1·
2 days agoThe moment you get a TLS cert, it’ll show up in Certificate Transparency logs and apparently the attack bots scan that for targets.
- 0 Posts
- 3 Comments
Joined 3 years ago
Cake day: June 9th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
You can totally do that yeah!
We have our stuff set up so inbound VPS traffic (for HTTPS) comes in on port 4430, while LAN traffic is on 443. It’s not done for firewall reasons, it’s so we can pass the client’s IP through with Nginx’s proxy_protocol feature, but you could just make your local-only services not listen on 4430. Boom, done.
Fail2Ban on the VPS is probably good. On the home server, it might just lock out the VPS (since everything comes from there).
Anyway yeah, I’ve got a whole guide on this sort of setup! https://frost.brightfur.net/blog/selfhosting-with-a-bounce-vps-part-1/
– Frost
This is why we run Gajim 1.9.5 in flatpak.
Which. Got removed from flathub, so to install it on our laptop, we had to do some kind of weird flatpak sideloading thing.
On our laptop we’ve been using Gajim 2.something from Debian 13 (our desktop runs testing so we can’t do that there). It’s not Full Gnomified. It also locks up whenever we try dragging a picture into the chat window to send. So… yeah.
Someone should fork Gajim pre-2.