Some dingbat that occasionally builds neat stuff without breaking others. The person running this public-but-not-promoted instance because reasons.
They’re a part of the mix. Firewalls, Proxies, WAF (often built into a proxy), IPS, AV, and whatever intelligence systems one may like work together to do their tasks. Visibility of traffic is important as well as the management burden being low enough. I used to have to manually log into several boxes on a regular basis to update software, certs, and configs, now a majority of that is automated and I just get an email to schedule a restart if needed.
A reverse proxy can be a lot more than just host based routing though. Take something like a Bluecoat or F5 and look at the options on it. Now you might say it’s not a proxy then because it does X/Y/Z but at the heart of things creating that bridged intercept for the traffic is still the core functionality.
It depends on what your level of confidence and paranoia is. Things on the Internet get scanned constantly, I actually get routine reports from one of them that I noticed in the logs and hit them up via an associated website. Just take it as an expected that someone out there is going to try and see if admin/password gets into some login screen if it’s facing the web.
For the most part, so long as you keep things updated and use reputable and maintained software for your system the larger risk is going to come from someone clicking a link in the wrong email than from someone haxxoring in from the public internet.
I have a dozen services running on a myriad of ports. My reverse proxy setup allows me to map hostnames to those services and expose only 80/443 to the web, plus the fact that an entity needs to know a hostname now instead of just an exposed port. IPS signatures can help identify abstract hostname scans and the proxy can be configured to permit only designated sources. Reverse proxies also commonly get used to allow for SSL offloading to permit clear text observation of traffic between the proxy and the backing host. Plenty of other use cases for them out there too, don’t think of it as some one trick off/on access gateway tool
Then if running a docker container isn’t an option search through the multitudes of alternate instances and select one that agrees with your moderation policy. I’m sure there are plenty of ‘freeze-peach’ instances out there, for a while at least the infamous GAB was a part of the fedi, though I think they got pretty universally banished right off the bat.
Fedi platforms have a key distinction putting them separate from most other online platforms in that you can literally create your own and have all the rights of a platform admin today, and have access to the very same content as you would having an account on another’s node. In that regard there’s much less room to complain about unilateral actions by the instance owner than there would be for other systems. As the size of an instance grows you run a greater risk any time you take such an action, but so long as it’s consistent with past behavior it shouldn’t be a major problem. Large instances like .world have made some cuts that ruffled a few feathers and then backed them off if people objected, but sometimes direct democracy isn’t particularly viable in what might be a time sensitive situation.
Should not, wonder if there’s any adguard/pihole lists to smack OneDrive/box/Dropbox/etc domains and just take these services out before they can start.
It changes over extended time spans on the order of generations, and I might say it’s cyclical but it’s hard to see in a given lifetime.
In the early 1900s USA people where held at the absolute mercy of the wealthy, working long hours in wretched conditions for a pittance.
During and shortly after the WW1 & WW2 there was a massive push for unity and worker rights, the unions took shape and the working class took a large chunk of power away from the owners to better their standing.
In the 50s-70s there was a time of keeping pace with the neighbors, competitive but also concerned with the well-being of your fellow people.
Then from the 80s through early 2000s it switched and became a hyper individualistic ‘I got mine’ mindset.
In the last couple decades we’ve started to see a return to a push for collective good, but it has been held back a lot by a heavily divided population with half blaming the other half for the decay of society while those with means just sit back and watch the sniping from afar.
I’ve only been around for those last couple portions so a lot of my perspective is just my impressions from history books, but I guess the point I’d make is to look at the ebb and flow of things in historical context. People’s willingness to defer to power is both personal and couched in the willingness of society to support the individual.
Zabbix or Cacti are nice ways to draw maps that also serve a functional role in keeping track of the activity and alerting.
Looks like was just updated today pending transfer, so either the owner transferring registrars or someone took it over.
https://www.whois.com/whois/funkwhale.audio
Domain expired on the 19th, so it’s validly offline. Has always seemed to be a low-adoptiom platform, will have to see the status in the next few days.
Not in a way that I’ve really followed up on after, but bringing up the next ‘class’ in the sense of giving the new folks those tricks that are not in the books and letting them take over where you left off happens a lot in my work. I suspect people do so more than they know every day though. Sometimes all it takes is to sell someone on the idea that they can do the thing that they’re not so sure of.
I do know I’ve been on the receiving end of it though.
Exactly, the term has been pretty well claimed by people who host things like, oh say, their own Lemmy service or such.
Self hosted in this context is pretty well aimed at the ‘I do a service on my own time and usually own gear’ crowd. IT for a company is an entirely separate thing. Professional self-hosting would be more on a community like ‘serveradmin’.
It depends on the load on the disk. My main docker host pretty well has to be on the SSD to not complain about access times, but there are a dozen other services on the same VM. There’s some advisory out there that things with constant IO should avoid SSDs to not wear out the read/write too fast, but I haven’t seen anything specific on just how much is too much.
Personally I split the difference and run the system on SSD and host the bulk data on a separate NAS with a pile of spinning disks.
I know some VPN providers have their own DNS service that you can use similar to other filtered public DNS. If you mean an in house DNS/VPN gateway then what you want is probably best served by something like a firewall distro (opnsense/pfsense) to handle both of them.
Been a while since I used proxmox but that’s the nature of a lot of those free/corporate type softwares. The free ‘community’ edition is pretty well a public beta that you can get forum level support for, or sometimes you can get paid support at some limited level.
I’m sure thoughts are influenced by the fact that the company I work for has a sizable presence there, but the very broad view I’ve developed is ‘outsourcing superpower’. It rarely seems that India is the owner or originator of things, but they end up doing a massive amount in supporting companies from the USA during what is our night hours. They also seem to have an exceptional dedication to their work despite from what I’ve seen the managers being kinda over-the-top with the demands on them.
I used to work with a young woman who left one of the wealthy families there to get out of an arranged marriage who had all kinds of interesting tales on how things worked there. Talked a bit about their 'gold room’s where they stored all their savings and if they needed extra cash would just shave off a piece from a brick.
I guess a good bit of Emilie Autumn could fall into that class if I where to put tags on it.
Never used don’t care really but:
Their terminology needs some work, force touching is not ok…