One step @ a time (Marc Stevens)

[notorial dissent]

True, one of the flimsy pasteboard variety.

[wserra]

As juan galt discovered, Marc Stevens has restricted his site - blog and forum both - to registered users. Good - no more casual drop-bys. And I'm no longer a registered user, since I can't log in. Now it's all sycophants, all the time.

Kinda funny for someone who claims to believe in anarchy.

[notorial dissent]

Well, at least that way Marvelous Marc can have his current crop of suckers all to himself, the bare handful that they are, without fear of someone tipping them off to how much trouble they're fixing to get themselves in, or some of his past "successes" coming back to tell just how successful they really were. Or maybe he just wants to hide his flagging numbers. In any event, no loss.

[wserra]

I may have posted too quickly. From the little I know, this:

Authentication required.
http://marcstevens.net is requesting your username and password. The site says: “Access Restricted (suspend)”

could in fact be accidental - a violation of host rules, a misconfigured board, a hack, whatever. I retract what I wrote above - not because it's necessarily wrong, but because it's not necessarily right.

web?

[juan galt]

I may have posted too quickly. From the little I know, this:

Authentication required.
http://marcstevens.net is requesting your username and password. The site says: “Access Restricted (suspend)”

could in fact be accidental - a violation of host rules, a misconfigured board, a hack, whatever. I retract what I wrote above - not because it's necessarily wrong, but because it's not necessarily right.

web?

Interesting. For me the site says:
"Authentication required
http://marcstevens.net
Your connection to this site is not private"

[notorial dissent]

His site certificate expired????? So your browser can't get a secure connection.

[morrand]

I may have posted too quickly. From the little I know, this:

Authentication required.
http://marcstevens.net is requesting your username and password. The site says: “Access Restricted (suspend)”

could in fact be accidental - a violation of host rules, a misconfigured board, a hack, whatever. I retract what I wrote above - not because it's necessarily wrong, but because it's not necessarily right.

web?

Interesting. For me the site says:
"Authentication required
http://marcstevens.net
Your connection to this site is not private"

The difference in text is just down to what browser you use. Going in raw, I'm getting:

Code: Select all

$ telnet marcstevens.net 80
Trying 162.144.1.71...
Connected to marcstevens.net.
Escape character is '^]'.
-> HEAD /index.htm HTTP/1.1
-> Host: marcstevens.net
-> Connection: close
-> 

HTTP/1.1 401 Authorization Required
Server: nginx/1.12.2
Date: [redacted]
Content-Type: text/html; charset=iso-8859-1
Connection: close
WWW-Authenticate: Basic realm="Access Restricted (suspend)"
Vary: Accept-Encoding

Connection closed by foreign host.

So the site's locked in the server. A little Google-fu doesn't help to interpret that much. It kind of looks like his site's been hacked, but not definitely; possibly this is just a bit of incompetent copy-paste website administration. But that exact wording, "Access Restricted (suspend)," shows up in a whole lot of places, more than you'd expect if this were Mr. Stevens doing the locking down.

[wserra]

Thinking this over, I believe that morrand is right - this is likely not Stevens' doing. If your site is hosted on a shared server, you are going to be restricted to using x% of the server's resources. Otherwise, one site could take over the server. When such a site exceeds its allocated resources, the host will likely do something very like this to get the offending site to mend its piggish ways. If so, the login is not for users - it's for the webmaster to get in and clean up.

But, given my knowledge of this stuff, this may simply be a WAG.

[morrand]

Thinking this over, I believe that morrand is right - this is likely not Stevens' doing. If your site is hosted on a shared server, you are going to be restricted to using x% of the server's resources. Otherwise, one site could take over the server. When such a site exceeds its allocated resources, the host will likely do something very like this to get the offending site to mend its piggish ways. If so, the login is not for users - it's for the webmaster to get in and clean up.

But, given my knowledge of this stuff, this may simply be a WAG.

For what it's worth, I do see mention online of some hosts doing exactly this, for exactly this reason (example). IMHO, this is stupid on the part of the host: the 503 Unavailable error exists for this sort of reason, and is a much more accurate error to give than a 401, leaving site visitors twisting in the wind on some spurious login prompt. And you (I mean, you the server owner) can usually redirect it to a page that says, "Oops! That site went over quota...," so the users know what's going on, and can send the author upgrade money or vicious taunts as appropriate.

I'm no friend of Stevens, understand, but neither am I friend to web hosting services that ignore web standards.

Oh well. Whatever it is, it's been cleared up: his site's loading fine for me right now.