1. Disable passwordless login.
2. Disable password login.
3. Require SSH keys
4. Move SSH port to non-standard port
5. Reject connections to port 22
6. Install and enable fail2ban

About the best you can do.

Caddy manages everything, including certs for both domains. So I guess my answer would be, you don’t.

Caddy does not need 80 and 443.

By default and all measurable expectation it does. Unless you can’t use privileged HTTP/HTTPS ports, there’s no real reason to use unprivileged ports.

Besides, op doesn’t mention having problems with ports

OP said he was having issues, and this is a common issue I’ve had. Since he was non-descript as to what the issues were, it’s really not stupid to mention it.

Well that’s dope… Didn’t know that was a thing.

The biggest issue I have with Caddy and running ancillary services as some services attempt to utilize port 80 and/or 443 (and may not be configurable), which of course isn’t possible because Caddy monopolizes those ports. The best solution to this I’ve found is to migrate Caddy and my services to docker containers and adding them all to the same “caddy” network.

With your caddy instance still monopolizing port 80 and 443, you can use the Docker expose or port parameters to allow your containers to utilize port 80 and/or 443 from within the container, but proxify it on the host network. This is what my caddy config looks like;

{
        admin 127.0.0.1:2019
        email {email}
        acme_dns cloudflare {token}
}
domain.dev, domain.one {
        encode zstd gzip
        redir https://google.com/
}
*.domain.dev, *.domain.one {
        encode zstd gzip
        @book host bk.domain.dev bk.domain.one
        handle @book {
                reverse_proxy linkding:9090
        }
        @git host git.domain.dev git.domain.one
        handle @git {
                reverse_proxy rgit:8000
        }
        @jelly host jelly.domain.dev jelly.domain.one
        handle @jelly {
                reverse_proxy {ip}:8096
        }
        @status host status.domain.dev status.domain.one
        handle @status {
                reverse_proxy status:3000
        }
        @wg host wg.domain.dev wg.domain.one
        handle @wg {
                reverse_proxy wg:51820
        }
        @ping host ping.domain.dev ping.domain.one
        handle @ping {
                respond "pong!"
        }
}

It works very well.

It’s likely illegal. The administration would call it theft of service because it’s not authorized and they wouldn’t be wrong. I also don’t see why you would want to do it. You’re giving the IT department at your school complete access to your web history.

I can’t for the life of me understand how you’re having a difficulty understanding this to begin with…

You said that at 4% market share they would be idiots to not break their backs chasing that 4% in revenue but were there right now and they’re not breaking their back at all they’re hardly doing anything…

The entirety of your statements that you’ve said so far are verifiably incorrect because they are the reality that we’re living right now. I’m not the one that struggling with reality buddy, that’s you.

Nobody said they’re not. Jesus. You get really upset when someone points out that you’re wrong, don’t you?

Fact of the matter is, is that *nix is less than 4% of the market, and they’re not going to upset the market for that 4%. It will eventually get bigger, but until it does, there’s not a lot of hope.

This is the year of the linux desktop.

It’s not trust me bro at all. That’s the situation we’re currently in. So if these businesses would be “crazy” to leave all this money on the table and they currently are, what does that say to you?

I know critical thinking is hard, but try.

The market share is already there and there not doing open source drivers, so I guess you’re empirically wrong. I dunno what else to tell ya.

Well they’re not, so I guess they are. 🤷‍♂️

I don’t disagree, but at the same time, circle back to my original statement. Even if every single *nix user were to only use open source drivers, that’s still not enough. 4% of the market share isn’t going to change anyone’s mind about *nix support.

Because hardware manufacturers don’t care about 4% market share. They just don’t. They can’t survive by pandering to that 4%, and it costs them time and money to make decent hardware drivers for linux.

Sad truth of it.

I mean… It wouldn’t even be the first time, so 🤷‍♂️

That’s the beauty of it! You can’t! AI can’t commit malpractice, because you have to prove professional negligence! /s

This has always been the key. Amazing to me that not many seem to take it seriously.

Because it has integrations for The Internet Archive: https://x0.at/Wny_.png

It says “local html” but I have a feeling it simply grabs a copy from the internet archive. I can’t even find where its storing these copies with it enabled.

So does requiring all users to phone you ahead of time to get a temporary password that’s only alive for 20 minutes… But that’s also not done because it’s…stupid.

There are dozens of tools and methods (like jumpboxes) which facilitate the authorization and usage of currently available and time tested tools for usage with environments without reinventing the wheel. Stepping away from the unix philosophy is heresy of the highest degree.

It’s not a problem with the tool, only the plumber.

There is. wget doesn’t follow recursive links by default. If it is, you’re using an option which is telling it to…

It does neither. It doesn’t create snapshots of pages at all… It’s a bookmark manager.