https://www.ebooks.com/en-us/book/136101/q-squared/peter-david/

I’ve been looking into crowdsec for ages now and still haven’t gotten around to even a test deployment. One of these days, lol, and I’ll get around to it.

Oooooh. That’s smart. I mostly host apps, but in theory, I should be able to dynamically modify the response body and tack on some HTML for a hidden button and do that.

I used to disallow everything in robots.txt but the worst crawlers just ignored it. Now my robots.txt says all are welcome and every bot gets shunted to the tarpit 😈

I’ve got bot detection setup in Nginx on my VPS which used to return 444 (Nginx for "close the connection and waste no more resources processing it), but I recently started piping that traffic to Nepenthes to return gibberish data for them to train on.

I documented a rough guide in the comment here. Of relevance to you are the two .conf files at the bottom. In the deny-disallowed.conf, change the line for return 301 ... to return 444

I also utilize firewall and fail2ban in the VPS to block bad actors, overly-aggressive scrapers, password brute forces, etc and the link between the VPS and my homelab equipment never sees that traffic.

In the case of a DDoS, I’ve done the following:

• Enable aggressive rate limits in Nginx (it may be slow for everyone but it’s still up)
• Just stop either Wireguard or Nginx on the VPS until the storm blows over. (Crude but useful to avoid any bandwidth overages if you’re charged for inbound traffic).

Granted, I’m not running anything mission-critical, just some services for friends and family, so I can deal with a little downtime.

I used to use HAProxy but switched to Nginx so I could add the modsecurity module and run WAF services. I still use HAProxy for some things, though.

I have never used it, so take this with a grain of salt, but last I read, with the free tier, you could not secure traffic between yourself and Cloudflare with your own certs which implies they can decrypt and read that traffic. What, if anything, they do with that capability I do not know. I just do not trust my hosted assets to be secured with certs/keys I do not control.

There are other things CF can do (bot detection, DDoS protection, etc), but if you just want to avoid exposing your home IP, a cheap VPS running Nginx can work the same way as a CF tunnel. Setup Wireguard on the VPS and have your backend servers in Nginx connect to your home assets via that. If the VPS is the “server” side of the WG tunnel, you don’t have to open any local ports in your router at all. I’ve been doing that, originally with OpenVPN, since before CF tunnels were ever offered as a service.

Edit: You don’t even need WG, really. If you setup a persistent SSH tunnel and forward / bind a port to your VPS, you can tunnel the traffic over that.

I also like to read in the evening, usually right before bed. My Kobo has adjustable color temp but I usually leave the backlight off and just use my lamp like with a normal book. Looks better and easier on the eyes IMO and also makes the epaper seem more magical. I dunno why, but the backlight on them ruins the effect for me.

Haven’t tried a color one. TBH, the Kobo I have is the very entry-level one since I wasn’t sure if I’d use it often or not. Turns out I love it so may upgrade at some point.

Both technical limitations, convenience, and moral objections to DRM (if it has to phone home or I can’t use it how I want, I won’t buy it). I have a Kobo but prefer to have a clean epub for whatever I buy so I feel like I actually own it.

The online shop I bought “Q-Squared” from has most of them DRM free, including all 3 of the Destiny books. Not sure how deep the DRM-free well is, but spot checking it shows most of the ones I looked at were clean. Worst comes to worse, I’ll do like I did when I still bought ebooks from Amazon and buy the DRM’d version and high-seas a clean copy.

https://www.thetrekcollective.com/p/trek-lit-reading-order.html?m=1

Someone else commented it a bit ago, and made me realize the rabbit hole for the Trek novelverse goes deeper than I thought.

Destiny was recommended twice here and the guide lists it as a good starting point, so once I power through this one I’ll probably start there.

I should buy A Stitch in Time. I borrowed a copy and read it years ago but I don’t actually have a copy myself.

Very nice and…way more detailed than I would have imagined. I don’t even see the book I’m currently reading in that chart. I did find “Destiny” in there (recommended here twice) and it has the indicator for “good starting point” even though several others lead into it. So if I needed a third reason to buy that set, there it is.

Luckily (YMMV) I’ve come to appreciate ebooks so it’s just a matter of finding ones that don’t have DRM and putting in my credit card.

Definitely so. I am enjoying it once I re-read the previous chapter and get my bearings. It’s just hard to get a momentum going because of all the backtracking I’ve had to do.

I’m off work this week, so maybe I’ll just sit down and read it in larger chunks and see how that goes.

Yeah, reading more than a chapter at a time is what I’m gonna try for the rest of this book. I’m about 1/3 into it but have to keep going back and reading the previous chapter over again because I can’t remember which universe the last “wham moment” happened in.

That’s quite the collection. I just read the synopsis for Destiny and it does sound quite promising. After I finish this one I may buy that and give it a go.

Ha, thanks.

I’m also proud for pausing it at just the right spot so she looks like the lady from the Math Lady meme:

Also from this episode:

Gonna tell my kids this is David Cross