A Bash script I’ve used for many years got some love recently and I’ve uploaded it to Codeberg.1 The HTTP Limiter is my answer to the bots, scrapers, and pentest tools that constantly hammer on my public facing hosts. Though “hammer” might actually be an understatement. What once seemed like constant background noise has now become the norm with noticeable consequences: Log files grow faster and make you blind to relevant entries. Processing meaningless requests consumes more CPU, RAM, and bandwidth. REST APIs in particular, often implemented in slow frameworks and programming languages with sluggish database connections, are highly vulnerable to DDOS2 attacks. Read more

One issue left from my CSS-Hacking-Session last month: The Dark-Mode of this Website. Well, today I finally managed to activate the dark side of the force. Enjoy!

Friday afternoon, a long bank holiday weekend lies straight ahead. Time to fix a few issues in this blog. Basically just minor ones and for the most visitors irrelevant. But for me important details, making the difference to the standard modular websites. Yellow Textmarker One of these inconspicuous details is the highlighting with a “yellow textmarker”. I have been annoyed more than once when highlighting is done in the standard system colours. For a viewer, exactly the opposite happens: The highlighting worsens the readability and the contrast as the following picture shows: Read more

The last two days I improved my own architecture and extended everything with a PDF workflow. If you like, you may download my larger blog series from the previous year in one piece as a PDF file and read them offline, a total of 75+ pages of condensed facts: Corona Warning App Home Office Workplaces Macbook Revival Come on, PDFs for old articles? Seriously? Well these are just test-balloons and working examples for my new PDF workflow. With the help of Pandoc, Git, Bash and Xelatex I have been able to achieve a significant improvement. The three linked PDFs are 100% automatically created from the content of this blog without my intervention. In future, this workflow will also be used for audits, documentation or other articles for third parties. Read more

Everyone knows the alert when visiting a website with expired certificates. At least once a month I stumble into one or I receive tickets with questions asking what to do. “Nothing” is my reply in most cases. “The mistake is on the other side”. On this occasion, my very special appreciation to the owners and/or administrators of such sites for the extra work required. The obvious solution to avoid such embarrassments: A software or service with periodic checking and notifications. Sounds obvious, but unfortunately doesn’t always work. Read more

This weekend, Jochen T. contacted me with an interesting question about Hugo and the theme I am using for this blog: I don’t understand how I can create a “normal” feed, I have searched for help, but found nothing. My feed only contains the categories “micro”, “blog” or “page”, but I would like to have a feed with the individual posts in full text (like you). Due to the fact that others might have the same question, I answer this in the public of course after prior request and approval by Jochen. Read more

Today I’ve recieved a Email with following Headers: Arc-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none Erhalten: from xxxxxxxx.protection.outlook.com May I ask openly what this “protection” outlook.com server does in the absence of common spam and security features? There are numerous tools in the web for (self-)checking. I usually provide this link and try to lead by example before going into further details like IP-Stripping, pentests or security: https://mxtoolbox.com/domain/jakobssystems.net/ With this in mind, stay healthy! Read more

At the beginning of the (first?) Corona lockdown in March 2020, I was advised during an nightly Jitsi meeting by a befriended admin from Hamburg about giving Hugo a chance. Probably just after I dropped a rant about Rapidweaver, my previous static site generator on the Mac. Making of blog.jakobs.systems The idea needed to grow for almost half a year, till August, when I finally found a test balloon for Hugo: My personal blog and if everything succeeds, my official website, which is slowly getting rusty. Read more

After some finetuning of this blog it is time for a break and to check the current state objectively. Yes, quality is measurable - these online tests give you a quick overview where you stand: Google Lighthouse Mozilla Observatory SSL Labs Servertest Webbkoll Hardenize DNSViz The results are quite impressive. Everything’s shipshape. Postscriptum from October, 18th 2020: I’ve added Hardennize and DNSViz to the list. Hardenize offers wonderful birs-eye view for Web+Email, DNSViz due to the fact that its checking the DNS.

You’re damn late! This was the initial response of a friend while showing him a previev. But finally, here we are. This is a blog round about my work and all the things I am taking care of. Everything is work in progress and this website is kind of Playground seperated from the formal official website. As you might have expected: No 3rd party ressources, no data collection or transfer to 3rd parties. This website is built and operated with free software only (Builder, Hugo, Gitea, Debian, Apache and damn I am so proud of! Read more