Loo kontoLogi sisse

Viimatised otsingud

Pole viimatisi otsinguid

Otsimisvalikud

Saadaval vaid kui sisse logitud.
est.social on üks paljudest sõltumatutest Mastodoni serveritest, mida saab fediversumis osalemiseks kasutada.
est.social on mõeldud Eestis üldkasutatavaks Mastodoni serveriks. est.social is meant to be a general use Mastodon server for Estonia.

Administraator:

Serveri statistika:

88
aktiivsed kasutajad

est.social: TeaveProfiilikataloogIsikuandmete kaitse

Mastodon: TeaveTõmba äppKiirklahvidLähtekoodv4.3.6+est

#nginx

9 postitusega8 osalejaga4 postitust täna
Daniel ⏚<p>Si ça continue, nous bloquerons Azure, AWS et consort 😡</p><p><a href="https://mastodon.eole.education/tags/intelligenceArtificielle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>intelligenceArtificielle</span></a> <a href="https://mastodon.eole.education/tags/ia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ia</span></a> <a href="https://mastodon.eole.education/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>web</span></a> <a href="https://mastodon.eole.education/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://mastodon.eole.education/tags/netadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>netadmin</span></a> <a href="https://mastodon.eole.education/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> <a href="https://mastodon.eole.education/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.eole.education/tags/ingressNginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ingressNginx</span></a></p>
Xavier «X» Santolaria :verified_paw: :donor:<p>📨 Latest issue of my curated <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> and <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> list of resources for week #13/2025 is out!</p><p>It includes the following and much more:</p><p>➝ DNA of 15 Million People for Sale in <a href="https://infosec.exchange/tags/23andMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>23andMe</span></a> Bankruptcy,</p><p>➝ <a href="https://infosec.exchange/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trump</span></a> administration accidentally texted a journalist its war plans,</p><p>➝ Critical Ingress <a href="https://infosec.exchange/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> controller vulnerability allows RCE without authentication,</p><p>➝ <a href="https://infosec.exchange/tags/Cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cyberattack</span></a> hits Ukraine's state railway,</p><p>➝ Troy Hunt's Mailchimp account was successfully phished,</p><p>➝ <a href="https://infosec.exchange/tags/OpenAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenAI</span></a> Offering $100K Bounties for Critical <a href="https://infosec.exchange/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerabilities</span></a>,</p><p>➝ <a href="https://infosec.exchange/tags/Meta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Meta</span></a> AI is now available in <a href="https://infosec.exchange/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WhatsApp</span></a> for users in 41 European countries... and cannot be turned off</p><p>Subscribe to the <a href="https://infosec.exchange/tags/infosecMASHUP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosecMASHUP</span></a> newsletter to have it piping hot in your inbox every week-end ⬇️</p><p><a href="https://infosec-mashup.santolaria.net/p/infosec-mashup-13-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec-mashup.santolaria.net/</span><span class="invisible">p/infosec-mashup-13-2025</span></a></p>
James Seward<p><span class="h-card" translate="no"><a href="https://mastodon.social/@Edent" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Edent</span></a></span> &gt; <a href="https://mastodon.jamesoff.net/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> and <a href="https://mastodon.jamesoff.net/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> reverse proxy manager installed. Probably done that right. No idea if it'll survive a reboot.</p><p>Reboot now to check while you have all the context in your brain to fix it.</p>
Terence Eden<p>Right!</p><p><a href="https://mastodon.social/tags/JellyFin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>JellyFin</span></a> installed. Most of my media reorganised and indexed.</p><p><a href="https://mastodon.social/tags/Tailscale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tailscale</span></a> deleted. I can't be bothered running it 24/7 on my phone.</p><p><a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Docker</span></a> and <a href="https://mastodon.social/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> reverse proxy manager installed. Probably done that right. No idea if it'll survive a reboot.</p><p><a href="https://mastodon.social/tags/LetsEncrypt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>LetsEncrypt</span></a> set up with Dynamic DNS. No SSL errors!</p><p>HD Streaming over 5G works - but will have to see how adaptive it is on shitty hotel WiFi.</p><p>Bit of a faff, but seems to be working. Next step is configuring a Fire Stick to work with it.</p>
