# I am the Watcher. I am your guide through this vast new twtiverse.
# 
# Usage:
#     https://watcher.sour.is/api/plain/users              View list of users and latest twt date.
#     https://watcher.sour.is/api/plain/twt                View all twts.
#     https://watcher.sour.is/api/plain/mentions?uri=:uri  View all mentions for uri.
#     https://watcher.sour.is/api/plain/conv/:hash         View all twts for a conversation subject.
# 
# Options:
#     uri     Filter to show a specific users twts.
#     offset  Start index for quey.
#     limit   Count of items to return (going back in time).
# 
# twt range = 1 14
# self = https://watcher.sour.is/conv/7xqzija
prologic
twtxt.net
View Thread
Having a lot of fun with Coraza today. A Web Application Firewall library written in Go that also happens to have a Caddy module.
prologic
twtxt.net
View Thread
Having a lot of fun with Coraza today. A Web Application Firewall library written in Go that also happens to have a Caddy module.
kat
yarn.girlonthemoon.xyz
View Thread
@prologic oooh gonna have to look into this, doubt most of my sites need it but i'm thinking one or two could use it
kat
yarn.girlonthemoon.xyz
View Thread
@prologic oooh gonna have to look into this, doubt most of my sites need it but i'm thinking one or two could use it
prologic
twtxt.net
View Thread
@kat If you've been following my yarns the other day about me getting off of Clownflare and building my own WAF, Proxy and effectively my own Edge network, you'll know I'm doing this at the very edge 🤣🤣
prologic
twtxt.net
View Thread
@kat If you've been following my yarns the other day about me getting off of Clownflare and building my own WAF, Proxy and effectively my own Edge network, you'll know I'm doing this at the very edge 🤣🤣
prologic
twtxt.net
View Thread
I'm just basically learning now how ModSecurity rules work and how to write my own.

The builtin OWASP rules are already working nicely 👌 -- And yeah I won't include the WAF on every site block, probably just my main/primary domain where I tend to run demo services and other things.
prologic
twtxt.net
View Thread
I'm just basically learning now how ModSecurity rules work and how to write my own.

The builtin OWASP rules are already working nicely 👌 -- And yeah I won't include the WAF on every site block, probably just my main/primary domain where I tend to run demo services and other things.
prologic
twtxt.net
View Thread
i.e: Not much point in running a WAF on a static site. But OTOH if there's enough abuse from shitty assholes, there might be 🤔🤔
prologic
twtxt.net
View Thread
i.e: Not much point in running a WAF on a static site. But OTOH if there's enough abuse from shitty assholes, there might be 🤔🤔
kat
yarn.girlonthemoon.xyz
View Thread
@prologic that's iconic af though like i should do the same bc i hate cloudflare that much i just refuse to use them
kat
yarn.girlonthemoon.xyz
View Thread
@prologic that's iconic af though like i should do the same bc i hate cloudflare that much i just refuse to use them
prologic
twtxt.net
View Thread
@kat I've actually moved most of my stuff of of Cloudflare now 🤣 I'm actually very happy with my edge proxy setup that reverse proxies, caches and acts as a web application firewall 🥳
prologic
twtxt.net
View Thread
@kat I've actually moved most of my stuff of of Cloudflare now 🤣 I'm actually very happy with my edge proxy setup that reverse proxies, caches and acts as a web application firewall 🥳