English Español Deutsch Français Italiano

mirrors: kloshost.online kloshost.i2p

Site logo image

<Main Page | Services | Blog | Price List | Canary | About | User Policy | Guides | FAQ | Contact>
<Account FAQ | Hosting | Service Management | Relays | Shell Accounts | ViewPVS vendor store | Virtual Private Servers>

I cook a delicious onion stew, without any chilli peppers.

Join the KLOS Community Forum to chat darkweb. (i2p helper)
We also sponsor Juvenile, a links list and communications server.


Security related downtime

For certain package updates now the server has to be taken online. Basically, even the sysadmin role in SELinux can no longer change certain things. This can't be changed and has been ordered by my soup nazi pentester. So I have to shut down access to the server now from time to time, probably every couple of weeks.

You should consider it worth it because we've lowered our attack surface in what an intruder will be able to do. However it restricts updates and my own administrative actions.

SELinux is also why we still don't have automated registration and you're stuck with me as a human control panel. However in the lab on the testing service we are getting such a facility working, and that server is experimental and our future. The production server uses SELinux in 'targeted' mode, but we hope to develop a system which is in strict mode. This is a tall order for a shared webserver, but I should be able to get it working.







2024 Kaizu Shibata, server time 13:28:21 28/03/24 UTC

Powered by Kaizu's Picosite 1.2.3 (klos version)!, and nginx running on Gentoo Hardened.

The picosite template file for this website, and the current page.php.
$ ln -s page.php page.php.txt
3Z5p4mn5N5mJMQ