#webadmin
-A INPUT -s 220.187.192.0/19 -m comment --comment "bot using spoofed googlebot user agent" -j DROP
-A INPUT -s 168.220.247.0/24 -m comment --comment "bot using spoofed googlebot user agent" -j DROP
i am now naming and shaming for doing this
I realized that the #goAccess #web #analytics based on #nginx I use on #storySeedLibrary are pretty limited. Maybe too limited.
I'm considering to swapping to some JS-based ones, like Piwik or a similar #FLOSS solution.
Can you recommend anything?
Do you think that using JS-based analytics would compromise the privacy of the users?
The most fun since sliced bread (for server admins). Tuning caching parameters makes a world of difference, plus blocking any bot that is hammering your site.
tail -f access.log
Google has just informed me that the top clicks on a website I manage are from Kenya. I can't be bothered to check if they count bots as clicks or perhaps they're dog fooding their ai and it's hallucinating.
I'm also damn sure there haven't been 3.5K impressions on that site last month. The script kiddies must be busier than usual.
I just did a Google search and the third link says "No information available for this page" clicking the "Learn why" link for that entry leads to an explanation that the site has blocked it via robots.txt.
FFS Google. Honor the damn robots.txt. If they've blocked you, you shouldn't be indexing the page.
Ghezibde = projet généalogie débuté en 2003.
Aujourd'hui contributeurs de tous les continents (++ Europe, Amérique) , base de plus de 520 000 individus tous reliés/connectés, plus de 33000 médias, etc.
Données administrées avec le fabuleux logiciel #webtrees sous l'égide d'une association.
Les propositions de contributions généalogiques affluent et nous sommes à la recherche des personnes compétentes en informatique (#webhosting) et en généalogie (idéalement rattachées aux branches)
Réponse en MP ici
#ghezibde #genealogie #php #HautsdeFrance #mariadb #webadmin #hebergeur #dev #genealogy #westvlaanderen #flandre #ardennes
What do people use for self-hosted website stats these days (i.e. that isn't Google!)
I used to use "webalizer" long ago, but it seems to be a dead project now.
I'd ideally like something that breaks out things like what bots are accessing sites and also anything that has any sort of threat metrics would be nice whilst I'm still having to host some wordpress shite.
Nice service, but frankly, most webpages would benefit from a robots.txt file with a single line:
Disallow: /
I.e., crawlers not welcomed.
Given the absurd amount of SEO-optimized, LLM-generated pages filling the top results from any search engine, one might as well attempt to delist one's website entirely and rely on direct links via social media and emails.
I'm giving mitchellkrogza's "nginx ultimate bad bot blocker" a go has anyone used it? is it any good?
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
Note if you're on a Lightspeed Server there's a known issue with the Woocommerce update to 9.0.0. Manual updates or downloading the file directly from github has fixed it, as have manual updates. Or stay on 8.9.3 until Woo works out the bug. Not a good look for Automattic as far as I'm concerned. Apparently the issue is ONLY on lightspeed servers.
Hi, mein Arbeitgeber, das Hessischen Landesamt für Naturschutz, Umwelt und Geologie (HLNUG) sucht eine Koordination und Betreuung der
Internetportale und des Messdatenportals auf TV-H E13. Also quasi #Webadmin. Befristet auf 1 Jahr, soll aber in die Dauerstelle ersetzen die in Rente geht. Schaut mal rein und teil es fleißig. Wir sind (für ein Amt) ein ganz schön innovativer Haufen mit Freiheiten! https://www.hlnug.de/fileadmin/dokumente/das_hlnug/stellenangebote/A-0624-Z4-GD-1.pdf
I am sure there will still be some tweaking to do so I'm not leaping into anything else yet. But I do want to move my Mastodon and Pixelfed instances to this webserver. That will only be possible using Docker, which I am not familiar with. So more learning is to come. I would like to do it sooner rather than later but perhaps it’ll be a PD project for work in the summer.
Thanks again to the folks who reached out with Firefox tips. Things are moving along and I'm learning, which is why I like to do this kind of thing. My new #Debian 12 webserver #tabarnix is coming together!
I was a little frustrated this morning with some wordpress configuration for NGinx and how ISPConfig did (or didn’t) apply the needed directives. But I get it now and it's working!
For posterity and for the benefit of the Inter-webs, here's some NGinx snippets that I'm using in ISPConfig. Because it controls the host files but also gives the admin the ability to add directives, they have a “merge” feature. You'll see it in the php directive. Don't use that in a regular nginx host file.
I needed to set the client_body_size and buffer directives to get Wordpress happy (eliminate JSON errors when save/updating/adding images) in addition to the index.php directive to allow for permalinks.
I also updated my knowledge about enabling directory listings in NGinx with the use of a regular expression.
#####
client_max_body_size 100M;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location @php { ##merge##
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
}
location ~ ^/(NOAA|ECCC|fire)/ {
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
}
###
This is all on my https://alberniweather.ca website/blog.
The webserver is performing well! Fast and reliable!
Good Times!
#WebAdmin #WebServer #NGinx #ISPConfig #OpenSource #Linux
Any Firefox website Wizards out there? Even though my website has a verified and valid (LetsEncrypt) SSL certificate, Firefox is reporting that "Parts of the webpage are not encrypted”.
I can't find any other information on why this is occuring, I do have a couple iframes in the page (alberniweather.ca) and lots of images including some that are hosted on Google cloud.
Any help is appreciated.
#Webhosting #WebAdmin #SSL
I get why non-techy people can become frustrated with WordPress or other open source projects. I'm way not a WP novice, but can't code beyond copy/paste. 
I'm wanting a feature for a website I'm working on that should be EASY PEASY NICE AND EASY, but instead, each plugin I find is either difficult AF to use or not able to work in my scenario. Sent out a couple of support queries, and we'll see what the open source gods give us.
To webadmins out there: remember to test your .htaccess files. One easy way to check is on this online website, if its contents isn't sensitive:
https://htaccess.madewithlove.com
To test the regular expressions included in a mod_rewrite, there's this website that even has a stepping debugger:
#Wordpress experts. I have a blog (www.alberniweather.ca) that is misbehaving. It has 2000+ posts. It has performed reasonably well on a shared web host (2CPU/2GB RAM) but lately when I post a new article it max’s out the server and returns 503 for 15-20min before returning to normal. I can’t afford to just buy more resources so I need to explore all other remedies. I have tried turning off plugins, caching, etc. Suggestions?
Thanks.
#AskFedi #FediHelp #WebAdmin