• 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: July 3rd, 2023

help-circle









  • Japan is very similar but not exclusive to parks, even in the middle of Tokyo. Pretty much EVERYWHERE in Japan expects you to carry your own trash.

    The only exception to this really being at restaurant’s, street food markets, and “some” vending machines (which will have recycling for cans/plastic).

    And you know what? There’s very little trash on the streets. The dirtiest areas I experienced was Osaka near Amerika-mura (young trendy area) which was mostly just stuck gum, cigarette butts, and in the early AM maybe an empty can of beer.


  • Personally I trust Bitwarden more than myself to keep all my passwords secure AND available. They’ve got a good track record as far as I’m aware.

    For general security hardening though…

    I use Shodan to help me identify if anything is misconfigured and what is visible from the web. You can pick up an account for usually $1 for life when they run a deal, then you can just monitor your DDNS, domain, and IP address and have it email you when any new services are detected.

    Cloudflare Tunnels, to remove the need for a nginx reverse proxy (with the added benefit of easy failover as well as simplifying your stack). Then I’m utilizing Cloudflare’s WAF to handle filtering out known malicious, foreign IP addresses, and other malicious traffic.

    Another route you can go is a Nginx/haproxy reverse proxy behind something like Suricata. Then you can utilize something like fail2ban or crowdsec.

    Authentik. Get everything behind a SSO experience and don’t expose your backend services to unauthenticated local traffic (utilize http basic auth with header passthrough in authentik). So many people setup auth wrong and then have something like auth.domain.com going through auth but then mistakenly have their external IP address setup to allow traffic in authenticated.