Conversation

Okay, I think I have patched everything that can be patched on this instance, and I still have applied my some schizo shit for files so you still can’t load javashit even if it somehow makes it onto the server with a new vulnerability they we obviously don’t now about.

media is now served on a subdomain (per recommendation of lain and alex)
CSP is now set to script-src ‘none’ (per recommendation of lain and web)
you cannot load .js .exe .mjs .exe .docx .html etc from our media (per recommendation of mint)
we have never proxied media and we never will on this instance (just too much money)
admin api is now non functional
I am debating removing AdminFE entirely and configuring all from config using annoying syntax

And that’s it. If you or anyone else reading this has any further suggestions for hardening a pleroma instance, please let me know.

Of course there are known knowns, known unknowns, and unknown unknowns.

The unknown unknowns is the part that is concerning. If in the future further vulnerabilities arise and are exploited on another public instance via an attack vector that is not known I will terminate hosting this instance. If the developers are able to establish normalized collaboration lines then this really shouldn’t happen. Only time will tell if this actually occurs, but my personal prediction is that it won’t.

Rebased is at odds with pleroma and vise versa. Akkoma is at odds with rebased and pleroma for even allowing alex on pleroma’s git. I’m not going to pick sides because it won’t help I just want it to end. This recent (as in the schism that has occurred within two years) is the reason I do not use pleroma much anymore. Development has stalled and I have been watching a decaying corpse decompose. If things continue the way they are pleroma, (who’s code is already difficult to maintain) will just die and no one will want to host an instance because it’s too much of a liability to the owner and users.

The only people that will feel safe hosting pleroma are either ignorant to the danger, don’t care, or are people with enough technical knowledge or time to fix their installs. Most people do not have the time or knowledge to do so they will just go to larger instances such as SPC and FSE etc who have established practices and protocols to fix their instances and the fediverse will just centralize in a similar way to how mastodon has.

The documentation for 100% securing your instance never fully exists because a lot of it is really out of the scope of hosting a fediverse instance an more into just web security in general.

It is not an exaggeration that this is actually the worst point in ActivityPub social network that I have witness and you all (on my instance) should be aware of it, as it directly affects your safety. When instances block us, it doesn’t really bother me because fediverse is big and there are always more instances. But when half the network is all vulnerable to the same exploit, and instance admins can’t deal with patches, and users don’t feel safe on them, then people will just stop using fediverse. Instances will just close shop, instances HAVE already closed shop. People really don’t care what the reason is or who is at fault, if a vulnerability can be mitigated they’ll just leave.

People make mistakes, and everyone should realize that. There really is only so much the devs can do, and there really is only so much instance admins can do as well. Paying me won’t change my mind if I determine pleroma is too vulnerable to host, the safety of the user is first and there really is only so much I can do. But if you really do like pleroma and want to see it succeed instead of regurgitating the same memes that have been around for years at this point, you should consider donating to which ever developer(s) you believe are trying to make pleroma and/or it’s forks safer/better for fediverse.

That’s really all I got folks sorry for the long and gloomy post, but I don’t wear rose-colored glasses.

Public

Notices

Feeds