(immich.app)

1045 points janpio | 1 comments | 22 Oct 25 20:53 UTC | HN request time: 0.452s | source

Show context

aetherspawn ◴[23 Oct 25 03:36 UTC] No.45677908[source]▶

A good takeaway is to separate different domains for different purposes.

I had prior been tossing up the pros/cons of this (such as teaching the user to accept millions of arbitrary TLDs as official), but I think this article (and other considerations) have solidified it for me.

For example

www.contoso.com (public)

www.contoso.blog (public with user comments)

contoso.net (internal)

staging.contoso.dev (dev/zero trust endpoints)

raging-lemur-a012afb4.contoso.build (snapshots)

replies(2): >>45677924 #>>45678172 #

sureglymop ◴[23 Oct 25 04:28 UTC] No.45678172[source]▶

>>45677908 #

The biggest con of this is that to a user it will seem much more like phishing.

It happened to me a while ago that I suddenly got emails from "githubnext.com". Well, I know Github and I know that it's hosted at "github.com". So, to me, that was quite obviously phishing/spam.

Turns out it was real...

replies(2): >>45678710 #>>45678819 #

1. jeroenhd ◴[23 Oct 25 06:31 UTC] No.45678819[source]▶

>>45678172 #

PayPal is a real star when it comes to vague, fake-sounding, official domains.

Real users don't care much about phishing as long as you got redirected from the main domain, though. github.io has been accepted for a long time, and githubusercontent.com is invisible 99% of the time. Plus, if your regular users are not developers and still end up on your dev/staging domains, they're bound to be confused regardless.

↑

Google flags Immich sites as dangerous