Released: #swad v0.1

Looking for a simple way to add #authentication to your #nginx reverse proxy? Then swad *could* be for you!

swad is the "Simple Web Authentication Daemon", written in pure #C (+ #POSIX) with almost no external dependencies. #TLS support requires #OpenSSL (or #LibreSSL). It's designed to work with nginx' "auth_request" module and offers authentication using a #cookie and a login form.

Well, this is a first release and you can tell by the version number it isn't "complete" yet. Most notably, only one single credentials checker is implemented: #PAM. But as pam already allows pretty flexible configuration, I already consider this pretty useful

If you want to know more, read here:
https://github.com/Zirias/swad

In today's riveting episode of "Science Mysteries," experts are flabbergasted to learn that protoplanetary disks are smaller than expected! But don't worry, you can't read the details because the article is locked—403 Forbidden! Thanks, #nginx, for always keeping us on the edge of #ignorance.
https://www.centauri-dreams.org/2025/04/04/protoplanetary-disks-are-smaller-than-expected/ #ScienceMysteries #ProtoplanetaryDisks #403Forbidden #SpaceExploration #HackerNews #ngated

In the latest thrilling installment of "Please, Someone, Explain This", we are greeted with the ever-insightful commentary of "403 Forbidden" repeated twice for emphasis, courtesy of the oh-so-mysterious #nginx oracle. Apparently, tariffs have rendered bikes as off-limits as the secrets of Area 51—except with fewer aliens and more server errors.
https://www.renehersecycles.com/bikes-in-the-age-of-tariffs/ #HackerNews #403Forbidden #bikeTariffs #serverErrors #HackerNews #ngated

After trolling through many tags and lists trying to see what folks enjoy for #smallweb site generators and frameworks seems like good old dusty #jekyll and #nginx is probably as good as bet as any. One constraint thats not implicitly met by Jekyll is no javascript, but that’s reliant on themes.

For hosting.. probably just find something reasonable through #lowendtalk since I’ve been unable to convince #linode my account from > 10 years ago is actually mine.

I've set up my new #inkscape website AI bot trap. It works by giving everyone a chance to not fall into it.

An anchor link that says "I am a bot" and links to /P3W-451/{datetime}/ it's got a fixed position at top -100px so should never be seen

The robots.txt says "Disallow: /P3W-451/" so if you were reading the robots, you'd know.

Then #nginx logs the requests to a log of their ip-addresses and browser strings and sends them a 301 redirect to google.com

#ai #Scraping

1/2

Breaking News: Val Kilmer, apparently a real genius, has been memorialized by the internet with an incredible exposé that... no one can access. Seems like the film nerds have finally met their match in the form of a '403 Forbidden' error. Guess the real genius was #nginx all along.
https://reactormag.com/30-years-later-real-genius-is-still-the-geek-solidarity-film-that-nerd-culture-deserves/ #ValKilmer #InternetMemorial #403Forbidden #FilmNerds #BreakingNews #HackerNews #ngated

How to Setup a Reverse #Proxy with HTTPS Using #Nginx and #Certbot (5 Minute Quick-Start Guide)

This article outlines how to setup a reverse proxy with HTTPS using Nginx and Certbot.
What is a Reverse Proxy?
A reverse proxy is a server that sits between client devices and a backend server, forwarding client requests to the backend server and returning the server's response to the clients. Unlike a forward proxy, ...
Continued https://blog.radwebhosting.com/how-to-setup-a-reverse-proxy-with-https-using-nginx-and-certbot-5-minute-quick-start-guide/?utm_source=mastodon&utm_medium=social&utm_campaign=ReviveOldPost #proxyserver #reverseproxy #letsencrypt

I finally poked at my nginx logs, because generally nothing happens on my servers

202.155.137.157 - - [30/Mar/2025:00:53:00 +0100] "GET /mirrors-JapanMapTranslate-github/patch/bin/kanaconv/HiraganaConverterImpl.class?id=c1c09efe21a09ecbd6f95641c8a0086ec538ae39 HTTP/1.1" 200 663 "-" "Mozilla/5.0 (Macintosh; U; PPC Mac OS X; en-us) AppleWebKit/312.5 (KHTML, like Gecko) Safari/312.3"

yeah... yeah... ok... this bitch is accessing ONE specific file as Power PC Mac OS X ???

get the fuck outta here.

