There are a few good blockers for non-ROOTed Android devices, but since version 3, Blokada has a useful extra function usually reserved for ROOTed devices.
Since v3 it will now let you set alternative Domain Name Servers.
Blokada is overflowing with blocking options, which at first glance are somewhat overwhelming, but once you poke around you can see they are broken down into sections with clear info describing their use.
It also has sensible groupings for different RAM footprints, which is very useful for low RAM devices.
Like all the best blockers it is banned from Google play store as it will block Google trackers and adverts, so the release in the play store will only change your DNS.
Standalone DNS changer
I was maybe late to the game, but also noticed the attacks earlier today and decided to fully block /xmlrpc.php - I am not using Jetpack or any other applications that require xmlrpc.php. Dafont MapQuest FileHippo
I'm noticing in my firewall blocked IPs, that most of the attacks are hitting my rule, not being blocked by wordfence "Real-Time IP Blacklist" firewall rules. Since wordfence seems to have a good handle on what is going on, why are so many attacks getting through and hitting my banned url? It appears that the vast majority of this bot-net's IP addresses are not being blocked yet.
@catweazle Thanks for the info. I only use the Gift cards when I want something from apple, but that is rare as I have old apple tech.
Will be on guard for phishing attempts and invitations to Family Sharing!
"Identity consistency between browser and cookie jar"
to "disabled" under "vivaldi://flags" nonetheless.
If that altered setting is just superfluous/unnecessary and doesn't break things, good.
@millerb270 said in Fox News won't open--"Not Secure" comes up:
I think the problem is that the owners of vivaldi don't want fox news on their browser.
No, wrong – Vivaldi owners do never block websites.
If your Fox News does not show correctly, check if you have extensions installed in Vivaldi, check your Internet Security software, check your proxy and/or VPN connection (if you use any).
As nice as it will be to close the holes with unencrypted traffic this doesn't really solve very much at all. At the end of the day the snooper still knows which IP your requests are going to and therefore the vast majority of the time what site you are visiting. Sites using SNI tend to be closely related to other sites on that same server - usually subdomains of the main domain or domains owned by the same company, so even if I don't know that you visited abc.acme.net, I still know you visited an acme.net site. e.g. google.com isn't sharing servers with microsoft.com.
I would also expect adoption to be extremely low since it requires both generating the keys - this part could be handled automatically as part of the webserver setup and therefore causes minimal concern, but also publishing the public key in a DNS record which is something barely anyone except dedicated sysadmins, a few good shared hosting/CDN companies and enthusiastic hobbyists will bother to do. Just look at the pitifully low uptake of CAA records etc. TLS by default only really gained ground because of Let's Encrypt making the process as painless as possible, but scripts run on the webserver are not going to have access to change DNS records.
@dantesoft Yup, page scrolling, hyperlinks et al -- all seems "normal" to me on that page & child pages launched from it. In fact [this will sound silly], i had actually completely forgotten all about SSI for a long time, & only rediscovered a few days ago that i am in fact running with it [ie, given it is mega-yonks since i last bothered looking at my flags, it's ipso facto also mega-yonks since i last re-enabled SSI]. Wrt other flags, nope. In past years i have run my V's with a plethora of specific flags set at non-default values, but during some extensive troubleshooting [wait for it] mega-hyper-ultra-yonks ago i never bothered re-enabling any of them again afterwards, except SSI.