Fail2Ban Behind a Reverse Proxy: The Almost-Correct Way

Fail2Ban is a wonderful tool for managing failed authentication or usage attempts for anything public facing. However, by default, it’s not without it’s drawbacks: Fail2Ban uses iptables to manage it’s bans, inserting a --reject-with icmp-port-unreachable rule for each banned host. The thing with this is that I use a fairly large amount of reverse-proxying on this network to handle things like TLS termination and just general upper-layer routing. Since it’s the proxy that’s accepting the client connections, the actual server host, even if its logging system understands what’s happening (say, with PROXY protocol) and logs the real client’s IP address, even if Fail2Ban puts that IP into the iptables rules, since that’s not the connecting IP, it means nothing. What I really need is some way for Fail2Ban to manage it’s ban list, effectively, remotely. Luckily, it’s not that hard to change it to do something like that, with a little fiddling.

Continue reading

AbuseIPDB Checking With Postfix

Updated Dec 31, 2021

So if you’ve not heard, there’s this website called AbuseIPDB, which, no affiliation, is a website where webmasters can submit reports of abusive IP addresses, and then query those reports, either manually, or using their REST API. And this is how I did exactly that, to help cut down some of the spam on my email server. Let’s get started.

Continue reading

Doing What Markdown Can't: Specifying Image Width and Height

By default, the Markdown renderer in Hugo, at this point in time, is Goldmark, a CommonMark compliant renderer. CommonMark makes no provisions for manually specifying the width or height of an image. There’s various extensions, like those for Pandoc, Kramdown, and GFM, but Goldmark doesn’t support those. Google is getting a little cranky with the amount of CLS on some pages, especially on mobile, so it’s a good idea for me to start specifying sizes for most images. How should I do this? By hacking it on as a feature that is in no way the intended use for anything involved.

Continue reading

Detailed Images, With No Shortcodes

If you remember when I first added the Medium Zoom library, I wasn’t using one of its features: the ability to load a larger image when the user clicks to zoom in, only when the user wants to zoom in. However, I added this later, and in that, the method I used was to use a Hugo shortcode to include the image with proper attributes in the <img> tag. Well as it turns out, I don’t need to do this. Now, I can have that happen automatically with standard Markdown ![image links]().

Continue reading

Giving My Sitemap Some Style

Now I know I’ve talked about sitemap.xml before, but quick summary: that’s an XML file that has a list of every (public) URL on your site, to make it easier for crawlers to index your entire site since that list (or, map) lays it out. Well as an XML file, it can take XML style sheets, in a format called XSLT, short for XSL Transformations, short for eXtensible Stylesheet Language. Yes, it’s XML all the way down. But, if you’ve looked at my sitemap, you’ll see I’ve gone and done it. This is how.

Continue reading

Shortening My URLs With

Has anyone noticed that I’ve been giving out URLs of the form and not Well, not only did I buy another domain that’s just a shorter version of this one, but it’s also, at the moment, the singular domain I have that’s 100% serverless. How? Cloudflare, obviously.

Continue reading

Using Cloudflare's HTTP/2 Server Push

For those unaware, when using Cloudflare to proxy your site, HTTP/2 support is usually on by default, and highly recommended, and you can also enable HTTP/3 too. But, for a while I thought that Cloudflare’s HTTP/2 would rob you of one of the really cool and touted features of HTTP/2: the server push. Well, as it turns out, that’s completely possible. Let’s dive in.

Continue reading

Temperatures as You Like

So here’s a short one for you: Do you like your temperatures expressed as °F, or °C?1

Well, there’s one fundamental issue with me writing like the way I have been. I can put, say, “I decreased temperatures by 20°F by cleaning the fans,” but if you’re a °C person, then you need to take a quick detour to convert that to units that you’re more familiar with. A common way to do this would be to notate that as “20°F (11.11 °C)”, which works, but I’m effectively stating myself twice, and hoping that I actually got my numbers right. Plus that opens up the possibility for writing °F (°C) one time, and °C (°F) another. So for basically no benefit except me getting to be proud of myself, let’s improve on that.

Continue reading
Older posts