xianc78 @xianc78@gameliberty.club

The real reason forums died is they're run by boomer buzzkills or paywall whores while large websites that were for a while beyond the scope or focus of lawfare boomers would host it.

Pleroma / Akkoma / Rebased need to be patched, but here’s how you can secure your site without any code changes:

yoursite.com/media -> media.yoursite.com
yoursite.com/proxy -> proxy.yoursite.com

To do this, add the following configuration to your site:

config :pleroma, Pleroma.Upload, base_url: "https://media.yoursite.com" config :pleroma, :media_proxy, base_url: "https://proxy.yoursite.com"

You will need to add DNS records for the subdomains. For media, it’s recommended to use an S3 bucket (or equivalent). For the proxy, you can simply point the DNS to the same server, and edit your Nginx file. A sample Nginx file is here: https://termbin.com/tj7q You’re on your own setting up letsencrypt, etc.

Here’s what does NOT work:

A CSP one-liner in Nginx. That’s not how CSP works. CSP affects the page it was loaded on, not other resources. This is straight up misinformation.
Disabling the media proxy on its own. The media proxy does appear to be vulnerable, but it cannot be the only action you take.

EDIT: Also, after you do this make sure to specifically block /proxy from your main site by adding location /proxy { return 404; }

Knowing the Pleroma exploit out now, what software stack should I use for a new fedi instance when I launch the multi user instance?
100% serious btw

AAAAAAAAAAAAAAAAAAHHHHH KILL IT KILL IT KILL IT AAAAAAAAAAH PLEASE GOD WHAT THE FUCK KILL IT NOW AAAAAAAAHHH KILL IT KILL IT WHAT THE FUCK AAAAAAAAAAAAHHH

RT: https://poa.st/objects/4dd22c9f-1033-4673-aef2-c9dfaea47a63