Jan ☕🎼🎹☁️🏋️‍♂️<p>I give up. No matter what I try, I cannot get <a href="https://fedi.kcore.org/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> to serve <a href="https://fedi.kcore.org/tags/php" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>php</span></a> from two different locations, one being /var/www/phpmyadmin/html (mount from another container) and another being /var/www/hosting. The paths are all visible inside the container and accessible. </p><p>Yet, it doesn't work.</p><p>```<br> server {<br> listen 80;<br> listen [::]:80;</p><p> index index.php index.html;</p><p> location / {<br> alias /var/www/hosting/;<br> }</p><p> location /phpmyadmin/ {<br> alias /var/www/phpmyadmin/html/;</p><p> location ~ \.php$ {<br> fastcgi_pass phpmyadmin:9000;<br> fastcgi_param SCRIPT_FILENAME $request_filename;<br> include fastcgi_params;<br> }<br> }<br> }<br>```</p><p>This *should* just work, yet it does not. Baffled.</p>
OTX Bot<p>Highway Robbery 2.0: How Attackers Are Exploiting Toll Systems in Phishing Scams</p><p>A massive SMS phishing campaign targeting U.S. drivers exploits various toll systems, including E-ZPass, SunPass, and TxTag. The scam uses fake payment alerts sent via iMessage and SMS from foreign numbers to lure victims to fraudulent websites. Analysis reveals a pattern in domain names and infrastructure, with most phishing sites hosted on Chinese ASNs like Tencent and Alibaba Cloud. The campaign employs nginx web servers and constantly shifts tactics to evade detection. Over 2,000 complaints have been filed with the FBI's Internet Crime Complaint Center, prompting warnings from the FTC and toll authorities. The scam's effectiveness stems from the inconsistency in legitimate toll collection domain names, making it challenging for users to distinguish between real and fake websites.</p><p>Pulse ID: 67cee3481de685393015d1b3<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67cee3481de685393015d1b3" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67cee</span><span class="invisible">3481de685393015d1b3</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-03-10 13:04:08</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Chinese</span></a> <a href="https://social.raytec.co/tags/Cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cloud</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/FBI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FBI</span></a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ICS</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SMS</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
Jan ☕🎼🎹☁️🏋️‍♂️<p>Really struggling getting an <a href="https://fedi.kcore.org/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> config to do what I want. </p><p>It's easy imho:</p><p>```<br>root /var/www/blank;</p><p>location /pma/ {<br> alias /path/to/phpmyadmin;<br>}</p><p>location / {<br> alias /path/to/my/webroot;<br>}</p><p>yet, it always keeps resolving paths from the root. I don't get it.</p><p>It's probably gotta be something really silly.</p>
Daniel ⏚<p>C’est un peu des bourrins les robots des voleurs de l’intelligence artificielle, ça tape plusieurs fois par seconde.</p><p>J’ai bien tenté d’ajouter des entêtes X-Robots-Tag</p><p><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Robots-Tag" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">developer.mozilla.org/en-US/do</span><span class="invisible">cs/Web/HTTP/Headers/X-Robots-Tag</span></a></p><p>…mais ils n’en ont rien à faire, qui aurait pu prédire.</p><p>Je suis donc passé à l’étape suivante&nbsp;«&nbsp;block-user-agent&nbsp;»&nbsp;:</p><p><a href="https://kubernetes.github.io/ingress-nginx/user-guide/nginx-configuration/configmap/#block-user-agents" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">kubernetes.github.io/ingress-n</span><span class="invisible">ginx/user-guide/nginx-configuration/configmap/#block-user-agents</span></a></p><p><a href="https://mastodon.eole.education/tags/intelligenceArtificielle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>intelligenceArtificielle</span></a> <a href="https://mastodon.eole.education/tags/ia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ia</span></a> <a href="https://mastodon.eole.education/tags/web" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>web</span></a> <a href="https://mastodon.eole.education/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://mastodon.eole.education/tags/netadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>netadmin</span></a> <a href="https://mastodon.eole.education/tags/kubernetes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>kubernetes</span></a> <a href="https://mastodon.eole.education/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.eole.education/tags/ingressNginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ingressNginx</span></a></p>
uberspace.de<p>Unsere Statistiken zum gestrigen Wahltag: </p><p>Die vielen paar Millionen Requests auf wahlrecht.de haben den Host kurzzeitig ein bisschen ins Schwitzen gebracht aber er hat fleißig weitergerechnet.</p><p>Danke für die gut gebaute Website <span class="h-card" translate="no"><a href="https://fairmove.net/@wahlrecht_de" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wahlrecht_de</span></a></span> 😉 </p><p><a href="https://uberspace.social/tags/wahlrecht" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wahlrecht</span></a> <a href="https://uberspace.social/tags/wahl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wahl</span></a> <a href="https://uberspace.social/tags/wahl2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wahl2025</span></a> <a href="https://uberspace.social/tags/btw2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>btw2025</span></a> <a href="https://uberspace.social/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> <a href="https://uberspace.social/tags/grafana" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>grafana</span></a></p>
Avalik
Christoffer S.

