this post was submitted on 11 Aug 2023
72 points (90.0% liked)

Lemmy.world Support

3228 readers
59 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge


You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world/



founded 1 year ago
MODERATORS
 

I know you all are dealing with DDoS and how that goes. I run DDoS mitigation for some juicy targets and do a lot of on-call response to handle those issues, so believe me when I say I know what you are dealing with.

However, that being said, it appears you are blocking tor exit nodes with a 403, likely at your web termination point (nginx, apache, whatever), and this kind of sucks.

I get that tor can bring some attacks, and I fully support a modulated response to those attacks, preferably one with a reasonable time decay, but please don't just block all of tor

Alternatively, be one of the cool kids, and setup an onion service for lemmy.world!

all 18 comments
sorted by: hot top controversial new old

An onion service would be interesting.

[โ€“] slazer2au@lemmy.world 6 points 1 year ago

As an alternative, you can run your own instance of Lemmy and funnel all the non activitypub traffic via the clearweb and all your browsing via tor.

I doubt admins will unblock tor because the amount of shit that gets yeeted out vastly outweighs the few users who legitimately use it. I worked for an ISP for almost a decade and use tor for data validation but the amount of other crap coming from exit nodes is unbelievable.

[โ€“] twistypencil@lemmy.world 1 points 1 year ago

If you could reduce your arguments to smaller, digestible chunks that can be engaged with, then I would. Your format for engaging, with huge long argumentation, is just too exasperating to bother to attempt to reply. It is not the content, or arguments, I'd happily discuss those with you in person or by email like this, but this isn't email, or usenet, and there is no way way to reply in line, quoting what you said, so I can reply to specific points. Instead, you write a kind of essay of points that stops any meaningful reply. I tried to engage that way, and I'm frustrated that I can't actually, and properly, reply to you, especially the points that are wrong, or specious argumentation, but this message alone took me so long to write, and I'm just talking about how I am only really writing this point and not engaging with your arguments, that I'm not going to continue in this venue, in this way.

If you would like to exercise your arguments, maybe bring them to the Tor forum, where it is designed for this kind of structured discussion, or the mailing list.

[โ€“] twistypencil@lemmy.world 1 points 1 year ago

Typical infosec fallacy: letting the perfect be the enemy of the good.

[โ€“] twistypencil@lemmy.world 0 points 1 year ago

Yep, this is why am onion service would be good. No exit yeet. I'm 20 years into an ISP, and we have found productive ways to deal with those issues, without blocking. We are even running our own exit now

[โ€“] doppelgangmember@lemmy.world -1 points 1 year ago* (last edited 1 year ago) (1 children)

Make SURE to host your Exit Node as a foreign LLC entity in a non-cooperating country of the 14 eyes alliance. Or else they might (probably will) go after you for hosting.. umm... bad stuff, sometimes involving children.

[โ€“] twistypencil@lemmy.world -1 points 1 year ago (1 children)