dch :flantifa: :flan_hacker:
boosted
I'm pleased to say I've been able to write a Tutorial series on how to get a quick-and-dirty implementation of Client Certificate Authentication using PFSense and HAProxy!
Feel free to have a read here:
https://seantodd.co.uk/series/client-certificate-authentication-in-pfsense-with-haproxy/
Just managed to get my first Client SSL authentication working with PFSense and HAProxy!
Getting to understand the ACL ordering was my biggest hurdle, but I can now reject access to my internal apps from the wider internet unless theyre using a client certificate. There's even a bypass for internal IP addresses so I don't need to resort to split-brained DNS!
I'm pleased to say I've been able to write a Tutorial series on how to get a quick-and-dirty implementation of Client Certificate Authentication using PFSense and HAProxy!
Feel free to have a read here:
https://seantodd.co.uk/series/client-certificate-authentication-in-pfsense-with-haproxy/
Just managed to get my first Client SSL authentication working with PFSense and HAProxy!
Getting to understand the ACL ordering was my biggest hurdle, but I can now reject access to my internal apps from the wider internet unless theyre using a client certificate. There's even a bypass for internal IP addresses so I don't need to resort to split-brained DNS!
dch :flantifa: :flan_hacker:
boosted
Security Audit of HAProxy funded by the french Cybersecurity Agency (ANSSI). It was aimed at evaluating the security level, focusing on code source analysis, fuzzing and dynamic penetration testing. Evaluation and report by Almond #Infosec #HAProxy https://almond.eu/cybersecurity-insights/publication-of-a-security-audit-report-performed-on-haproxy/
Security Audit of HAProxy funded by the french Cybersecurity Agency (ANSSI). It was aimed at evaluating the security level, focusing on code source analysis, fuzzing and dynamic penetration testing. Evaluation and report by Almond #Infosec #HAProxy https://almond.eu/cybersecurity-insights/publication-of-a-security-audit-report-performed-on-haproxy/
Anybody running #haproxy on #FreeBSD?
And if so, does your instance(s) take for-fracking-ever to restart when you do a:
service haproxy restart
?
I usually end up killing the haproxy process just to make it restart faster. I haven't dug into too much because it is so easy to work around, but maybe my setup has something egregiously wrong, or there is an obvious fix?
Edit: And fixed! See replies.
Do we want to work for Google for free?
I feared this day was coming — this is the first site I see closing down, because Google has stolen their content.
The owners of this cycling inspiration site asks: What is the reason to continue creating content, when Google just steals it and serves it as AI answers to keep all the traffic to itself?
It seems our EU politicians are soundly asleep at the bike handlebar.
https://www.holland-cycling.com/blog/321-holland-cycling-com-stops-in-2026
Via @saarmuller.
@randahl @saarmuller For now, most of these LLM search engine / crawlers adhere to robots.txt
Meaning, blocking these activities of stealing traffic and content is largely solved by a well crafted robots.txt file:
You can easily setup a proxy like #haproxy to always serve a particular static robots.txt for all your domains in one go.
Additionally, with or without enterprise features, you can block all LLM traffic entirely in haproxy.
https://www.haproxy.com/blog/how-to-reliably-block-ai-crawlers-using-haproxy-enterprise
Stefano Marinelli
boosted
