself with a password and disconnects. If given password by socket client is correct, then socket server whitelists the users IP by executing the following command: " iptables -I INPUT -s userIP -j ACCEPT".
My problem is that now I have lots of duplicates of IP's whitelisted and as far as I've heard I should not go over 25k iptable rules.
So my question is how to check if ip is already whitelisted, in order to avoid duplicate iptable rules for for same IP?
Obvious solution would be to store whitelist somewhere (mysql/txt) and double check before whitelisting ip, but maybe there is an easier way to do this?4
Question about sockets in java. I have one socket server and multiple socket clients connected to that socket server. How to communicate between socket clients when they connect to same socket server? Is there some neat library to handle that socket server/client interactions? Googled for hours cant find a decent solution14
Need help with selecting a proper backend and website frameworks. After trying out a couple identity verification service providers we were dissapointed with their lack of support (takes weeks to do minimal changes).
So now we are having discussions about building in-house id verification system. We already have libraries for ios/android apps (ZOOM lib for face recognition and another lib for data extraction via OCR from document picture). So what we need is a proper backend and then a decent web framework with proper ux/ui design for our web/ios/android apps.
Currently thinking what kind of backend framework should we choose? Backend's main responsibility is for each client registered from website to assign an api key and to create a database/storage where his users would authenticate via clients app and upload a picture and a video.
Also wondering what kind of framework for website apps (main web app, dashboard app where we display pending verifications, and of course verification app) to choose. Should be go for angular?
Looking for best windows laptop currently available with decent cpu and cooling system for gaming and development. Any ideas?5
Attention: incomming resentful boiled up for months rant.
Hands down G2APAY is the worst because:
Merchant account aproval takes fcking months. It starts with unreasonable delays in documents approval. I mean insane nitpicking. They want to see merchants name surname and address on every god damn document that you submit even if for example bank statement doesnt include these details. I had to manually edit pdf’s just so that they would fck off and approve the merchant application. Insane requirements for document check also combined with their email only support answering only once a week you will have to wait one month just to get your account approved.
Then you get to the fun part, approval proccess for vendor gateway and webhook integration. They are nitpicking everything you can imagine: about website not having https, website forum missing some icons, merchants phone number being from another country then he is, and bunch of other hundreds of problems imagined only by them. Again combined with their one email reply per week policy you will waste atleast one month to finish up your integration.
Now finally you are their client and you think you can chill and go back to focusing on your business? Nope bro. Prepare for threatening emails. Last time I got a request to install https or my merchant application will be shut down. I was given 3 days notice on a fcking friday and had to do it.
Then g2a backend is crashing quite often. Combined with their one email per week policy you are fcked in the ass if your users were not able to pay through g2a and you will get no compensation.
Their backend documentation is shiet. Not clear how to integrate everything and after you integrate they make changes without publishing any changesets. Your integration is working? Good luck if it will still be working tomorrow.
And the very worst part is that they stopped proccessing credit cards like month ago with zero notice. Its been weeks and still zero news about bringing card proccessing back. They sad that they were acquired by some other company so shitty support got even shittier now while they are in a proccess of handover.
So yeah thats the worst vendor I have ever seen in my life. For example integrating paypal took me 30 minutes. Integrating stripe and getting all documents reviewed took me one business day. Same with paymentwall integration and document approval took 1 business day. Support is amazing and even have a phone number that I can reach if urgent problems arise. Thats how it should be. Thats why I can pay percentage of my transactions with a smile for them.
Sorry for the typos since im typing on my shiet phone while driving.
