c0m4r / _nginx_ssl_php_fpm_certbot.md

Last active November 3, 2024 09:53

nginx ssl + ocsp + http/2 + quic + php-fpm + certbot

This setup allows restrictive chmods, which prevents users for reading the conents of each others directories and provides a layer of security against reading raw PHP code in case of FPM failure. You can set chmod 600 for all .php files and chmod 640/710 for any other static files/dirs.

certbot certonly -d example.com
useradd -m -d /home/example -s /bin/bash example
usermod -a -G nginx example
su - example -c "mkdir ~/www"
chmod 710 /home/example
chmod 710 /home/example/www
su - example -c "echo '' &gt; ~/www/index.php"

c0m4r / _malicious_hide_youtube_short_extension_in_google_chrome_web_store.md

Last active February 21, 2025 21:49

Malicious "Hide Youtube Shorts" extension in Google's Chrome Web Store

TL;DR: This extension for Chrome and Brave is malicious, do not use it.

(Update) A follow up story by Wladimir Palant: https://palant.info/2024/10/30/the-karma-connection-in-chrome-web-store/

(Update 2024-11-11) The extension has been removed from CWS and marked as violating Chrome Web Store policies (which is good, but odd, as it should be marked as malware)

c0m4r / radxa_rock5c_lite.md

Last active April 2, 2025 17:11

Radxa ROCK 5C Lite - all you need to know in one place

Radxa ROCK 5C Lite

All you need to know in one place.

Table of contents:

Resources
What is "Lite" about Rock 5C Lite
Use-case