Hacker Newsnew | past | comments | ask | show | jobs | submit | djwinter's commentslogin

DevOps Engineer | Full-time or part-time | Estonia | Remote

My company works with SaaS businesses providing cloud infrastructure management and support. A large portion of the work focuses on monitoring and observability of applications and platforms.

I need an extra pair of hands for a US client that is rapidly expanding in the museum industry with their white-label e-commerce SaaS. It is powered by a multi-region AWS architecture with further expansion in the pipeline.

This can be a full-time or part-time role. Based in Estonia but remote.

Contact: hn at djwinter dot co dot nz

More details: https://www.linkedin.com/jobs/view/3624147820/


SEEKING FREELANCER | Remote | DevOps Engineer with AWS and Elastic Stack (ELK) experience.

My company works with SaaS businesses providing cloud infrastructure management and support. A large portion of the work focuses on monitoring and observability of the applications and platforms.

This project is for a US client that is rapidly expanding in the museum industry with their white-label e-commerce SaaS. It is powered by a multi-region AWS architecture with further expansion in the pipeline.

This is a contract role to support a growing workload, beginning with up to 40 hours per month.

Contact: hn at djwinter dot co dot nz

More details: https://www.linkedin.com/jobs/view/3593434928/


FYI: The shared link is private, this seems to be the correct one https://www.linkedin.com/jobs/view/3593434928/


Thanks!


I paid the yearly fee for two years up until 2020. There were a handful of authors and topics I liked on Medium. Those authors have since left the platform. The topics I’m interested in kind of dried up with not much worth reading these days.

I don’t care so much about the paywall. It is the low quality of content that pushes me away.

Writers saw an opportunity to make money on Medium. This gradually dragged down the overall quality of writing on platform, and likely the reputation of the platform itself.

These days whenever I do click through to a Medium article, it rarely delivers on its title.


I suspect I was banned from Instagram in the same way. No explanation was given.

I use ProtonVPN. It wasn't until Spotify stopped working sometime later (403 Forbidden for all HTTP requests) that I narrowed it down to using VPN.

Seems to be a growing thing. Thankfully, Spotify didn't do anything to my account, and it continued to work from regular IPs.


At work we got a login attack via VPN IPs and we blocked VPNs from login in via AWS WAF and 2 days later a major user was complaining that he cant login. We had to remove the rule. (developers were working on captcha in the meantime)

I also used a tunnel when Spotify was not available globally. It did not create any issues.

Using a Public VPN is double edged sword. If you really need it its better to setup a wireguard tunnel to a own server as the the Public VPN IPs as monitored by the security companies and also get abused all the time.


The reason OP flipped between VPN exit locations in the first places has been because they wanted a VPN against the local ISP (public wifi, apparently) manipulating/sniffing traffic, without the latency penalty of going from France to the UK or vice-versa. That said, a vps in Amsterdam is quite practical from both locations, especially if mildly-congested wifi is already involved.


Can't you do a captcha with the WAF? I'm pretty sure that's an option on AWS


> Can't you do a captcha with the WAF? I'm pretty sure that's an option on AWS

You can.

I know because our information security office did it to all of our web endpoints. Which are mostly API endpoints. Without telling anyone involved with individual apps, before or even, until specific complaints got to them, after doing it.


*Large rueful sigh*

I feel your pain. It's stuff like that that just makes you know, they not only have no idea what they're doing, the level of agency and access they have mean it's just a question of when they finally accidentally something big on fire one day - and whether you'll be able to make it out unscathed with eg just some lost sleep.

Would probably make a good story for http://old.reddit.com/r/talesfromtechsupport, as you're probably already aware. If you feel like (and can stand) writing it (heh).


the attack was to an api endpoint. which is queried via xhr on the main app. adding captcha to it would break the app to all users.

the developers are now working on adding captcha at the application level and also signing the api endpoints.


You were a great contributor on that subreddit. Did you move to new account there perhaps?


No, I quit Reddit along with all other social media. This is the only place I post or comment anymore.


I thought the IP based geolocation was creepy accurate. Looks like just a coincidence: I arrived in Toulouse 3 hours ago!


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: