Recent Posts

1

Everything else / Re: registration

« Last post by danny on February 03, 2026, 03:39:55 PM »

...if someone needs an account, you can write to me a@rejetto.com and i'll make one with a temporary password that you can change later...

Thank you; Thank you!!!

I wonder how you can get https://github.com/openwrt/packages/tree/master/net/banip/files (fail2ban, spamhaus, firehol3, greensnow) anti-bot running on the forum server?

2

Everything else / registration

« Last post by rejetto on February 01, 2026, 04:24:08 PM »

guys, i've spent 2 hours trying to get emails working again on this forum, but to no avail.
now the it sends emails but they are empty.
things have changed both on my hosting service and on gmail (i used before, to send).
if someone needs an account, you can write to me a@rejetto.com and i'll make one with a temporary password that you can change later.
this seems to be the only way that won't open the doors to the spam bots.
that's it for the time being.

3

HFS ~ HTTP File Server / December security update - Merry Christmas!

« Last post by danny on December 23, 2025, 07:19:50 PM »

I've just completed another round of security inspection and didn't find anything big. 
However, the update does spend less cpu time on bots, so it can serve more people.

You can get the update at http://software.run.place  Including several templates

There is also a mini  version available here.
It can run bigger templates just fine.

4

HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY

« Last post by danny on December 14, 2025, 07:32:19 PM »

I agree that a multi-group discussion area is more sustainable, because more topics gets more proportion of actual people traffic.  I guess there's about 2000 HFS2X servers.  There are daily downloads of updated HFS2X, by real people, but not in large numbers.  So far as I know, HFS2X is the only windows server using its own code as the distribution server, without a CDN buffer.  The uses for HFS2X are niche:  The main specialty is to catalog a lot of files any way you want to.  The streaming-list beats the performance of list-before-draw and pagination schemes.  The HFS2X update is router-cooperative so it doesn't need speed-limit, yet it will find and list your files really fast. 

Anti-bot setup with HFS2x:   Currently, the zip with updated HFS2x includes a txt note with anti-bot filter examples you can use in Events (menu).  Also, templates are updated to decreased verbosity for fast recovery and less cpu time.  For files, a recommendable organization is Unbrowsable root folder (left panel, right click /, flags, uncheck browsable), for the purpose of access forwarded (to browseable subfolder) by DNS.  Currently, I have 5 websites (1 hfs server, 1 dynamic dns, and 5 forwarding address that help by specifying folder and port number); and the method is helpful if your ISP blocks port 80 (forwarder answers on 80 and sends to the real folder and port).  The template used by http://software.run.place is actually an edited stripes.tpl using the 'diff template' function to show just for that folder/site.  Also works is making a copy of either throwback.tpl or stripes.tpl named as hfs.diff.tpl putting it into a high volume (or public) folder for which the fast little template is helpful at saving cpu work and data. 

Except for a banip compatible router (or similar) with curated filter lists installed, there really isn't a 'one fell swoop' approach to dropping bot traffic.  Behavior filters, such as use real browser, ban hacky request, forward to a different port, unbrowsable root, can do a cumulative 12% apiece, approximately.  Not one thing will have a big effect, but the combination does.

5

HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY

« Last post by Mars on December 13, 2025, 03:21:12 PM »

what I am about to say may perhaps sound hard to hear, but it is a reality

times change and people grow older, interests are no longer the same, and very often only nostalgics remain to remember the good old days. Even I have hung up my apron and now consult the forum only as a scrapbook of memories.

the desertification of the forum is mainly due to the absence of former members who no longer come, another reason is that the center of interest has migrated to HFS 3.0, which is accessible for possible exchanges on GitHub where an area is also dedicated to HFS2.x  [https://github.com/rejetto/hfs2](https://github.com/rejetto/hfs2)

the forum here is now closed to the validation of new members, this was a necessary decision because only fake profiles created by BOTs were registering, to give an estimate of the situation there is about a false inscription every 10mn on average in normal attendance at the quietest moments, if the activation of all these accounts were left free,

monitoring possible spam messages would take a lot of unnecessary time, moreover managing to identify a real future member among thousands of registrations is more than random, which is why the counter is closed.

from an external point of view, for a guest the forum can be consulted without restriction and all attachments are accessible, even those you provide; only usage feedback cannot be posted, however exchanges can be made on [https://github.com/rejecto/hfs2/discussions] (https://github.com/rejecto/hfs2/discussions)

6

HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY

« Last post by danny on December 13, 2025, 05:52:06 AM »

There have been a couple of thousand downloads.  So, I'm curious why there are so few new posts on the forum.  Did that go out of style? 

7

HFS ~ HTTP File Server / HFS2.3M oldstyle "purist" edition

« Last post by danny on November 25, 2025, 01:47:12 PM »

For the improvement adverse:  Minimal change.  HFS-23-m-oldstyle.zip is available at http://software.run.place
Built fresh from HFS2.3M original source, adding Leo's macro security patch, and the exec macro is disabled. 

Not recommended for those new to HFS.   HFS-23-m-oldstyle is for those who wish to avoid/reduce change. 

The older style default template is still included internal to the program.   For somewhat more comfort (optional) there is a considerably more Efficient default.tpl included separately in the zip file; because, it is nice to have the option of. . . not crash during a bot attack. 

Edit:  Also compatible with a pre-2025 hfs.ini file; if you happened to have an old backup handy from original M or K (remember to exit before copying the ini file to the same folder as hfs.exe).  Using the old ini file will simply cause it to go back to work as expected. 

8

Everything else / Re: Saying Hi again :)

« Last post by rejetto on November 18, 2025, 07:17:58 AM »

i'm glad to see you again and well
good luck with your projects!

9

HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY

« Last post by danny on November 16, 2025, 05:18:13 PM »

Enjoy summer break!  Perfect timing.  I need to hunt for a better job this season.  HFS is doing fine because there's nothing to fix other than keeping ahead of new browser changes. 

The development/lite version finally showed the progress it was made for--At version 2XF, features can be added to it and it will still run stable.  Thanks for the advice on WinMerge, to analyze differences.  Very helpful!   

Edit:  In December, there's some template updates for dealing with internet noise/bots more efficiently.  https://cybernews.com/security/scam-bots-hitting-website-can-lead-to-financial-loss/  There is also a little txt file included with some bot filter examples for hfs events (menu).   The events filters have been working well for the download server.   

10

HFS ~ HTTP File Server / Taking a summer break...

« Last post by LeoNeeson on November 16, 2025, 02:10:16 PM »

I like the idea in Leo's patch because it is data validation.

Sorry, but I won’t be doing anything related to HFS for a few months, until further notice. Summer is approaching where I live, and as I did last year I’m taking some time off to disconnect from everything. Please carry on without me, Danny and everyone else, since I will not be checking or replying to private messages either.

Take care and rest a bit — this year was tough for me.
Best regards,
Leo.-