You mean for the referer part? Of course you don’t want it for all urls and there’s some legitimate cases. I have that on specific urls where it’s highly unlikely, not every url. E.g. a direct link to a single comment in lemmy, and whitelisting logged-in users. Plus a limit, like >3 times an hour before a ban. It’s already pretty unusual to bookmark a link to a single comment

It’s a pretty consistent bot pattern, they will go to some subsubpage with no referer with no prior traffic from that ip, and then no other traffic from that ip after that for a bit (since they cycle though ip’s on each request) but you will get a ton of these requests across all ips they use. It was one of the most common patterns i saw when i followed the logs for a while.

of course having some honeypot url in a hidden link or something gives more reliable results, if you can add such a link, but if you’re hosting some software that you can’t easily add that to, suspicious patterns like the one above can work really well in my experience. Just don’t enforce it right away, have it with the ‘dummy’ action in f2b for a while and double check.

And I mostly intended that as an example of seeing suspicious traffic in the logs and tailoring a rule to it. Doesn’t take very long and can be very effective.

This is the way. I also have rules for hits to url, without a referer, that should never be hit without a referer, with some threshold to account for a user hitting F5. Plus a whitelist of real users (ones that got a 200 on a login endpoint). Mostly the Huawei and Tencent crawlers have fake user agents and no referer. Another thing crawlers don’t do is caching. A user would never download that same .js file 100s of times in a hour, all their devices’ browsers would have cached it. There’s quite a lot of these kinds of patterns that can be used to block bots. Just takes watching the logs a bit to spot them.

Then there’s ratelimiting and banning ip’s that hit the ratelimit regularly. Use nginx as a reverse proxy, set rate limits for URLs where it makes sense, with some burst set, ban IPs that got rate-limited more than x times in the past y hours based on the rate limit message in the nginx error.log. Might need some fine tuning/tweaking to get the thresholds right but can catch some very spammy bots. Doesn’t help with those that just crawl from 100s of ips but only use each ip once every hour, though.

Ban based on the bot user agents, for those that set it. Sure, theoretically robots.txt should be the way to deal with that, for well behaved crawlers, but if it’s your homelab and you just don’t want any crawlers, might as well just block those in the firewall the first time you see them.

Downloading abuse ip lists nightly and banning those, that’s around 60k abusive ip’s gone. At that point you probably need to use nftables directly though instead of iptables or going through ufw, for the sets, as having 60k rules would be a bad idea.

there’s lists of all datacenter ip ranges out there, so you could block as well, though that’s a pretty nuclear option, so better make sure traffic you want is whitelisted. E.g. for lemmy, you can get a list of the ips of all other instances nightly, so you don’t accidentally block them. Lemmy traffic is very spammy…

there’s so much that can be done with f2b and a bit of scripting/writing filters

In a perfect world, yes.

In reality, i knew what i did and why i did it, two years ago, after which i never had to touch it again until now, and it takes me 2 hours of searching/fiddling until i remember that weird thing i did 2 years ago…

and it’s still totally worth it

Oh or e.g. random env vars in .profile that I’m sure where needed for nvidia on wayland at some point, no clue if they’re still necessary but i won’t touch them unless something breaks. and half of them were probably not neccessary to begin with, but trying all differen’t combinations is tedious…

Also the largest number ever factorized on a quantum computer (not simulated) is like 30. So this is like 1950’s level of computing(in terms of number of transistors vs qbits) and we’re 20-30 years of incremental change away from really threatening encryption

Of course there are. But I mean, women’s hormones do affect mood during the menstrual cycle (my wife certainly says she’s more iritable before her period), and afaik the hormone therapy is some of the same hormones, so it didn’t seem far fetched at all to me that it could play a role. hence me asking.

but could as well have been some deep seated anger at the world or similar, or something in between. Mostly I was just trying to think of reasons for why she might not be as bad as she was seeming, benefit of the doubt kind of thing.

I used to work with a trans woman who was a huge bitch, at least some of the time. Like actually shouting at coworkers for tiny mistakes, all-caps shouting in company chat at people trying to help with stuff, thinking she’s the smartest person in any room, that kind of stuff.

i’ve always wondered if she’s just a bitch or if at least some of it could be a side effect of hormone therapy? I mean, completely changing the hormones for your body must have some pretty dramatic effects in many areas and might take a long time until your body adjusts.

but a definitely won’t just ask ‘yo. Are you just a huge bitch or is it your medication’ in a corporate setting.

[edit] just for clarity, she started transitioning about 1 month after she joined that team and I left after about a year and a half, in part because of the mood on the team going to shit, among other reasons. But so I couldn’t compare to pre-hormone therapy or anything like that.

[edit2] thank you for all the replies, this was really enlightening and answered a lot of questions! Especially on a topic i feel is discussed less often, or at least I haven’t come across.

A proper (CNC) milling machine and lathe, like ones you can work hardened steel with. Lots of better things you could buy for that money, but with a mill and lathe i could make those things for even more money!

