rejetto forum

Recent Posts

1
HFS ~ HTTP File Server / More update?
« Last post by danny on July 04, 2026, 04:25:48 PM »
The ongoing decline of Windows has caused a trend with Small Business seeking the safe haven of Linux, Macbook, iPad.  This is because small business (and home) don't usually get access to the 9+ Enterprise level tools required to make Windows safer to use (by subscription).  A system with built-in adware is foundationally unsafe and settings are too weak to change that (mostly a/b, not on/off).  Windows no longer provides safety for server software, nor finance software, nor concept of consent.  In becoming strongly anti-ownership, Windows became anti-purpose.  That "someday" has come too early for comfort.

Therefore, I believe we should go find out what HFS3 can do within the safe haven of Linux.  Assistance is here:  Clarity theme for HFS 3

Currently, I'm setting up a 'mini lab' with:
1).  A Linux system also capable of running Windows software, files/drives, and comforting appearance as well. 
2).  Windows 10iot (updates till 2032, no store) with Chris Titus script, Winhance, O&O Shutup, Tinywall or WFC firewall.
Both with overall 'de-corp' + 'no-AI' approach, using a safe-defaults browser like Helium, Vivaldi, BraveOrigin, Waterfox.

In the 4th quarter 2026, upcoming gradual rollouts in Windows retail and Android retail computing, do seek to extract more value from individuals and small business, in an ever larger variety of ways (a conflict of purpose to use them for a server or small business finance).  For the same reason that the little fish avoid the big fish, I suggest a 'de-corp' method to your upcoming safe-haven projects.  Plan to get there by September 2026.

As you can tell, it is no longer useful to update noncommercial Windows software.  So, go look at the clarity theme.
2
HTML & templates / HFS 3 Clairty theme
« Last post by danny on July 04, 2026, 01:58:50 PM »
Tried HFS 3, but display looks faded/small, and none of the theme plugins helped?  Here's the fix! 

HFS3 > localhost/~/admin > Custom HTML > Section: Style
Code: [Select]
body {background-color:#999;overflow-x:hidden}
.fa-folder:before { content:'\1F4C1';font-family:sans-serif;color:#FFD679; }
.fa-audio:before { color:#0CC;margin-left: .3em; }
.fa-video:before { content:'\1f4fa';font-family:sans-serif;color:#0CC; }
.fa-doc:before { margin-left: .3em; }
.fa-image:before { content:'\1f4f7';font-family:sans-serif; }
.list-wrapper li a { color:darkblue;text-decoration:underline; }
.list-wrapper { max-width:75%;font-size:120%;background:#FFFFF7; }
@media (max-width: 80em) { .list-wrapper {max-width:87%;} .list-wrapper .entry-details {letter-spacing:-0.05em;} }
@media (max-width: 68em) { .list-wrapper {font-size:110%;max-width:100%;letter-spacing:-0.07em;} .list-wrapper li a {font-size:120%;letter-spacing:-0.06em;} }
@media (max-width: 42em) { .list-wrapper {font-size:90%;max-width:100%;letter-spacing:-0.1em;white-space:nowrap;overflow:hidden;} .list-wrapper li a {font-size:130%;letter-spacing:-0.07em;} .list-wrapper .entry-details {display:none;} }
#paging { display:none }


HFS3 > localhost/~/admin > Custom HTML > Section: After Header
Code: [Select]
<style class="removeAtBoot">@media (prefers-color-scheme: dark) { html, #root { background-color:revert;color:revert; } }</style>

HFS3 > localhost/~/admin > Options > Front End: Page Size
Code: [Select]
1000

Notes:
1).  Remember to save after each entry--sometimes the save function is a little disk glyph, which goes encircled when you need to click it.
2).  This is the initial release of Clarity theme and doesn't have the calc method for 4k screens, but you'll find the very small amount of code straightforward about what it does, except:  The categories are additive, because a 42em wide screen also qualifies for the other sizes; so, the % affect each other (check any modifications by refreshing and then resizing the width of your browser window). 
3).  The display speed of HFS3 is similar to running the default24.tpl (HFS2.4 style) template on top of HFS2x.  However, the download speed of HFS3 is 750 megabits, or the download speed of HFS2xLite is 360 megabits (when compared on the same setup just now).  For preventing ridicule/frights from browsers, HFS3 wins that comparison by providing HTTPS support and Let's Encrypt certificate generation.  And, HFS 3 can run on Linux, which is safer in the many conditions where Windows is not, including your house.


