While switching the server software I use, I got the redirection logic wrong, and some information that I normally wouldn't publish ended up visible.
thecshore.com Server Misconfiguration
If you visited any site ending in .thecshore.com, the record of your IP
address visiting this site was visible from about June to Aug 5
A number of email addresses from and to thecshore.com in 2018 and until
early 2019 have been visible. I will be attempting to determine exactly
what emails are impacted and to communicate with the affected parties.
To my knowledge the sites have not been compromised by a third
party/parties (crackers), despite the misconfiguration.
Lesson learned: Don't do stats generation locally; securely gather the
logs using an intermediate host, and only process and display on an
internal host.
General rule of thumb: Don't use a webserver for server private data as
well as public data. In this case the data are not ultra-sensitive, but
it's enough that I am reminded of why ‘the cloud’ is not a good place
for private data.
The contact form got broken (again!) by a security policy change in the underlying OS for this site. That's been fixed and I've added alternate contact information in case more breakage occurs.
I've now built sites using a variety of static generation methods, participated in wikis and other's CMS systems, and was hosting a Plone instance (dynamic CMS), so I've decided to post a comparison of the different (and similar) trials and tribulations of using open source solutions for dynamic vs static web content management.
Around 2011 Android devices based on the WonderMedia 8xxx-series SoC (ARM v5) were being sold as netbooks. This article describes getting Debian 7 (Wheezy) running from SD card on one such: a Craig CLP281 Netbook.
Not worth it for most SOHO (Small Office Home Office) / startup deployments. I'd call three storage nodes, two controllers, and five reasonably beefy compute nodes the minimum to even consider the option. Headless libvirt combined with virt-manager makes a far less complicated VM environment and it can be online much more quickly.
The cross-compilation toolchains builtin to most modern Linux distributions do not support older versions of GCC. For old kernels (and other software) that require GCC4 or lower for building, this poses a challenge. One either needs to build a cross-compilation toolchain or use virtualization. This article describes setting up a cross-compilation toolchain.
Due to SELinux and AppArmor, as well as other permissions issues, simple mail relays like msmtp and ssmtp are no longer viable. Therefore document how to do simple mail relaying with postfix.
The cross-compilation toolchains builtin to most modern Linux distributions do not support older versions of GCC. For old kernels (and other software) that require GCC4 or lower for building, this poses a challenge. One either needs to build a cross-compilation toolchain or use virtualization. This article describes setting up a virtual ARM environment for doing armel (ARMv5) compilation using docker containers.
![[Logo for The C Shore Landing Page]](../../../../images/ascface.svg)