Josh
6ee2cf13b0
All checks were successful
Build and deploy / deploy (push) Successful in 23s
The WHP panel sends Strict-Transport-Security max-age=31536000 includeSubDomains on every response (correct for prod). When a server is rebuilt, the regenerated self-signed cert no longer matches what the admin's browser cached as HSTS-valid, and there is no clickable 'proceed unsafely' escape — the admin is locked out of their own panel by hostname. Add a Caution Aside under Network & SSL describing the symptom, the two-browser HSTS confirmation pattern, and the three recovery paths (IP-direct + LE issuance, browser HSTS clear, real cert preserved across rebuilds). Frames LE issuance as a first-day operation, not an incident response. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
kb.anhonesthost.com
The An Honest Host knowledge base — customer documentation for WHP (our hosting platform) and related services.
Live at: https://kb.anhonesthost.com
Run locally
Requires Node 20+ (we test on 22).
npm install
npm run dev
# open http://localhost:4321
To expose the dev server on a different host/port (useful inside containers):
npm run dev -- --host 0.0.0.0 --port 8080
Adding or editing a doc
See CONTRIBUTING.md — it covers the page template, where files live, and how PRs are reviewed.
How it deploys
Push to main triggers a Gitea Actions workflow that builds the site and uploads it via SFTP to the production WHP site. No manual deploy step.
Licence
Content: CC BY 4.0. Build config and scripts: MIT (see source headers if any).