Maybe I'm not seeing the big picture here, but we should let them continue using those free domains for spam, that way we can simply blacklist the TLD entirely. That's 60% less phishing emails right there.

Yes, that was another can of worms (https://forum.cloudron.io/topic/12112/email-smtp-connection-closed/16?_=1721229448552). They thought the Hetzner IP (US server) was from iran and had it blocked causing the SMTP issue. I had to reassign new IP to the server and SMTP is working now. On my third attempt, I got one that's not blacklisted anywhere (yet). edit: tying up loose ends by adding link

@humptydumpty You have to remember that 99% of providers have the login ‘root’, according to me the only provider I tested was OVH they have ‘ubuntu’. As for SSH security, I recommend to disable the password login, only with the key. Another option is to restrict in the Firewall in the Hetzner panel port 22 to your home internet IP address

I'm signed up. Not banned yet

@aessen I'm interested in giving SPN/Portmaster another go. Did you end up making that video?

I update IPdeny lists (in order to block certain countries) with @imc67 script, see https://forum.cloudron.io/topic/3795/firewall-spamassassin-automatic-list-update?page=3 It's not state-of-the-art security, but the spam and mail server abuse attempts have dropped significantly.

@dsp76 https://blog.dnsimple.com/2014/01/why-alias-record/ is where I learnt about it first

Black Mirror: https://x.com/elonmusk/status/1792690964672450971

@girish He likes running services like this so people can maintain anonymity when visiting popular online services. It is a calling of his. He stays abreast of what Free Software alternatives are available for sites like Youtube and then runs them on his (quite beefy) servers.

https://support.google.com/jamboard/answer/7424836?hl=en Jamboard is a digital whiteboard that lets you collaborate in real time using either the Jamboard device (a 55-inch digital whiteboard that works with G Suite services), web browser or mobile app.

@IniBudi Generally speaking, the only times where Linux needs to reboot for updates is when the file being updated was in use during the update itself, situations like the following but not limited to: Service(s) were updated but not restarted may require update Kernel updates or Kernel Module updates As you saw from other replies there are different ways around it, if you're paying money. But generally speaking, unless there was a huge security update, you can hold off on rebooting until the weekend when there is likely less server traffic.

It is unfortunate that Cloudflare are becoming a choke-point on the internet. Thanks for publishing your research! Why did you like porkbun for DNS?

@BrutalBirdie Yes, something just like that. If there is any Open Source equivalent, that would be good to know.

Update: The Easiest Approach to Deploy Flowise I just figured out an approach that is much better than using Dockerfile (as described above). If you are using Huggingface, then you must use Dockerfile. However, using Dockerfile means the server will build the image from scratch. This requires at least 2vCPU and 16GB of RAM. Huggingface offers 2vCPU and 16GB of RAM for free. But if you are using Coolify, then you have to scale up your server (at least for the building process). A better way to deploy Flowise is to use a prebuilt image. Easypanel is actually using this way to deploy Flowise. The image it is using: flowiseai/flowise:latest [image: 1715768848080-424d88be-9c04-4033-9d36-73765263815a-image-resized.png] But if you are using Coolify, this image does not work very well. I tried many many times. I recommand using another image built by Elestio: elestio/flowiseai:latest [image: 1715768929610-f1de0fcc-cbe7-4d2f-a3d4-89a626371cc8-image-resized.png] Just copy "elestio/flowiseai:latest" and paste it to Coolify, and expose a PORT (such as 3000, 8000), and hit Deploy!

@humptydumpty the basic tier unlocks the time machine feature and allows you to add 1 person to your team.

@LoudLemur The devil is in the updates, backups, and support. Anyone using those stack, likely also knows how to self-host.