#dev 2024-02-25

2024-02-25 UTC
bterry, tPoltergeist, AramZS and jacky joined the channel
# 05:52 
[0x3b0b] Most of my domains are on porkbun, one on Infomaniak and one that I think I haven't moved off Godaddy because I couldn't find anywhere else I was happy with to put it.
AramZS, kody, tPoltergeist, mahboubine, lazcorp, geoffo, [Joe_Crawford], bterry, jonnybarnes, [benatwork] and [Al_Abut] joined the channel
# 18:24 
[Al_Abut] [capjamesg] your clickable map-based nav is so fun. I felt like I was playing Myst in your home and looking for clues.
# 18:25 
capjamesg [Al_Abut] I am seriously considering putting it on my homepage.
# 18:25 
capjamesg I'm not sure how to make it fit in yet, though.
# 18:28 
[Al_Abut] Ah, the age old problem of home pages everywhere…
tPoltergeist joined the channel
# 18:31 
[Al_Abut] My first gigs were in academia and I picked up an entire book on home pages by Jakob Nielsen because I needed strategies and coping mechanisms for the entire org clamoring for space on the department’s main pages. It’s like the digital version of waterfront property that everyone wants a piece of real estate.
[KevinMarks] joined the channel
# 18:42 
[KevinMarks] Conway's law of websites
# 18:42 
[KevinMarks] Also https://xkcd.com/773/
# 18:42 
Loqi [preview] [XKCD] University Website https://imgs.xkcd.com/comics/university_website.png
tPoltergeist, jacky, [Paul_Robert_Ll] and to2ds joined the channel
# 19:33 
to2ds [KevinMarks] - Ain't that the truth! 😄
# 19:33 
[tantek] It's such a classic and yet evergreen comic
# 19:35 
to2ds Indeed.
tPoltergeist and geoffo joined the channel
# 19:38 
to2ds A typical website nowadays mystifies you with the cookie pop-up gauntlet, dazzles you with glitz and bling, all without coughing up the actual information you sought in the first place 🤔
[tantek] joined the channel
# 19:47 
[tantek] Or you see none of that thanks to browsing with NOSCRIPT
# 19:47 
[tantek] and if a new site is js:dr, you move on. Plenty of other tabs to read
# 19:48 
[tantek] Folks publishing js;dr "content" / websites really don't understand they're losing in a competition for attention among other new sites
# 19:48 
[tantek] And devs that sell such site services are doing a disservice to their customers
AramZS and tPoltergeist joined the channel
# 19:56 
to2ds The devs should probably be upfront about the pros and cons of pure js;dr website.
# 19:57 
[tantek] For *publishing* it's all cons
# 19:58 
aaronpk the only pros I hear of for js;dr are all about the developer experience, which is not a great thing to prioritize
tPoltergeist, jacky and to2ds joined the channel
# 20:43 
to2ds Does js;dr help to thwart scrapers?
# 20:47 
aaronpk not any that are determined
# 20:48 
aaronpk and frankly often times it makes it even easier, because often people will put their content behind a nice JSON API that the frontend requests
# 20:51 
to2ds That makes sense since they can just go to the data source directly.
# 20:57 
starrwulfe Hey @snarfed, did you take down Bluesky crossposting temporarily? I'm getting `500 Internal Errors` on http: brid.gy/publish/bluesky and also whenever using the API token directly.
# 21:00 
starrwulfe !tell snarfed please check `@starrwulfe.xyz` bluesky crossposting logs for publish errors -- not sure if this is just my account or a widespread issue.
# 21:00 
Loqi Ok, I'll tell them that when I see them next
jacky, tPoltergeist, [qubyte], opadougie and [tw2113] joined the channel
# 23:35 
_tommys are there any guides out there about running a self-hosted web server on my own network with security in mind/at the forefront? I'm interested in making a raspberry pi Apache server for serving my website(s) but I am a bit concerned about it being a wide open vector of attack to my home network
# 23:37 
superkuh The most secure thing is just to use .html and other files. If you don't involve a dynamic scripting language or complex backend you'll never have trouble.
# 23:37 
superkuh apache or nginx serving directories with files is incomparably more secure than running a web browser that executes all javscript from anyone.
# 23:40 
_tommys i mean if it's on my home network, it's a route in to that isn't it?
# 23:41 
superkuh Just forward router port:80 to internal.ip.address.whatever:80 (and 443). That's the only route. Remote exploits for apache or nginx are extremely few and far between, like decade+.
# 23:42 
superkuh Whereas your normal web browsing with JS enabled is far more likely to be the route into your home network.
# 23:42 
superkuh If you want to do something like run some php application with database then, yeah, it's a security risk.
# 23:42 
superkuh But serving static files? Doesn't even raise the noise floor.
# 23:51 
_tommys ok, many thanks 🙂