Just released: #swad v0.3!

https://github.com/Zirias/swad/releases/tag/v0.3

swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add #cookie + login #form #authentication to whatever your #reverse #proxy offers. It's written in pure #C, portable across #POSIX platforms. It's designed with #nginx' 'auth_request' in mind, example configurations are included.

This release brings a file-based credential checker in addition to the already existing one using #PAM. Also lots of improvements, see details in the release notes.

I finally added complete build instructions to the README.md:

https://github.com/Zirias/swad

And there's more documentation available: manpages as well as a fully commented example configuration file.

If anyone wants to give hetzner a go for their cloud server needs, get $20 dollars on me: https://hetzner.cloud/?ref=WLd2dOrCS4CP
#sysadmin #foss #infosec #docker #podman #linux #opensource #javascript #coding #php #rustlang #golang #debian #arch #network #caddy #nginx #apache #webdev #development

I want to look up the #CIDR associated with #network #IPs which appear in my #nginx logs (for the purpose of limiting ranges).

So many tools have this sort of thing built in that I assume there is a "best" #API or method for doing those lookups - but blowed if I can figure out where to go.

Does anyone have a suggestion?
#infosec #bots

Edit: forgot to say, I'm running on #Debian so if there is a db in some package I can install that.

#Freenginx 1.27.6 has been released (#nginx / #http / #http2 / #http3 / #httpd / #Web / #Webserver / #TLS / #TLS13) https://freenginx.org/

#nginx 1.27.5 (dev) has been released (#http / #http2 / #http3 / #httpd / #Web / #Webserver / #TLS / #TLS13) https://nginx.org/

A pic I took on the streets of #Portland
# 363 days ago, area within walking distance of #Revolution Hall.

I've remained publicly silent on my #WriteTheDocs conference attendance last year because it was .... a shitty conference.

And today I'll tell you why it was a shitty conference.

There was a self-proclaimed "extrovert" who got up on stage and vomited bullshit about how she was representing #Nginx.

I did not plan to give a talk, but when I woke up the last day of the conference, I really had this pressing intuition that I should speak up for the talent that was maybe intimidated ... that NO, you don't need a fucking Macbook to be a technical writer... not all technical writing is about computer-related things.

But then did I find out ... what that Nginx "extrovert" was really there to do was be the shithead #censoring the indigenous voice that wanted to get on stage and tell everybody that not all #TechnicalWriting has to be about #technology.

But that snooty white supremacist bitch rejected this talk.

把 nginx 換成 Caddy

把 blog 主機從 nginx 換成 Caddy，算是嘗試看看？ 前面有擋 CloudFront 的情況下，Caddy 自己對 Let's Encrypt 的處理有卡住，原因是 CloudFront 連到 origin server 的時候會需要有 valid HTTPS connection，但 CloudFront 上開 HTTPS only 導致 dead loop。 404.tw 在 CloudFront 修正設定變成與 client 端相同的 protocol 就正常了，但 blog 本身的 blog.gslin.org 與放圖片用的 i.gslin.com 就一直失敗，結果重試太多次撞到 Let's Encrypt 的 rate limit... 後來想到有可能是 cache 造成的，但清了 cache 然後等一個小時後發現還是不行，就先 bypass Clou…

https://blog.gslin.org/archives/2025/04/17/12351/%e6%8a%8a-nginx-%e6%8f%9b%e6%88%90-caddy/

GRRRR!!!

I just spent the last hour of my life chasing round in circles just because #nginx wouldnt serve up my css file for some reason. I forced the mime types in the nginx config and everything...

Weirdly, Chrome was fine but firefox wasnt when loading this?

Anyway, turns out the reason why is because nginx has this *14 year old* bug that means it falls apart whenever there's a dash in a file name. Wtf?! How has no one looked at that yet

Web sockets don’t like me. I have set up #mastodon on one machine (Podman) and #nginx on another machine (also running as a container). Everything works fine in a browser but all mobile Mastodon clients (apps, iOS) refuse to play media. I don’t see anything suspicious in the logs, it just doesn’t work and I have no idea what’s the cause.

Hey Italian speaking #cybersecurity friends

Our Ambassador @inmarvinwetrust dives into deploying a Web Application Firewall in a containerized environment using Docker, Docker Compose, #Nginx Proxy Manager, and CrowdSec #AppSec.

Learn how to install, configure, and optimize your setup for scalable and efficient security: https://blog.marvinpascale.it/posts/2025/waf-docker/

Need help installing #NGINX? If so, then you need, "Load Balancing Graylog with Nginx: The Ultimate Guide". Ensure that your #Graylog is at peak performance with Nginx load balancing capability! Get the guide to learn about:

How Nginx and Graylog go together
Load balancing a sample configuration
Installing Nginx
Changes to an Nginx configuration
Enabling HTTPS for Nginx
Load balancing Graylog Inputs
Diving deeper Into Nginx
...and more.

https://graylog.org/post/load-balancing-graylog-with-nginx-ultimate-guide/ #cybersecurity #infosec #GraylogLabs @nginx

Just released: #swad v0.2

SWAD is the "Simple Web Authentication Daemon", meant to add #cookie #authentication with a simple #login form and configurable credential checker modules to a reverse #proxy supporting to delegate authentication to a backend service, like e.g. #nginx' "auth_request". It's a very small piece of software written in pure #C with as little external dependencies as possible. It requires some #POSIX (or "almost POSIX", like #Linux, #FreeBSD, ...) environment, OpenSSL (or LibreSSL) for TLS and zlib for response compression.

Currently, the only credential checker module available offers #PAM authentication, more modules will come in later releases.

swad 0.2 brings a few bugfixes and improvements, especially helping with security by rate-limiting the creation of new sessions as well as failed login attempts. Read details and grab it here:

https://github.com/Zirias/swad/releases/tag/v0.2