johnk
johnk
About
- Username
- johnk
- Joined
- Visits
- 430
- Last Active
- Roles
- Member, Hosting Provider
- Thanked
- 91
Comments
-
What exactly is the use case of this? Do you expect your firewall/IPS's config to change? Are you trying to make sure no one exposes any services publicly? Both those should be handled by properly setting up your router/fw. The problem with pentest…
-
Have you enabled DKIM in your workspace policy?
-
(Quote) Did these forged emails pass SPF + DKIM checks?
-
(Quote) Probably 5-6, and the menu to remove HSTS is a bit obscure
-
(Quote) I'd generally go with Full. cPanel doesn't always properly renew certs with Cloudflare active, which could cause some issues (Quote) I wouldn't preload HSTS, but you can still turn it off, clear your HSTS domains, and access your site over …
-
(Quote) Yes, it can help. It does not prevent the phishing attacks you mention, as those typically do not forge the email domain, and send it from a different domain. For example, microsoft-server-example.xyz. DKIM/SPF passes, so it delivers to the …
-
(Quote) DMARC isn't mandatory is prevent email forgery. As long as you aren't authorizing the IP via SPF, any email client should take it very cautiously. I doubt Google would blacklist your domain if the sending was forged. How did they forge your …
-
(Quote) Anyone can send an email from your domain, and forge the From header. SPF/DKIM/DMARC keep the receiving client from recognizing these emails as legitimate. How did they forge those too?
-
Why were they able to forge your domain and send emails?
-
(Quote) Fair & valid - though, you'd have to keep in mind introducing new/other plugins no longer makes it apples to apples. What are the other plugins doing/serving? You'd typically want to slim it down to the point where the sole different is…
-
Lots of interesting discussion - just a few questions I thought I'd answer: (Quote) Yes - Cloudlinux, CageFS/LVE, is based on technology already built into the kernel (obviously, modified further at a kernel level, but same concept). You've got cha…
-
We've actually had sites go down because of this. Not "My facebook image won't load" down, but completely timeout. Ahhh...WordPress...
-
(Quote) Why is that? That is effectively what these backup plugins do, except you have less work.
-
(Quote) They're 0.005/GB, basically a non issue unless you are pushing tens of TB.
-
I'd recommend taking a look at GPC from Genesis Hosting: https://genesishosting.com/genesis_public_cloud.html Resources on demand, so you can terminate instances as needed once encoding is done and save quite a bit on already-affordable prices. Pe…
-
Can anybody really look me in the eye and say this caught them off guard? It's long due
-
(Quote) IMHO, since you gloss over the idea if "threads" anyways ("hands") it makes sense to just use that and talk about provisioning users to threads. (eg, "# of jobs assigned to a worker")
-
(Quote) I love the analogies for the components - that is really awesome! One suggestion: (Quote) A vCPU is pretty much universally accepted as a (1) logical processor. You can pin/provision 4 (or 8, or 12, or whatever) users to a vCPU, the actual…
-
Shared license = pirated/nulled license. Stay away.
-
GCore is nice pricing/PoP wise and also has some great features, but routing was wacky last time I tried them ~5 months ago. They use gDNS instead of anycast.
-
(Quote) Different use cases primarily, with some overlap. CF is images only for now, B2 is object storage, and honestly, primarily archival storage, as bandwidth is typically lackluster. (Quote) I mean, you can if you want, though I'm not sure why …
-
I'm a fan of WPVivid Backup and Restore. Works great for Backup and Migration
-
(Quote) Which, is really part of the issue at hand. It AMP was a standard built for general site optimization, awesome. But it's either-or. AMP is a completely separate version of your site that you now have to maintain. So, why not optimize it well…
-
As far as caching goes, .htaccess vs Litespeed is usually ms's, so nothing that actually makes a difference for most sites. Concurrency is another story, but you aren't going to put a site getting 3000 rps on a $5 shared hosting plan
-
(Quote) Frankly, never done any in-depth testing there. IIRC, CF SPC has a server-cache function, so actually, I'd just use that.
-
(Quote) We did a benchmark of all the popular free caching plugins: https://blog.cynderhost.com/we-tested-9-wordpress-caching-plugins-heres-what-we-found/ - tl:dr; Any plugin using .htaccess to serve cached files will come out very close. So, Swift…
-
(Quote) I don't disagree. Obviously, lighter and faster websites are great for everyone. My issue is with the AMP standard itself. It's really was an almost-entirely-Google project, for who know what reason. Requiring special HTML markup, ridiculou…
-
I typically recommend against AMP. It's an annoying and frankly stupid concept
-
We use StackPath: stackpath.com It works, and it works well, so that's all I can really ask. Frankly, there's not a while lot of CDNs that tick all the boxes. Fastly still charged $5/domain for SSL.
-
(Quote) It depends. Most don't ever use anywhere near those resources, so even with what people 'perceive' to be less resources (X GB, X% total vs Y RAM/CPU x Z accounts) - most people may not actually see an impact. If anything, they'll have more f…
-
(Quote) Not really - for millions, I wouldn't really be comfortable with just 8 GB/5 5C usually. Maybe couple hundred thousand, but there's bound to be contention since it's shared and wouldn't be profitable otherwise. (Quote) It's exactly that! Fe…
-
(Quote) Nice catch! (Quote) Yeah. Fortunately though, WP only passes a string in the the_content hook, so it won't be an issue.
-
(Quote) The issue is in PHP 8.0, usage became more strict compared to 7.4. So, technically "improper" assignment like what you were doing throws a warning now. You can ignore it or just suppress it if it bothers you. As for your code: fu…
-
Headless WordPress is de-coupling the backend/frontend. Backend runs on WordPress, via API, and frontend can be something else, ie, Gatsby.JS. That allows you to use WP Admin to publish/manage content but also gives you more flexibility to design yo…
-
Hey ya'll - we've been working on something fun recently and would love to get everyone's feedback. Unused CSS is something we get quite a few complaints about, so we've developed a tool to strip all of it and compile a single optimized stylesheet …
-
(Quote) It's likely not a slickstack config option. It's a kernel parameter you can tune via editing /etc/sysctl.conf / /etc/sysctl.d/.conf / sysctl -w "vm.swapiness=0-100" (Quote) > Correlation != causation, especially with something…
-
(Quote) vm.swapiness is what you want to take a look at. Swap, contrary to public belief, isn't just used for when RAM runs out. There are a variety of things that determine memory pressure, and things like page-size play a role too. (Quote) A dedi…