Works with the built-in/default theme of HFS3.2RC8. 
Purpose:  Clarity, Contrast, Size, Icons in Color
Disclaimer:  Icons in Color may not display correctly on black & white televisions.
3
HFS ~ HTTP File Server / HFS2x Update Project Complete
« Last post by danny on April 01, 2026, 01:11:21 AM »
Thanks!  However, this particular project completed satisfactorily. 
Approximately 4000 of HFS2x servers are updated.
The lite version keeps up with 300+ megabit fiber internet.
It is very conservative with drive access, for compatibility with mechanical drives.
It is easy to do significant appearance customization without creating software code to do so.
CVE's blocked, performance doubled, limits validated, crash bug deleted, on/off bug bypassed, exec disabled.


Download Links (unsigned, does not pass AV because I didn't pay for that):
The same lite version running my server:  https://startfetch.com/hfs/HFS2x_2026.zip
Also available:  a translate version (the link is http) 'drop-in' update for HFS2.3.

Or HFS Lite S (most popular) or HFS Lite T that are are stored on the forum at 1/2 megabyte size; Use peazip or zpaq to uncompress.

Notes:
1). This lite version has a small efficient onboard template.  A collection of larger templates for HFS Lite, is attached below.  If you have a large template set as primary, you can still use others this way:  The view can be customized, such as make a copy of stripes or throwback, named hfs.diff.tpl and dropping that in a folder, can change the view for that particular folder.  The method is handy for a clean straightforward distribution folder. 
2). Good security practice for HFS2x is to make the root folder non-browsable.  To achieve it:  Look at the left-side panel 'Virtual File System' (vfs), Right-click (house icon) / and then properties. Of the tabs at the top of the properties menu, choose Flags, and clear the Browsable checkbox.  And, then make a browsable subfolder (preferably password protected).  For access, you could just type the subfolder-name after your dynamic dns address, Or, it is possible to refer to that subfolder by an online redirector/frameset. 
4
HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY
« Last post by rejetto on March 25, 2026, 08:53:53 AM »
I've just completed another round of security inspection and didn't find anything big.

i suggest you to install codex and ask it to find security bugs by also making a script to verify it's real and not just theory
5
HFS ~ HTTP File Server / Re: Shield for HFS 2
« Last post by rejetto on March 17, 2026, 09:54:28 AM »
you put a lot of effort into keeping hfs 2 working.
is that easier than using hfs 3 ?
6
HFS ~ HTTP File Server / Shield for HFS 2
« Last post by nivigor on February 11, 2026, 01:53:23 PM »
I've been using HFS 2.3x for a long time. Due to security concerns, I use a simple filtering reverse proxy server, https2http. The server only allows requests with certain query strings. By default, only the following queries are allowed: ?recursive, ?tpl=list&folders-filter=%5C&recursive, ?sort=t, ?sort=t&rev=1, ?sort=d, ?sort=d&rev=1, ?sort=n, ?sort=n&rev=1, ?sort=n, ?sort=n&rev=1, ?sort=s, ?sort=s&rev=1, ?sort=e, ?sort=e&rev=1.

However, https2http can work over the HTTPS protocol, but you'll need a domain name and certificates. Getting a free third-level domain name is easy. I got nivigor.mooo.com from FreeDNS. I get Let's Encrypt certificates automatically using Certbot. But certbot use an HTTP request to verify website ownership using a .well-known directory. That's why I use a redirect2https. For requests with the specified path, it can act as a file server, and it redirects other requests to an HTTPS server.
Now my HFS 2.3 is secure and works via the HTTPS protocol, accessible as https://nivigor.mooo.com, and certificates are updated automatically.