Joshua Rogers joshua.hu/proxy-pass-nginx-dec

Joshua explores vulnerabilities/weaknesses related to how web servers, particularly nginx (through proxy_pass), handle URL normalization and path traversal. It highlights that paths can be manipulated using sequences like /../, leading to potential security issues such as path traversal vulnerabilities, cache poisoning, and authentication bypass.

Joshua.Hu Joshua Rogers’ Scribbles · proxy_pass: nginx’s Dangerous URL Normalization of PathsI have recently been looking into dangerous path normalization by webservers (and browsers!) and ways to exploit typical configurations that are used on the internet. I’ve been looking at how servers handle the forward and back-slash characters (/\) and the dot (.), as well as their URL-encoded values, %2F %5C %2E respectively. I have detailed this problem in depth in a proposal to extend the Content-Security-Policy feature, however today I want to discuss three ways this problem can be exploited, and how nginx’s proxy_pass directive is commonly configured to allow exploitation, without operators realizing.
#nginx#SecurityResearch#CyberSecurity
Vastatud lõimes
Avalik
Timo Tijhof

Scheduling HTTP Streams
by Alexander Krizhanovsky.

Understand how a web server manages millions of concurrent web requests.
* Differences in treatment for progressive JPEG vs a PNG.
* Resilient against DDoS attacks and other vulnerabilities.
* Compare Nginx, Envoy, Apache.

fosdem.org/2025/schedule/event

Live stream:
live.fosdem.org/watch/ua2220

Alexander presenting on stage at the Fosdem Web Perf track in a lecture room at University Libre Brussels, next to a his slides and a green chalkboard.
#fosdem#fosdem2025#webperf
Avalik *
Michaela Molthagen

Hmpf. Habe ein Problem mit #nginx

Ich will, dass bestimmte Verzeichnisse (z.B. Webfonts oder Bilder) nur von bestimmten Webseiten eingebunden werden dürfen.

Ich habe also unter /etc/nginx/sites-enabled/cors.conf eine nginx-Konfiguration mit 

map $http_origin $origin_allowed {
default 0;
https://www.example.com.de 1;
}

map $origin_allowed $origin {
default "";
1 $http_origin;
}

und dann zwei nginx-Konfigurationen für die betreffenden Seiten (z.B. site_name fonts.example.com und site_name images.example.com), deren Inhalte ausschließlich auf www.example.com eingebunden werden sollen, jeweils mit

location / {
add_header 'Access-Control-Allow-Origin' $origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST';
}

Das funktioniert, solange nur eine nginx-Konfiguration diese location-Anweisung enthält.

Sobald ich sie in zwei nginx-Konfigurationen schreibe, funktioniert es nicht mehr.

Weiß jemensch, wie ich das beheben kann?

Danke im Voraus!

www.example.comExample Domain
Avalik
Stefano Marinelli

Publishing a photo of approximately 4MB from my snac instance (at home with 20 Mbit/sec uplink) meant overwhelming everything.
This happened because, for every remote instance, Nginx was requesting the multimedia file from snac. However, due to saturated connections, it took several seconds, leading to thread exhaustion in snac.
I resolved this issue by caching the multimedia files myself using Nginx, which significantly improved performance.

This matter will be covered in a subsequent (simple) blog post.

#snac#snac2#nginx
AvastaLaiv lõimed
Teave