no bio

  • 0 Posts
  • 8 Comments
Joined 4 years ago
cake
Cake day: September 11th, 2020

help-circle




  • here is no such a stuff,

    i wanna advice here one thing, world is big and each of the states got laws which applies to the trade and also to the ecommerce, so you need to have some data on the hand when eventually law enforcement will ask for it, or you would need to proof something to someone, even to customer. You have to know what are you aligible to do, collect and how you are working with data, this goes same for restrictions and mandatories for you,… laws like GDPR in EU.

    its web development, people are studing this for years, backend frontends, idk if you have any skill and exp but there is a,lot of free stuff on the net about web dev.

    long story short, if you will develop, read and understand code, you will know what is about, meaning you can restrict as much you like, therefore protect customer.

    the system is flawed to the root, if you would run some illegal stuff and even make it so that the web will not track, there are many other way how to get the data from you, servers logs, db logs, audit logs, ip logs, ips logs. Out from your hand stuff like local device setups, browser setups …

    we have to try anyways.


  • just do a basic check on the based.win shop, whole page is funneled via cdn (bunny cdn), they have analytics, so not true they are not tracking, there is also woocommerce wordpress plugin, makes me wonder, the page is running on wordpress? the path is /wp-plugins/woocommerce, meaning there is wordpress core, so where is the cookie banner? maybe its forked wp core, idk. but the whole punch with no tracking is questionable.

    hosting, you can host it at home server, its more difficult but you can still do it, if someone will ddos you you will have a fun time.

    you can still host on privacy friendly VPS, or just other hosting service, just read contract. Hosters usually dont scale customers data, for sure they will have ip addresses, but that will be also visible to your IPS when hosting from home server.

    as a shop platform, clean php core and for front end some js. Like were 10y ago, lol. everything served as 1st party, no loading out from page, no google fonts, no third party scripts and bullshits, plugins.

    own cache, own ssl, own seo, no cloudflare, no cdn, and it could go on for a while.

    it a shop, business needs to have stats, so if you sit on bunch of money no problem, but if you like to have ypur biz up and survive, then you need to know where the customers cliking, where they come from and what is hot for them.

    good luck,


  • manifestation. I would like to know how mastodon.social got covered this? what type of mechanisms are set on the biggest mastodon instance, some WAF? balancers?

    on the other hand, its good cause this is another hole someone light up in the fediversal setup, i would have a considerable effort/problem to set firewall for DOS (not hosted at some big VPS provider with parameter already set up)

    edit1: its hosted on SWCH in EU, exoscale.ch, shame.

    I wanna see instance admin report on this (would it be suprise if the load was triggered by “tesla drivers”)