Tag: WebDev

Keeping your account secure is a top priority – and enabling two-factor authentication (2FA) is one of the easiest and most effective ways to protect it. Enabling 2FA adds an extra step to your login process so your account will remain secure even if your password is compromised. Here’s how to switch it on in [read more...]

Get Your Name Right – The Internet Never Forgets Choosing a domain name might sound simple – until you realise it’s the online equivalent of naming your child. No pressure. Your domain is your digital first impression. It’s what people type, share, and (hopefully) remember. So picking the right one is crucial for your brand, [read more...]

Discover what a VPS server is, how VPS hosting works, and why it’s ideal for small businesses. Learn the benefits and explore VPS plans with Heart Internet.

💚 Hosting that works hard, treads lightly.   Big news: Heart Internet is now officially listed with the Green Web Foundation. That means our hosting services are recognised as being powered by 100% renewable energy – wind, solar, and hydro, all thanks to our partnership with EDF. So while your website might be generating traffic, [read more...]

Without web hosting, your website would not be visible or accessible to users! It is crucial to host your website with a website hosting service to ensure that your business has an online presence. Web hosts will securely store your website’s files, images, and digital content on a server, making it accessible to the public [read more...]

If you get one of the following messages from the Plesk migrator you should check that you are using root as the username along with the Plesk admin password. “The source server does not appear to be a Plesk server” “Plesk Migrator tool requires original ‘root’ user access or root user with GUI/UID = 0.” [read more...]

If you get one of the following messages from the Plesk migrator you should check that you are using root as the username along with the Plesk admin password. “The source server does not appear to be a Plesk server” “Plesk Migrator tool requires original ‘root’ user access or root user with GUI/UID = 0.” [read more...]

Did you know that the fonts you use on your website can impact the way your customers perceive and interact with your brand?

Black Friday is here, and we’re bringing you incredible savings to help your business thrive online. From 29th November 2024 to 9th December 2024, you can enjoy 15% off some of our most popular products to get the tools you need at a fraction of the cost. What’s on Offer? Here’s what you can save [read more...]

A slow website is like a slow waiter: it doesn’t matter how good the food is if the service is frustratingly sluggish. If your site takes too long to load, visitors are likely to abandon it faster than you can say “bounce rate.” But fear not! Here are some tips to help you optimise your [read more...]

I am trying to whitelist a vendor IP in our Apache config but we are behind CloudFlare. Per CloudFlare's and Apache's docs, I have done this in the config: RemoteIPHeader CF-Connecting-IP # From: https://www.cloudflare.com/ips-v4 RemoteIPTrustedProxyList /path/to/cloudflare/ipv4.txt # From: https://www.cloudflare.com/ips-v6 RemoteIPTrustedProxyList /path/to/cloudflare/ipv6.txt # Switch from %h to %a per the CloudFlare docs LogFormat "%a %l %u %t \"%r\" %>s %b" common Before CloudFlare, I could do this: # Trusted vendor IP SetEnvIf Remote_Addr ^55\.55\.55\.55$ TRUSTED_REQUEST What is the best way of acce

I have IP masquerade set up with two outbound interfaces. The main interface is wlan0 and 4G failover is $usb0. The local network is br0. (The system is Debian 12 but it's not possible to convert my existing iptables script to nft.) Since the 4G data is limited most devices should not be allowed to use it. iptables -A FORWARD -s localhost -j ACCEPT # localhost can always use 4G. iptables -A FORWARD -m mac --mac-source d0:...:15 -j ACCEPT # special device can always use 4G data. if [ "$1" = "4g" ]; then iptables -A FORWARD -s 192.168.0.0/24 -o $usb0 -j ACCEPT echo "4G data is allowed for everyone." else iptables -A FORWARD -s 192.168.0.0/24 -o $usb0 -j DROP echo "4G data is restricted." fi iptables -A FORWARD -o wlan0 -i br0 -s 192.168.0.0/24 -m conntrack --ctstate NEW -j ACCEPT iptables -A FORWARD -o $usb0 -i br0 -s 1

With Keycloak 26.4.0, the Browser - Conditional OTP" flow was changed to "Browser - Conditional 2FA" flow which now allows to use WebAuthn and Recovery Tokens as a second factor. The update documentation, however, states: Previously the default browser flow had a Browser - Conditional OTP conditional sub-flow that enabled One-Time Password (OTP) as a 2nd Factor Authentication (2FA). Starting with this version, the sub-flow is renamed to Browser - Conditional 2FA, the OTP Form is Alternative, and includes two more 2FA methods: WebAuthn Authenticator and Recovery Authentication Code Form. Both new executions are Disabled by default, but they can be set to Alternative to include them into the flow. Upgraded realms will not be changed. The updated flow will only be available for new realms. [emphasis added

When I execute the df command without parameters, I get the following list of file systems: Filesystem 1K-blocks Used Available Use% Mounted on devtmpfs 8112420 0 8112420 0% /dev tmpfs 8123692 5732 8117960 1% /dev/shm tmpfs 8123692 11908 8111784 1% /run tmpfs 8123692 0 8123692 0% /sys/fs/cgroup /dev/dm-1 293457920 85102676 208355244 29% / /dev/sda1 1038336 192912 845424 19% /boot tmpfs 1624740 0 1624740 0% /run/user/0 However, if I specify a file name, such as /, the file system for the corresponding mount point is displayed under a different name: Filesystem 1K-blocks Used Available Use% Mounted on /dev/mapper/luks-609eee17-f9f4-446d-b399-1d5a6d7ddb9c 293457920 8

I am currently working on setting up alerting for Google Cloud SQL using Google Cloud Monitoring, and I have a query written in Monitoring Query Language (MQL) that I would like to convert to Prometheus Query Language (PromQL). Here is the MQL query I am using: fetch cloudsql_instance_database | metric 'cloudsql.googleapis.com/database/postgresql/insights/aggregate/latencies' | filter resource.project_id == 'xxxxxx' && (resource.database == 'xxxxxx' && resource.location == 'xxxxxx' && resource.resource_id == 'xxxxxxx:xxxxxxxxxxxxt') | align delta(10m) | every 10m | group_by [resource.database], [value_latencies_mean: mean(value.latencies)] | condition val() > 100 'ms' This query checks the latency of a specific Cloud SQL database and sets a threshold to trigger an alert if the mean latency exceeds 100 milliseconds over a 10-minute period. Could someone help me with the equivalent PromQL query for this MQL?

I’m trying to expose a service running in the atlantis namespace through an ALB Ingress Controller that’s deployed in the application namespace on AWS EKS. The ALB is being created and reconciled successfully, but the backend health checks are failing. The NodePort services in the application namespace work fine since the Ingress is deployed there as well. However, I want to use the same Ingress to expose a service that’s running in the atlantis namespace. My current ingress details --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: ff-public namespace: application annotations: .... alb.ingress.kubernetes.io/target-type: instance .... spec: rules: .... # SOME RULES .... - host: atlantis-event.{{ $.Values.dns.domain_name }} http: paths: - path: /* pathType: ImplementationSpecific backend: service: name: a

I have an Ubuntu Server 22.04 running as an AWS EC2 instance. Trying to setup a reverse proxy with Apache2 by setting a CNAME some.example.com (not the real one) to forward the request to api.demo.com — the catch is that I need to use some.example.com for input and output. To demonstrate, a sample vhost configuration for Apache would be: <VirtualHost 192.168.0.10:443> ServerName some.example.com SSLEngine on SSLCertificateFile /etc/letsencrypt/archive/example.com/fullchain7.pem SSLCertificateKeyFile /etc/letsencrypt/archive/example.com/privkey7.pem SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyEngine On ProxyPreserveHost On ProxyPass / https://some.example.com/ ProxyPassReverse / https://some.example.com/ </VirtualHost> For this to work I would need to either set a static IP for some.example.com into /etc/hosts or, what I'm actuall

I've recently upgraded my TrueNAS 24.04.x to 25.04.x, which drops k3s support and replacing it with Docker. The first web app I'm converting (DokuWiki) is already giving me problems. I got used to using Traefik when I was using Kubernetes and using it on Docker seemed easy enough. Another reason is that is also seems to support my non-standard use case for generating SSL certificates later, but I haven't gotten to that part yet. At this stage I just need to reverse proxy HTTP requests from the IP address that Traefik is running on and have them forwarded to the app's container on port 8080. Unfortunately, none of the examples are working. Every request I send out times out and does not even register in the DokuWiki logs. I've tried several suggestions from other people I found online, no change. The docker compose files I use are at the bottom

Our internal domain is domain.local, and external is domain.com. Typical split DNS situation. My question is how do people typically handle this? We are about to start our Exchange migration, and first step we need to change all our internal and external namespaces. So we need to get internal resolution working for domain.com. 1). Create a forward lookup zone internally for domain.com and then all the necessary records. 2). Create individual forward lookup zones for each required record - autodiscover.domain.com, mail.domain.com etc Feels like both have their pros and cons, keen to get some more experienced opinions. One question would be; if you went option 1, hypothetically if you had an app that needed to validate a TXT record (say Let’s Encrypt), you’d need to create these on the internal zone at this point, and no requests would ever hit public DNS now domain.com is authoritative inside AD DNS.

This is for labbing. I'm using a GCE instance running strongswan and bird to simulate an external device and I'm connecting to a GCP VPN Gateway I setup. The VPN connection was easy to setup but BGP is really confusing me. The GCP VPN gateway must use a link-local address. How do I use link-local addresses in my GCE instance? I tried creating a virtual interface on the linux instance in the 169 range the vpn gateway is using but that didn't seem to work. when doing that I could not ping the GCP VPN Gateway's BGP address from the instance. If this was an external device that should just work right? Is the VPC not allowing traffic from this dummy interface to leave the instance? Do I need to create a subnetwork in the 169 range and attach a GCE instances nic to it? I'm only confused about routing inside VPCs in this regard. If I have two instances connected to subnetwork 10.123.123.0/24 does that mean these instances can only communicate with each ot