Do the order of “Disallow” and “Sitemap” lines in robots.txt matter?

One can sort robots.txt this way:

User-agent: DESIRED_INPUT Sitemap: Disallow: / 


User-agent: DESIRED_INPUT Disallow: / Sitemap: 

I assume both are okay because it’s likely the file is compiled in correct order by generally all crawlers.
Is it a best practice to put Disallow: before Sitemap: to prevent an extremely unlikely bug of a crawler’s bad compilation of crawling before ignoring Disallow:?

How can I disallow guests to see other guests in share screen in a document library?

I have a specific client which is demanding that guest users must not see each other when accessing the share screen inside de folder shared with them. Today a guest can access the shared folder specific with him and open the share panel and them start typing on the grant access box which will show the names of other guest they should not be aware of. I basically need to turn off that share panel for guests or make sure they cannot don’t see other guests in my Azure AD. Is it possible?

Why does the JSON specification disallow single quoted strings? [on hold]

I understand that only double quoted strings are allowed in JSON but why would this limitation be introduced from a software engineering perspective? In JavaScript you can use single quotes when defining object literals, so why would the writers of the JSON specification deviate from JavaScript language semantics in this way?

Could this have been done purely to make the specification simpler?

Could other issues related to performance or security have come into play when making the choice to allow only one type of quotes for string?

Also is there any background to why double quoted strings were only allowed even though single quotes also happen to be easier to type as they are accessible without having to use the shift modifier on a keyboard? For example, was this done because single quotes are more common in text strings (hence there would be more instances of having to escape single quotes if only single quotes were allowed for strings versus the opposite scenario)? Or was this done primarily due to the popularity of double quotes relative to single quotes as string delimiters.

Robots txt disallow on Blogger

I have a blog in Blogger, so the URL structure is always like this: 

The problem is I don’t want google to crawl (it shows all posts of 2019) and (shows all posts of january). Is there a way to block this in robots.txt, and allow the individual HTML posts to be crawled?

How to disallow SMB1 and SMB2 but still allow connections from Linux smbclient and list shares?

Running a Samba server, I guess it is a good idea to require encryption and SMB3. So I tried setting these two options in /etc/samba/smb.conf (see documentation) in the [global] section:

smb encrypt = mandatory min protocol = SMB3 

After a sudo systemctl restart smbd.service the shares could not be listed any longer in thunar and I got the following error on command line:

$   smbclient -U myuser -L //myserver Unable to initialize messaging context Enter WORKGROUP\myuser's password:       Sharename       Type      Comment     ---------       ----      -------     myshare1        Disk      my comment1     myshare2        Disk      my comment2 Reconnecting with SMB1 for workgroup listing. smbXcli_negprot_smb1_done: No compatible protocol selected by server. protocol negotiation failed: NT_STATUS_INVALID_NETWORK_RESPONSE Unable to connect with SMB1 -- no workgroup available 

Without the additional lines in smb.conf there is also the “Unable to initialize messaging context” message (what ever that means…) but the SMB1 warning is not there:

$   smbclient -U myuser -L //myserver Unable to initialize messaging context Enter WORKGROUP\myuser's password:       Sharename       Type      Comment     ---------       ----      -------     myshare1        Disk      my comment1     myshare2        Disk      my comment2 Reconnecting with SMB1 for workgroup listing.      Server               Comment     ---------            -------      Workgroup            Master     ---------            -------     WORKGROUP            MYCLIENTHOSTNAME 

After experimenting for very long time, I noticed that SMB3_11 is actually chosen automatically as it should:

$   smbclient -d10  -U myuser -L //myserver 2>&1 | grep SMB        negotiated dialect[SMB3_11] against server[myserver] signed SMB2 message Reconnecting with SMB1 for workgroup listing. 

But it seems as if there is some SMB1 and SMB2 thing being used later on. I assume this is only used for listing or so, because Thunar can connect without problem by entering the URL smb://myserver/myshar1 directly. Only smb://myserver/ is empty with the restricted smb.conf.

Is it a good idea to put these two lines into smb.conf to avoid unencrypted connections in our large LAN (also external users allowed to connect)? Any solution for the broken listing for Linux users? Will this work on >= Windows 8?

Disallow “Signing in with Google” to 3rd party sites

Google has a feature they seem to call “Signing in with Google”

You can see this in action if you have a Google account but don’t have a TripAdvisor account. When you visit a box will appear asking if you want to join/login with your Google Account.

enter image description here

How can I disable this feature? I never want that prompt to appear EVER. It’s too easy to hit by accident, especially in a rush, and the moment you do the site gets access to a bunch of your info.

  1. How can I disable this feature as a regular google user?

  2. How can I disable this feature as a GSuites Admin so that none of my users can sign in to 3rd party sites with their google run corporate account?

Background: Yesterday I was trying to lookup a hotel from Band of Brothers the HBO TV series. Searching for Band of Brothers Hotel brought up the hotel. Clicking the first link took me to tripadvisor (on my phone) and took me to I don’t know what I clicked. I was in the middle of a conversation trying to find where the hotel is, Switzerland or Austria. Today I get spam in my corporate email account from TripAdvisor with offers to book the hotel.

Of course now tripadvisor has my corporate email account in their database forever and I’m sure they’ve already shared it with 497 ad partners.

Disallow `rm` to remove `*`

Note: If you googled this by the title of this question, don’t use this script unless you know what it is supposed to do.

This is a script in bash 3+ that I have used for long for preventing rm * and rm -rf * from accidentally invoked and removing important files by mistake. I put it in my ~/.bash_aliases.

alias rm='set -f;rm' rm(){     if [[ "$  -" == *i* ]]     then         if [ "$  1" = "*" ] || [ "$  2" = "*" ] || [ "$  1" = "./*" ] || [ "$  2" = "./*" ]         then             echo "Abort: refusing to remove *, please go to the parent folder and do rm <folder_name>/*" 1>&2             set +f             return 1         fi     fi       set +f     /bin/rm -i $  @ }  set +f 

I would like to know whether there are any vulnerabilities and whether it can be improved.