Self Proclaimed Internet user and Administrator of Reddthat
Article says the initial compromise of the non-airgapped systems is an unknown vector. So how they got into the organisation(s) in the first place is still a mystery
Turns out it wasn’t the certificate, but the post-renewal restart of the web-server wasn’t working.
We’ve fixed that up and now LW content is coming in hot and fast!
This is sso support as the client. So you could use any backend that supports the oauth backend (I assume, didn’t look at it yet).
So you could use a forgejo instance, immediately making your git hosting instance a social platform, if you wanted.
Or use something as self hostable like hydra.
Or you can use the social platforms that already exist such as Google or Microsoft. Allowing faster onboarding to joining the fediverse. While allowing the issues that come with user creation to be passed onto a bigger player who already does verification. All of these features are up for your instance to decide on.
The best part, if you don’t agree with what your instance decides on, you can migrate to one that has a policy that coincides with your values.
Hope that gives you an idea behind why this feature is warranted.
Possibly, as it’s one generic endpoint, but it also blocked a few other things people in the fediverse created, which are mighty helpful in diagnosis of these and other issues.
So using some AI model or whatever CF uses is probably not going to be the best thing for us as it classified a POST request as a crawler?? 🤷
I’d have to whitelist every regular endpoint as well and then it gets messy as CF only gives you so much control as a free user.
So, for the moment I’ve blocked the most annoying ones based on UserAgent.
We enabled the CloudFlare AI bots and Crawlers mode around 0:00 UTC (20/Sept).
This was because we had a huge number of AI scrapers that were attempting to scan the whole lemmyverse.
It successfully blocked them… While also blocking federation 😴
I’ve disabled the block. Within the next hour we should see federation traffic come through.
Sorry for the unfortunate delay in new posts!
Tiff
Thankyou! That made my day! (And the servers filled with coffee)
I can neither confirm or deny for the safety of my pigeons.
I’ve always wanted to do colocation and looked into it when I first started Reddthat and we had our initial growth. We are lucky we didn’t otherwise I would be out of money ages ago!
The aruba.it colocation is about the same price as our OVH server which would be probably the most viable as we are close to having enough donators to have a long enough runway it would make sense.
(Goal being: A$150/m ~ USD$100/€90. And OpenCollective doing some magical nonsense with the Total amount we have left and averaging it across 12 months or something)
The 32GB of RAM we have currently is overkill for an instance of our size. We could get away with using 16GB and still have room to grow for the next year. Which will probably be what will happen in April, but I’ll re-evaluate before then and see whether a colocation option is viable.
Our stance on downvotes, and lack of super-popular local communities means we are growing slowly over time and are very stable in requirements. Lemmy still being in it’s infancy means there are problems that are no fault of the hardware but the software. An example would be the latest issue we were experiencing where no matter what resources we had, it would result in 100% CPU usage for brief periods, with 10-20s page loads for everyone during that period.
I am very tempted but I still need to make sure I am being responsible with the donations. By next year we’ll most likely be over 1TB of object storage and our S3 costs will slowly start increasing MoM. While not a lot I still need to factor it in growing costs.
Yeah! Except it wasn’t just images. Instead it was all links. And inside the Lemmy process and it would block all other connections! Which is the why it was an issue! Super weird.
But the whole Lemmy app is full of these issues hiding in the background. People seem to forget it’s still in its infancy and expect a 1-1 Reddit experience. We regularly get people signing up and then quitting like the thread from last week regarding the lack of downvotes. Or the lack of X,Y,Z.
</end rant>
It’s fixed for Reddthat now, which is the best part! 😉
It’s live!
I"M A MOD LOOK AT ME
replying
commenting
I do! It’s already in the sidebar!
BTC Directly: bc1q8md5gfdr55rn9zh3a30n6vtlktxgg5w4stvvas
😍 Thank you for being here!
❤️ the heart emoji doesn’t do it justice! Thankyou!
🤩 Always great to hear! Thanks!
The long loads are because of huge images/content believe it or not 😂. I too can’t wait to finally see some nice fast Reddthat
Whoa! Thanks for even considering donating. I won’t hold you to it if you happen to donate less later 😉
After testing ko-fi we still end up having the same fees compared with OpenCollective as it’s PayPal instead of Stripe. So in the end it’s better to go via OpenCollective. As it’s a lot more transparent and shows all the donations and will allow me to show all of our bills etc.
Thanks!
I made sure that cerbot did an nginx reload after it provisioned the cert.