I've installed HFS 3 on NAS and will be trying it out slowly.
7
Everything else / registration
« Last post by rejetto on February 01, 2026, 04:24:08 PM »
guys, i've spent 2 hours trying to get emails working again on this forum, but to no avail.
now the it sends emails but they are empty.
things have changed both on my hosting service and on gmail (i used before, to send).
if someone needs an account, you can write to me a@rejetto.com and i'll make one with a temporary password that you can change later.
this seems to be the only way that won't open the doors to the spam bots.
that's it for the time being.
8
HFS ~ HTTP File Server / 2026 security update - Happy New Year!
« Last post by danny on December 23, 2025, 07:19:50 PM »
I've just completed another round of security inspection and didn't find anything big.
However, the update does spend less cpu time on bots, so it can serve more real people.

The new Lite version is available here.
It can run bigger templates just fine.
9
HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY
« Last post by danny on December 14, 2025, 07:32:19 PM »
I agree that a multi-group discussion area is more sustainable, because more topics gets more proportion of actual people traffic.  I guess there's about 2000 HFS2X servers.  There are daily downloads of updated HFS2X, by real people, but not in large numbers.  So far as I know, HFS2X is the only windows server using its own code as the distribution server, without a CDN buffer.  The uses for HFS2X are niche:  The main specialty is to catalog a lot of files any way you want to.  The streaming-list beats the performance of list-before-draw and pagination schemes.  The HFS2X update is router-cooperative so it doesn't need speed-limit, yet it will find and list your files really fast. 

Anti-bot setup with HFS2x:   Currently, the zip with updated HFS2x includes a txt note with anti-bot filter examples you can use in Events (menu).  Also, templates are updated to decreased verbosity for fast recovery and less cpu time.  For files, a recommendable organization is Unbrowsable root folder (left panel, right click /, flags, uncheck browsable), for the purpose of access forwarded (to browseable subfolder) by DNS.  Currently, I have 5 websites (1 hfs server, 1 dynamic dns, and 5 forwarding address that help by specifying folder and port number); and the method is helpful if your ISP blocks port 80 (forwarder answers on 80 and sends to the real folder and port).  You can make a copy of either throwback.tpl or stripes.tpl named as hfs.diff.tpl putting it into a high volume (or public) folder for which the fast little template is helpful at saving cpu work and data. 

Except for a banip compatible router (or similar) with curated filter lists installed, there really isn't a 'one fell swoop' approach to dropping bot traffic.  Behavior filters, such as use real browser, ban hacky request, forward to a different port, unbrowsable root, can do a cumulative 12% apiece, approximately.  Not one thing will have a big effect, but the combination does.
10
HFS ~ HTTP File Server / Re: HFS v2.x security update By DANNY
« Last post by Mars on December 13, 2025, 03:21:12 PM »
what I am about to say may perhaps sound hard to hear, but it is a reality

times change and people grow older, interests are no longer the same, and very often only nostalgics remain to remember the good old days. Even I have hung up my apron and now consult the forum only as a scrapbook of memories.

the desertification of the forum is mainly due to the absence of former members who no longer come, another reason is that the center of interest has migrated to HFS 3.0, which is accessible for possible exchanges on GitHub where an area is also dedicated to HFS2.x  [https://github.com/rejetto/hfs2](https://github.com/rejetto/hfs2)

the forum here is now closed to the validation of new members, this was a necessary decision because only fake profiles created by BOTs were registering, to give an estimate of the situation there is about a false inscription every 10mn on average in normal attendance at the quietest moments, if the activation of all these accounts were left free,

monitoring possible spam messages would take a lot of unnecessary time, moreover managing to identify a real future member among thousands of registrations is more than random, which is why the counter is closed.

from an external point of view, for a guest the forum can be consulted without restriction and all attachments are accessible, even those you provide; only usage feedback cannot be posted, however exchanges can be made on [https://github.com/rejecto/hfs2/discussions] (https://github.com/rejecto/hfs2/discussions)