Edit: oh and a proper garage/hobby room to put them in

Buddy Guy. the concert was pretty posh (think bankers in suits), with everyone having arranged seating, audience sitting still and quiet like at a classical music concert.

he was like ‘fuck this, this isn’t a proper concert, my guitar is wireless, let’s stand up, go to the entry hall and jam’. so he’s just standing in the middle of the crowd and going nuts, at like 83 years of age. That was amazing.

I used to believe that it merely moves jobs, but recently started having doubts. Given the increase in productivity in the past 50 years and the stagnating wages, it’s hard to still believe. I mean, sure people will get new jobs, but I doubt it’s with similar wages and benefits.

which is pretty self defeating as there will be no one left to buy the goods produced.

i have a venta lw45. same principle, but instead of a wick, it has these rotating disks that the water sticks to (with a little soap in the water). Works incredibly well, still uses next to no energy (<8W) and the disks are super easy to clean. It’s a beast, goes through 9 liters of water in a bit over a day. All the parts are easily accessible for maintenance and there’s replacement parts if anything ever were to break (though i havent needed those yet).

the disks are especially nice when you have hard water, the calcium can be a pain to remove from a wick, but you can put the venta plastic disks (and lower housing, if you can fit it) in the dishwasher to get them good as new. And calcium does not stick to them weld, so a quick rinse under a strong showerhead is usually enough to clean the disks. Definitely one of the best appliance purchases i ever made.

Also useful in this regard, python comes with a sìmple file server built in, python -m http.server --directory /dir/ would serve /dir/ on port 8000.

not sure i agree with that. I mean ok, i recently had three interviews for a company where each interviewer asked me almost the same questions. That was clearly a waste.

At my place, we do a 30min introductory call with the boss first, to quickly weed out unfit candidates and not waste employee and interviewee time with interviews. if that’s ok, then there’s three interviews of 45-60 minutes, one with the product owner that focuses on soft skills and team fit, one with the team your applying to and one with the other team (like frontend or backend) with more technical things, and also just if you’d like to work with this person.

no amount of interviewing will ever guarantee that things work out and unfit people can slip through cracks. And i hate wasting time in tons of interviews. But i’d also not want to work at a place where i know my coworkers were hired after just 1 hour quick chatting. That so little time to get an idea of a person, to spot any red flags. Heck, the ‘tell me a bit about yourself’ section of an interview is already 15 minutes and not usually very helpful.

What sucks the most about rust is that 90% of rust jobs are some crypto bullshit. I love the language, but finding normal jobs is near impossible.

At the same time, i could find 20 Go positions but Go just isn’t exciting. It’s the new java imo, working with it probably good for job security, but i just don’t see myself working in Go in the future as a main language.

You misunderstand, the first two commands are just one time setup to install a specific python version and then to create an env using that version. After that all you need is `pyenv activate myenv´ to drop you into that env, which will use the correct python version and make sure everything is isolated from other environments you might have.

You can also just create an env with the system python version, but the question was specifically about managing multiple versions of python side by side and this makes that super easy.

You could also combine it with direnv to automatically drop you into the correct environment based on the folder you are in, so you don’t have to type anything after the initial setup.

pyenv and pyenv-virtualenv together solves this for me. Virtualenv with specific python versions that work together well with other tools like pip or poetry.

It boils down to something like

$ pyenv install 3.12.7
$ pyenv virtualenv 3.12.7 myenv
$ pyenv activate myenv

and at that point you can do regular python stuff like pip installing etc.

You could give helix a try, feature/functionality wise it’s almost vim, but with 0 config needed and all commands easily discoverable which is closer to nano.

As someone who really tried to get into modal editors, both emacs and vim, for years, it was the first one where i was reasonably fast after a short time and it was easy to discover the keybindings.

‘Programming from the ground up’ the main idea of this one is to teach programming in a bottom up way, so very low level.

it’s mostly about teaching (linux) assembly to beginners, so in a way it is just learning a new language. But it’s mainly about understanding low level how a computer works, like registers, kernel calls, how function calls are handled, all for beginners. It’s really easy to pick up.

Knowing those fundamentals can go a long way in understanding other computing concepts.

Others that come to mind are :

• Designing Data-Intensive Applications: The Big Ideas Behind Reliable, Scalable, and Maintainable Systems
• A Philosophy of Software Design
• Software Architecture: The Hard Parts"

Have you tried Jellyfin? It’s a FOSS fork of emby, so pretty much a drop in replacement and it’s been working very well for me.

Personally I use jellyfin as a backend, with the web interface and jellyfin app as frontend. Plus Kodi as an additional frontend for my beamer, with the Kodi Jellyfin plugin and Yatse remote to make it feel more like a TV.

Might have been this? https://youtu.be/9-sbJ-xpnq8?si=eht5W2NCqYG6W-hq

one way to do this from within python itself would be to use the site module with pth files to monkeypatch the code in question. This would amount to patching it each time it gets started, not modifying the python file permanently, and without having to touch the original python code at all.

This write-up goes into more details and also links to this (unmaintained) tool for doing so.