You said Traefik is getting certs from Cloudflare, but do you mean it's getting Let's Encrypt certs using a CF DNS challenge? And if that is the case, then your browser should trust the Traefik endpoint since LE certs are publicly trusted.
Are you sure you're hitting Traefik when you get a cert warning? You need to update your internal DNS if not.
You're not wrong. But as we get older we also tend to lose the passion and fervor we used to have to fight for what we believe in. Instead, we try to convince the younger generations that they'd be better off falling in line, when in reality we've just been beaten down and are tired.
The reality is somewhere in between. As you say, it's nuanced.
But (and this is probably my beaten-down cynicism) the youth vote will never matter to the degree which it should. They will never actually turn up at the polls. I've been hopeful and let down too many times.
Yep totally. The documentation is downright wrong so much more today than it used to be. It's all written like they pawned it off on a junior engineer, who then threw shit at the wall until they got it working, then that process becomes the official documentation.
And don't get me started on Copilot hallucinating Powershell cmdlets.
With support it's become kind of a game to see how quick you can get to T2. My tactic is to passive aggressively point out how their first response shows a complete lack of understanding of the topic, then directly request escalation.
The reality is they probably don't know the full scope or root cause and are going off of limited reporting coming from their beta channels.
But they likely determined the impact was low enough that they could still ship the update while they investigate further.
There are similar known issues reported in the update KBs all the time that sound much worse to me as an admin but are as equally low impact in the end. But they're not as easy for the layperson to latch onto like these low-effort "VPN no worky" articles.
Regardless, none of this absolves IT of the responsibility of testing patches.
Exactly. Everybody on Lemmy a couple days ago was acting like the sky was falling when all we had were these one-paragraph FUD articles quoting Microsoft's own KB article. Most people commenting have no clue that "VPN" is a broad term covering at least a dozen different possible protocols and acted like Microsoft was intentionally breaking all VPNs.
The only thing I found was a reddit thread talking about how some VPNs using TPM-backed certs were broken. I, for one, am using an IPsec VPN with certs stored in TPM on one of the affected versions of Windows 11 and have had no problems. Nor have I had any issues with SSL or Wireguard-based VPNs, so it does just seem to be a fringe case they're warning about.
So Microsoft is just giving a heads-up that IT should probably include VPN testing in their patch cycle test rings and all the anti-MS people are losing their shit.
ASAs are still way more prevalent than they should be when Palo Alto and others are much better options. Still, I'm glad I barely have to deal with them any more.
I like returning 418 instead of 404 or 403 on the files the script kiddies are hunting for on my web servers. I'm sure it does nothing but I'd like to think I've wasted some of their time at least once.
While I can't speak from experience, I would imagine this isn't terribly uncommon for black people in America at least (and other people of color).
There's still a lot of systemic racism over here, so unfortunately sometimes you have to mask who you are just to approach being treated the same as white people.
Third. The first thing I mention when one of my clients asks anything about PCI is to offload as much card processing onto third parties as possible.
And if you have nothing in place yet, then 100% offloaded should be possible (with the possible exception of secure payment terminals if you need to process physical cards).
That said, it is still possible to use your own hosted WordPress storefront and offload the payment processing via tokenization or redirection. But a turnkey solution like Shopify might be better if you lack the experience.
I've always felt the protagonists win in 12 Monkeys. They say in the beginning that the virus outbreak can't be prevented (it's not that kind of time travel), but they needed a pure sample of the virus for the future to cure it. I don't want to spoil anything more than I have, but the plane passenger at the end is relevant. They work in insurance.
You said Traefik is getting certs from Cloudflare, but do you mean it's getting Let's Encrypt certs using a CF DNS challenge? And if that is the case, then your browser should trust the Traefik endpoint since LE certs are publicly trusted.
Are you sure you're hitting Traefik when you get a cert warning? You need to update your internal DNS if not.