diff --git a/homepage/index.js b/homepage/index.js index 5497216..628a5bd 100644 --- a/homepage/index.js +++ b/homepage/index.js @@ -50,7 +50,7 @@ async function getProcesses() { // 127.0.0.1:19322 async function getNewCaptcha() { try { - return await fetch("http://startpage.arav.home.arpa/captcha/", {method: "POST"}).then(r => r.text()); + return await fetch("http://arav.home.arpa/captcha/", {method: "POST"}).then(r => r.text()); } catch { return null; } diff --git a/homepage/static/assets/css/articles.css b/homepage/static/assets/css/articles.css index cb0612c..9206896 100644 --- a/homepage/static/assets/css/articles.css +++ b/homepage/static/assets/css/articles.css @@ -34,6 +34,10 @@ pre { white-space: pre-wrap; word-break: break-all; } +figure { margin: 1rem 0; } + +figure.center { text-align: center; } + article { margin-top: 1rem; max-width: 100%; } diff --git a/homepage/static/assets/css/main.css b/homepage/static/assets/css/main.css index 0d43c39..f0edc31 100644 --- a/homepage/static/assets/css/main.css +++ b/homepage/static/assets/css/main.css @@ -7,7 +7,7 @@ :root { --background-color: #0a0a0a; - --background-image: url('/shared/img/desu_z.webp'); + --background-image: url('/shared/img/alpha1918_z.webp'); --primary-color: #cd2682; --secondary-color: #9f2b68; --text-color: #f5f5f5; @@ -17,7 +17,6 @@ @media (prefers-color-scheme: light) { :root { --background-color: #f5f5f5; - --background-image: url('/shared/img/desu_z_dark.webp'); --primary-color: #9f2b68; --secondary-color: #cd2682; --text-color: #0a0a0a; } } diff --git a/homepage/static/assets/img/articles/mikrotik_please_just_dont.jpg b/homepage/static/assets/img/articles/mikrotik_please_just_dont.jpg new file mode 100644 index 0000000..c948efb Binary files /dev/null and b/homepage/static/assets/img/articles/mikrotik_please_just_dont.jpg differ diff --git a/homepage/views/articles/hardening_mikrotik.pug b/homepage/views/articles/hardening_mikrotik.pug index 0ea6e9a..cc5af7b 100644 --- a/homepage/views/articles/hardening_mikrotik.pug +++ b/homepage/views/articles/hardening_mikrotik.pug @@ -26,13 +26,18 @@ block article li #[a(href='#art-5-2') Forward chain] h3#art-1 #[a(href='#art-1') 1. Introduction] + + figure.center + img(src='/assets/img/articles/mikrotik_please_just_dont.jpg' title='%)' alt='Just don\'t!') + figcaption You don't want to be like this, am I right? + p I always wandered, since I #[s joined a cult] got mine, why almost no one can properly secure them. Looks like people just don't bother to do that, and leave it as it is barely configured, and only whine when get hacked. But, holy shit, even through #[code Quick Set] you get a proper secure firewall, yet there are thousands of routers sticking out with a #[s naked ass] acessible WebFig (I bet alongside with it Winbox comes as well, didn't check). p In this article I'll show you how to harden your router's security. There's nothing difficult and could be find just by learning available features. Considering the firewall, I will just copy-paste a default set of rules, yeah, that feels no good, but what can I do if many haven't done even that. p If you are setting up a router for the first time I strongly recommend you use a default configuration as a base. First you need to reset a configuration to clear a router. For that in Winbox go to #[code System->Reset Configuration] and check an option #[code No Default Configuration]. In teminal #[code > system/reset-configuration no-defaults=yes]. And then using #[code Quick Set] configure basic access to the Internet and a LAN. We need #[code No Default Configuration] because these defaults doesn't include a firewall (if I recall correctly, I did that in 2019 for the last time). h3#art-2 #[a(href='#art-2') 2. Ways to harden your router] p Vital thing to do is to keep a firmware up to date. That's another major reason why routers becomes a part of a botnet — vulnerabilities. - p To do it in Winbox go to #[code System->Packages] and click a #[code Check For Updates] button. Or using teminal: #[code > system/package/update/check-for-updates]. + p To do it in Winbox go to #[code System->Packages] and click a #[code Check For Updates] button. Or using teminal: #[code > system/package/update/check-for-updates]. After a reboot you need to upgrade a RouterBOARD firmware. In Winbox go to #[code System->RouterBOARD] and click #[code Upgrade] button. After that reboot a router again, go for it in #[code System->Reboot]. In a CLI #[code > system/routerboard/upgrade], and then #[code > system/reboot]. p First thing is setting a password for your admin account. Many other articles recommend to rename it, but I never do that, because there's no access from outside anyway. Also we restrict from what addresses we can login. p Second, restrict access to router's configuration by IP, and disable not used services. p And here comes a firewall. diff --git a/shared/assets/img/alpha1918_z.webp b/shared/assets/img/alpha1918_z.webp new file mode 100644 index 0000000..b3fa176 Binary files /dev/null and b/shared/assets/img/alpha1918_z.webp differ