serverfault.com

I'm using Debian 13 and Nginx 1.26.3 as well as jQuery 3.2.1. About every 3 minutes the played song changed and the client browser should be updated. For that I use SSE (server sent event). This works fine and I use jQuery to change the tag content in the HTML page. When I look in the source code of the Page, I can see that all values are updated as expected. but not the view of the browser (FireFox and Chrome tested). If the img src will be changed, the browser immediatly shows the new cover of the song. But if I update the <spam> or the <p> tag, the browser don't show the new values, but they are updated by jQuery! For the udates I used text. html and also val. In all cases the update happens but will not shown an the browser view. Is there a newer jQuery version which updates the browser view automatically? Have I to change something or use a jQuery function which forces the browser

I have a web server that uses a additional restful server in a different port. I would like to allow traffic to the restful server only after a connection to the main server has been established. To accomplish that I use the following rules -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 3001 -m recent --set --name P1 --mask 255.255.255.255 --rsource -A INPUT -p tcp -m tcp --dport 8000 -m recent --rcheck --seconds 1000 --name P1 --mask 255.255.255.255 --rsource -j ACCEPT -A INPUT -p tcp -m tcp --dport 8000 -m state --state NEW -j DROP -A INPUT -p tcp -m tcp --dport 8001 -m recent --rcheck --seconds 1000 --name P1 --mask 255.255.255.255 --rsource -j ACCEPT -A INPUT -p tcp -m tcp --dport 8001 -m state --state NEW -j DROP A connection is allowed to port 8000 / 8001 only if a connection on 3001 has already been established. The thing is that the scheme breaks down after three connections to port 8000, and when

My Microsoft for Startups application is being rejected even after correct documents. I accidentally selected the wrong state during onboarding (should be Telangana). We are a verified startup building B2B sales solutions and ready to provide any proof. Please review our application and help enable the Azure startup credits. We are ready to verify our business fully and provide any required documentation. We are a credible, registered company and we intend to deploy our infrastructure on Azure. Here is my linkedin https://www.linkedin.com/in/swarna-m-17aa4638a/ enter image description here

I'm using auth_request to use an external process to authenticate the client certificate in a mTLS with. The code is something similar to this: http { # ... http configuration ... server { listen 443 ssl; ssl_certificate /etc/nginx/server.crt; ssl_certificate_key /etc/nginx/server.key; ssl_verify_client optional_no_ca; location /protected/ { auth_request /auth; proxy_pass http://backend_service; } location = /auth { internal; proxy_pass http://auth_service/verify; proxy_set_header X-Client-Cert $ssl_client_escaped_cert; proxy_pass_request_body off; proxy_set_header Content-Length ""; proxy_hide_header Set-Cookie; proxy_ignore_headers Set-Cookie; proxy_set_header Cookie ""; } } } To improve performance on the authentica

This is for Apache 2.4.58. Why is it that the following order of Location/LocationMatch will only evaluate the latter, but if it is reversed that it will evaluate both as intended? <Location /basic/website/> Require external-group third-party-require-clause-allowing-for-anonymous-access </Location> <LocationMatch "^/basic/website/(?<user>[-_\.\w\d]+)/?" > Require user %{env:MATCH_USER} </LocationMatch> For reference, I am using mod_auth_external 3.3.3 for the third-party require clause. The intention of the above configuration is to grant anonymous access (when appropriate) otherwise grant access according to criteria finally to ensure that a specifi

We're going through and hardening our AD security, and one of the recommendations is the usage of the Protected Users Group for privileged accounts. Which accounts should we place in this group (domain admins, local privileged accounts, etc) and what are the gotchas for those who have done this already? Thank you!

We are an MSP and provide an IAAS platform for our customers and also provide the licenses for everything Microsoft related via Service Provider License Agreement (SPLA). Our FinOps tool discovered Visual Studio Community Edition on several servers, and is proposing Visual Studio Professional licenses for it. My first guess would be that the tool is incorrect so I wanted to exclude these community editions as it is used for DEV/TEST purposes. But according to SAMExpert everything hosted in SPLA should be licensed as a production workload even if it is for DEV or Test. (https://samexpert.com/visual-studio-msdn-non-production-hosting-in-spla-audit/) Is this correct? (our customers will be happy that th

I am running pi-hole instance in a docker compose setup and want it to also act as my dhcp server. In addition to pi-hole, I added to the compose file a container for pi-hole prometheus metrics exporter and a dnscrypt-proxy. I have following docker bridge networks running: proxy for traefik access, observability for the grafana stack. To get dhcp working, I see currently two options use a dhcp proxy - which currently I do but want to get rid of set the network_mode of pi-hole to host - loosing the benefits of traefik auto detection - which I do not like either. Isn't there a better way to to get access to broadcast packets in docker containers? That would also help to isolate my home automation container stack. Similar issue there ...

I'm facing a strange behavior on a Windows 11 VM originally created on Proxmox 8, and then migrated to VMWare ESXi 6.0 (the product detects for example VMWare 6.5, and doesn't work if the version of that hipervisor is newer than 6.0.0). It needed to be migrated because there is a strange software that runs on top of that VM that uses a licensing model that goes deep into the hardware layer, and no CPU emulation of Proxmox works, not even "host"...it only works with VMWare but only old versions, not new ones. Even that, we originally installed the OS on Proxmox, and let the 3rd party provider install the product (it's a hard process, with a lot of steps to have it working) there, just to check if there was a way to make it work on Proxmox. But no, then the VMs were migrated to a fresh installed VMWare ESXi 6.0. The migration process involved running qemu-img convert to move from qcow2 to vmdk. The VM is a UEFI based one. The strange behavior is that eve

Current Setup: A host-run HTTP application is fronted by an NGINX reverse proxy running in a Docker container. Network Configuration: The NGINX container uses a bridge network. It was started with --add-host=docker.host.internal:host-gateway and ports 80 and 443 published to all interfaces (0.0.0.0). Request Flow: A request arrives on the host on port 80 or 443. It is routed to the NGINX container. NGINX proxy_pass forwards the request to docker.host.internal:<port>. This resolves to the host's gateway (typically 172.17.0.1), where the host application is listening. When load reaches ~800 RPS, connections from the NGINX container to the upstream host (172.17.0.1) become unstable. 50% of requests fail with a error: 2025/11/28