1. sergsoares 3 days ago

   Not expose the server IP is one practice (obfuscation) in a list of several options.

   But that alone would not solve the problem being a RCE from HTTP, that is why edge proxy provider like Cloudflare[0] and Fastfy[1] proactivily added protections in his WAF products.

   Even cloudflare had an outage trying to protect his customers[3].

   - [0] https://blog.cloudflare.com/waf-rules-react-vulnerability/ - [1] https://www.fastly.com/blog/fastlys-proactive-protection-cri... - [2] https://blog.cloudflare.com/5-december-2025-outage/

2. sergsoares Dec 13, 2025

   Same doubt here, a disaster even bigger (Maybe in Mac ?)

   That is why I prefer OTP all the time, easier to backup and restore.

3. sergsoares Sep 28, 2025

   Some Cloud functions like lambda support OCI container as a runtime target for example.

   I understand that feeling but can be hard a provider that fill all that requirements without a expensive cost.

   Integrate with the edge computing is part of the price you pay for all the conveniences like automatic builds, Cron and public reachable endpoints (and some of them almost free).

   A minimal VPS with linux is always an alternative.

4. sergsoares Sep 25, 2025

   Really great post with that interactive examples and the example of mysql x postgrel too.

   I would like read more about that topics with that level of detail.

5. sergsoares Sep 25, 2025

   Using podman for years for local containers development and the last months for hosting my personal services is good to see that.

   Congrats to podman team.

6. sergsoares Sep 12, 2025

   For me replicate an old P3 1000mhz that I study and played a lot of games.
7. sergsoares Sep 12, 2025

   The attention and care to the details of that post are incredible.
8. sergsoares Sep 12, 2025

   Easy and useful, usually the basic is better.

   I ever plan do it with sqlite, loading it at memory during app start and flush data to s3 during runtime but it create more corner cases and logic to handle.

9. sergsoares Sep 11, 2025

   I understand that disks snapshots with ZFS for example can cover most part of the needed on recovery scenarios.

   But immutable OS are helping in progress some sandbox tools and allowing new workflows to manage the OS (virtualized or not).

10. sergsoares Sep 7, 2025

    You can use a localhost Cockpit with SSH Port Forwarding.

    > Configure Cockpit to listen only loopback/127.0.0.1[1]:

    [Socket]

    ListenStream= #This remove 0.0.0.0:9090 bind based on the docs

    ListenStream=127.0.0.1:9090

    > Execute in your machine a port forward with SSH[2]:

    ssh -N -L 9090:127.0.0.1:9090 host@ip

    > Then you can open localhost:9090 in your browser securely only using SSH (that is already part of your actual workflow).

    [1]: https://cockpit-project.org/guide/latest/listen

    [2]: https://coder.com/docs/code-server/guide#port-forwarding-via...

This user hasn’t submitted anything.