Mark McBrideJan 20

While enabling http/3 on nginx for my personal site, I noticed in the logs most traffic was http/1.x, and of that almost all was garbage.

So I’ve disabled http/1.x and made exceptions for bots I want and text-based browsers. As expected, my logs are noise free. Now I’m curious to see if there are unintended side effects.

Show threadCarstenJan 20
@markmcb That sounds really nice. I would like to know how you did it. Do you have a good source which explains it on how to do it?
Show threadMark McBride

@cblte Did a quick write up for you. I’ll probably add a bit more detail later (updated!) but this has the important bits:

https://markmcb.com/web/selectively_disabling_http_1/

Selectively Disabling HTTP/1.0 and HTTP/1.1 - Mark McBride

Reduce noise from bad clients by disabling HTTP/1.0 and HTTP/1.1 while making exceptions for legitimate clients relying on those protocols.

Jan 20 at 7:13pmWeb
Show threadCarstenJan 20

@markmcb wow. Nice man. Thanks a lot.

Edit: I really like your colors. The yellow and brown are easy to read.

Show threadCarstenJan 20

@markmcb And with your front page - ah you make me overthink – AGAIN!!! – my website layout. I just changed it to display my journal entries – not yet live, the new one – but maybe I adopt yours. If that is ok with you. That is actually a great idea to do.

Instead of using an “overbloated" homarr, or homepage, or homer instance…
But, if I may ask. what do you use for your internal homelab things? Also a simple website?

Show threadMark McBrideJan 20

@cblte Yes, please borrow as you see fit. :)

For my internal web interfaces, I use nginx as a reverse proxy and have authelia handing authentication. Works quite well. To keep it organized I just maintain a simple html file with links to the various things and edit the html manually.

Show threadCarstenJan 20
@markmcb Thanks.
I always wanted to try out authelia. But never did. I might do. But for now, bitwarden handles all the logins quite nice. I assume, with authelia you only need one login, right?
Show threadMark McBrideJan 20
@cblte Yeah. While bitwarden may handle the passwords fine, the real question is how well do your apps handle security? LAN-only? Risk is low. If you want to access them on the Internet though you’re better off letting something that specializes in authentication handle that step and just proxy the apps. Like this you have one thing to ensure is well-secured vs. many. And like this you can even put things that have no authentication capabilities behind it. Definitely recommend Authelia.
Show threads4if 🇵🇸 🇮🇩Jan 21
@markmcb Thanks!, bookmarked and in the process of implementing this.