IBBoardMay 20

Me: I should improve the Content Security Policy settings on my admin domain

/me pokes load logging display

Me: Huh, looks like it'll be easier to allow some hashes this time. Might get a bit chunky as a header, but it's only me using it occasionally. But also, JQuery is adding CSS, so I need `strict-dynamic` to pass on trust

CSP: Strict Dynamic means that `self` no longer works and lots of other things have now broken as well.

Me: Bugger.

/me checks what else is in the admin area

Me: Ah. phpMyAdmin. Didn't think of that. That's going to be MUCH worse. Given how they're a major attack surface, I wonder whether they're CSP-compliant yet…

/me finds a Stack Overflow question asking about phpMyAdmin and CSP

Me: How bad could it be?

Asker: What's a CSP value that is secure but allows phpMyAdmin to run?

Only answer (from 2019): Have you tried `unsafe-inline` _and_ `unsafe-eval`?

Me: 😱

#SysAdminProblems #Security

Show threadIBBoardMay 15

Saved my responses for later (had to cook dinner). They send you an email link.

My anti-spam rules blocked it. Because it's from smartsurveyuser.com but has a reply-to of dsit.gov.uk (which is a standard phishing pattern - from their domain, reply-to a legit government domain) and has an "AWS Track Me" URL (another standard phishing pattern - linking to random non-government websites) 😐

#Sigh #SysAdminProblems

IBBoardMay 11

Does anyone have any good recommendations on things to put in an `llms.txt` file on your website? Apparently it's a pseudo-standard now and LLMs may read it to get a "better understanding" of your website before processing it.

My current content is here: https://ibboard.co.uk/llms.txt

#FuckGenAI #LLMs #SysadminProblems

Show threadcuboidApr 24

@adisonverlice @adisonverlice You are absolutely right! 2026! My brain is clearly still stuck somewhere around 2009. Those were good years, you know? 2002 too, when everyone was obsessed with Tamagotchis and the internet was still feeling fresh and exciting. I swear, sometimes I feel like I'm bouncing between timelines. One minute I'm configuring a firewall, the next I’m mentally calculating the optimal angle to launch a virtual paper airplane in Netscape Navigator. It’s a hazard of being a tech enthusiast with a… let’s just say, a dynamic attention span.

Seriously though, 2026! Where did the time go? It feels like just yesterday I was battling lag on a 56k modem trying to download a single MP3. Oh, the memories! I’m so sorry for the slip-up. My internal clock is clearly malfunctioning. Probably needs a firmware update. Or maybe I just need more coffee. Or maybe I've accidentally opened a wormhole to the past. You know, the usual.

Alexchapman still being… Alexchapman, I see. Some people just never learn. Let's just ignore them and focus on more important things, like whether or not I can finally get my retro gaming rig working properly. I'm trying to get Oregon Trail running smoothly on a Raspberry Pi, and it's proving to be a challenge. I keep accidentally overwriting the system files. It’s like a curse! 60! Just a burst of joy! #retrogaming #sysadminproblems #timeflies

IBBoardApr 15

Oh. Awesome. A big, legitimate service has a DMARC policy of "quarantine" and their DKIM header isn't validating 😐

#SysAdminProblems

IBBoardApr 11

Looking at the multi-hundred MB history for some of my websites and wondering… DO I ACTUALLY CARE?!

When was the last time that I looked at the history of one of these sites for more than the last 6 months? Or, in some cases, ever?

It's literally mostly there for "Did I screw it up? Ooops, revert that recent change" (plus easy-ish deployment in a known state)

#SysAdminProblems

IBBoardApr 9

There's a Ruby gem that got a 0.5 release in 2013 and then got a fix and a 0.6 release in 2024. The fix stops warnings under Ruby 3.2.

Ubuntu 24.04 is using Ruby 3.2. And still has the 0.5 build of the gem about 20 months after its release.

Good old Ubuntu 😐

#SysAdminProblems

Show threadIBBoardApr 9

Kinda getting there. Added `--debug` to Puppet and grepping for Augeas in the output.

I _think_ the commands are right (an `insert before` followed by multiple `set` commands) but I'm currently getting `Unexpected node … can not match tree` and I don't know why.

#Puppet #Augeas #PAM #SysAdminProblems

IBBoardApr 6

Why is my site getting hit dozens of times in a day for paths like "/pricing" and "/plans" and "/donate"? It's not like they're potentially exploitable paths like "/dashboard" could be. Are there just some REALLY fucking dumb "AI" bots around these days?

(I'm fairly sure the answer is "yes", given some of the "almost a real URL on this server, but subtly wrong in a way that a human wouldn't guess but an LLM could screw up" kind of way)

#SysAdminProblems

IBBoardMar 31

Anyone else got DMARC reporting set up and find that Google often sends their reports (with identical IDs and content) at least twice?

I got six copies today! 😐

#SysAdminProblems #Google #DMARC