Eat a bag of dicks g2apay. I hope you go bankrupt and shutdown.21
Need advice about protecting ddos via iptables and whitelisting. Currently I launched my gameserver and am fighting against a massive attack of botnets. Problem was solved by closing all ports on my gameserver linux machine and shipping game.exe with injected c++ socket client. So basically only gamers who launch my game exe are being added to firewall iptables via the socket client that is provided in the game exe. If some ddosers still manage to get inside and ddos then my protection is good enough to handle attacks from whitelisted ips from inside. Now I have another problem. Lots of players have problems and for some reason shipped c++ client fails to connect to my socketserver. Currently my solution was to provide support in all contact channels (facebook,skype,email) and add those peoples ips to whitelist manually. My best solution would be to make a button in website which you can click and your ip is whitelisted auromatically. However if it will be so easy then botnets can whitelist themselves as well. Can you advice me how I could handle whitelisting my players through web or some other exe in a way that it cant be replicated by botnets?1
Looking for a decent payment provider. I have been using paypal for now but tired of refunds from kids and scammers. Tried out g2apay, paymentwall but they dont accept credit cards. Thinking of stripe. Can you advice any other ones?8
Are there any sysadmins here who know how to deal with ddos attacks properly? I can even offer pay. Situation is that I launched my java app (gameserver) on linux debian and configured iptables to allow only specific ips. Basically I made only 1 port open for loginserver and if player logins into loginserver it adds his ip to iptables so hes able to proceed to gamesever. However I am still receiving massive up to 900MB/s attacks for example: http://prntscr.com/q3dwe8
It appears that even if I left only one port open, I still can't defend against ddos attacks. I made some captures with tcpdump and analyzed them on wireshark but to be honest I cant really tell what I'm looking at.
I am using OVH which is supposed to be ddos protected but maybe I messed up during iptables configuration, I'm not sure.
Can anyone help?15
I need some advice on how to separate workstations. Currently I'm working with 6 projects at the moment and sometimes I use my PC, sometimes win laptop, sometimes macbook and it has become a mess.
Ideally I would like to have separate windows/mac instances where I could have project specific stuff installed. Having different windows accounts is not an option since I'm not sure if I will be able to multitask between projects effectively. Separate windows desktops also is not good enough for me. Buying multiple PC's as well. Maybe some cloud solution would be the way?
Can anyone advice on this?11
As an android dev when I inherited a shitty project thats when I realized what really means to write readable and most importantly testable code. Codebase I inherited wasnt even really that bad it was quite readable, but boy it was not suited for any unit/instrumented tests. im talking spaghetti code.
Nowadays I refactor apps to make sure they are testable instead of spending weeks writing tests for a shitty codebase which was done without thinking about separation of concerns. Clients hate the extra couple weeks on top of request but what can I do, if they want tests they need to work with TDD approach or give extra time for refactors.
hey guys i need your advice about backend integration for android. I have this junior and I want to teach him about integrating REST API and handling it with volley+caroutines or retrofit+rxjava. currently the junior is using firebase for authentication and firebase realtime db for all CRUD operations. problem is that by using firebase backend the junior won't learn networking/multithreading stuff. Is there a way to use firebase realtime database like a REST API?1
Question for data science people. Do you know some good multi purpose self tracking platform? Something like exist.io but more advanced? I want to setup custom tracking1
With firebase, is it possible to see events in realtime? I know how to debug on my device via DebugView via adb. But I want to distribute a test build to my client and I want him to be able to test events himself. I saw there is a StreamView but it allows to only select a snapshot of random user. I need my client a way to be able to test the debug build on his device while being able to see events in realtime, like for example it's being done in Segment. Is there a way to do this in firebase?
Hey guys. I need your advice about writing a documentation. I want to make a flowchart with all processes of this client’s mobile app so I could see the UX logic and also all UI screens in the app. I also want to somehow add backend info in order to see which endpoints are being called in these screens and what type of responses are we parsing there.
Currently flowchart is done in draw.io, some of sketches are in zeplin, and there is 0 backend documentation just some implementation in our mobile app.
I would like to combine all of this into some useful document/overview so I could pass this doc to a junior dev and he could jump working into project without a problem.
Do you know any tools to do this?1
Now I have 6 projects on JIRA and I have lots of data collected from all projects (for example visitors on website, how many of them donated money in our project and etc.).
I am looking for some software/app where I could import lots of data from these reports and I want to be able to compare datasets or see some overview.
What should I use?3
Have a question about git rebase with android studio.
So I have a feature branch which I finished working on, I made a pull request to develop branch and now I see many conflicts because develop is few commits ahead.
In android studio I switched to my feature branch, then did a git rebase develop and resolved all conflicts. After conflicted files were fixed I did a git add conflicted_file and continued with git rebase --continue until the end.
Now everything is finished. I have a local feature branch that was rebased to current develop, and I resolved all conflicts.
Problem is when I do a git push to my remote feature branch, I get a merge conflict error conflict from android studio and now I have to solve all merge conflicts yet again for some reason.
What I am doing wrong?2