% Information related to '202.155.137.0/24AS212238'

route:          202.155.137.0/24
origin:         AS212238
descr:          CV. Rumahweb Indonesia
                Jl. Arimbi No. 482
                Kel. Banguntapan, Kec. Banguntapan
mnt-by:         MAINT-CRI-ID
last-modified:  2025-02-25T00:03:14Z
source:         APNIC

Latest issue of my curated #cybersecurity and #infosec list of resources for week #13/2025 is out!

It includes the following and much more:

➝ DNA of 15 Million People for Sale in #23andMe Bankruptcy,

➝ #Trump administration accidentally texted a journalist its war plans,

➝ Critical Ingress #NGINX controller vulnerability allows RCE without authentication,

➝ #Cyberattack hits Ukraine's state railway,

➝ Troy Hunt's Mailchimp account was successfully phished,

➝ #OpenAI Offering $100K Bounties for Critical #Vulnerabilities,

➝ #Meta AI is now available in #WhatsApp for users in 41 European countries... and cannot be turned off

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-13-2025

Trying to come up with my own little self-hosted #http #authentication #daemon to work with #nginx' "authentication request" facility ... first step done!

Now I have a subset of HTTP 1.x implemented in #C, together with a dummy handler showing nothing but a static hello-world root document.

I know it's kind of stubborn doing that in C, but hey, #coding it is great fun

https://github.com/Zirias/swad

Ah, the mysterious fate of the #dingo, forever locked behind the impenetrable walls of a 403 error. Who knew #nginx was such a notorious gatekeeper of Australian #wildlife secrets?
https://www.noemamag.com/the-dingos-fate/ #403error #secrets #Australia #HackerNews #ngated

Motivated by Samuel Reichör, I took another try for Craft CMS + Coolify. But I can't get the nginx conf quite right Thx for any hints!

Source code Docker Compose:
- https://github.com/mandrasch/ddev-craftcms-vite/blob/coolify-test/docker-compose.yml
- https://github.com/mandrasch/ddev-craftcms-vite/blob/coolify-test/Dockerfile
- https://github.com/mandrasch/ddev-craftcms-vite/blob/coolify-test/nginx.conf

Coolify Discord question: https://discord.com/channels/459365938081431553/1355504172920864911

404'd AGAIN! Apparently, 2000 people showed up to #protest an error message . Who knew 'nginx' could spark such a revolution?
https://www.tuftsdaily.com/article/2025/03/over-2000-protest-in-wake-of-student-detainment #404Error #nginx #Revolution #TechNews #HackerNews #ngated

After a lot of tinkering, we finally made it to the latest release of the #nginx ingress controller on the https://mstdn.dk cluster. The latest release addresses no less than FOUR #CVE records. Critical configuration areas had changed, the GeoIP database had to be cached to avoid rate limiting and the #LUA engine needed some tweaks before it could handle the relative large number of TLS certificates we're using in the cluster, but we finally made it. Sorry about the hick-ups. We're trying to keep expenses from going through the roof, so we've skipped the test setup in favor of gently tweaking things in production. Usually that goes well, but there is the rare exception.

Somewhat related, the #KubeCon / #KubeConEU #Kubernetes conference is next week, which means I'll be in #London for the first time for an entire week. Any suggestions for things worth visiting for a bunch of #nerds? :D

Package updates for #rke2 including fixes for the #nginx #ingress #vulnerability are on their way to @opensuse #Tumbleweed. This means rke2 as well as the flavors for Kubernetes 1.31, 1.30 and 1.29.

Scientists have apparently stumbled upon 'Berkelocene', a molecule so metal it's practically headbanging through server errors. Meanwhile, #nginx plays bouncer, keeping us plebs in the dark behind its 403 velvet ropes.
https://newscenter.lbl.gov/2025/03/11/scientists-discover-new-heavy-metal-molecule-berkelocene/ #Berkelocene #servererrors #science #meme #HackerNews #ngated

Oh no! Airline demand has plummeted faster than a lead balloon between Canada and the US. But don't worry, the article's got all the details... except it's behind a 403 Forbidden wall. Thanks, #nginx, for keeping us blissfully ignorant!
https://onemileatatime.com/news/airline-demand-canada-united-states-collapses/ #AirlineDemand #AirlineNews #403Forbidden #CanadaUSTravel #HackerNews #ngated