Our server went down last night, after we received some messages from our provider that someone had uploaded illegal pornographic photos.

They stated that they had contacted us before ( they didn’t ) which would give us opportunity to remove them before the site going down.

The user and community where these pictures were located, we’d banned about a month ago, and it wouldn’t be possible to view them from lemmy itself, but we have yet to code purging dangling pictrs images automatically with user and community deletion, obviously now a priority for us.

We were able to trace things down and delete them, and bring the site up this morning.

Again sry for the site being down. If you find any pornographic materials on lemmy ( against our site rules ), let us know so we can remove them ASAP and keep lemmy running.

  • Anachron
    link
    fedilink
    arrow-up
    16
    ·
    4 years ago

    Wow, this sucks!

    I hate when people use good faith projects and do bad stuff with them.

    Also quite surprised on how bad the current hosting provider handled the situation.

    It just looks like “I dont care what reputation I’ll get, as long as I have fixed the issue that was put onto me”.

    No worries,- lemmy is just in its beginnings and I already like it better than reddit (ok, thats not too hard, to be fair).

    • Helix
      link
      fedilink
      arrow-up
      7
      ·
      3 years ago

      The current hosting provider is ovh.com, fwiw. They’re one of the largest hosters in Europe.

      • Anachron
        link
        fedilink
        arrow-up
        2
        ·
        3 years ago

        Feels like they’re on fire lately with their issues.

    • AgreeableLandscape
      link
      fedilink
      arrow-up
      18
      ·
      edit-2
      3 years ago

      The report button is being worked on. In the meantime, please send a PM to one of the admins listed on the homepage sidebar, if it’s urgent, message all of us. Or for less serious issues like spam, mention one of us in a comment to the offending post.

      • sirsquid
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        Nice to know a report feature is being worked on. Will this be something were many reports cause something to be hidden until an admin/mod can look at it? Might be a good idea.

        Sounds like you need a better host too. Who are you with right now?

    • joojmachine
      link
      fedilink
      arrow-up
      11
      ·
      4 years ago

      this, people had to create an entire community just to report scams some users tried a couple of weeks back, a report feature is definitely needed

    • DessalinesOPMA
      link
      fedilink
      arrow-up
      6
      ·
      4 years ago

      Reporting is somewhat done on the back end, but adding reporting to the front end is a bigger issue down the road.

    • DessalinesOPMA
      link
      fedilink
      arrow-up
      4
      ·
      4 years ago

      Hrm… I’ll see if I can see what’s wrong there.

            • AgreeableLandscape
              link
              fedilink
              arrow-up
              1
              ·
              edit-2
              3 years ago

              Probably your end. Lemmy doesn’t have the ability to block thumbnails from sites or users. My guess is that the source site isn’t allowing other sites to fetch their images.

                • AgreeableLandscape
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  3 years ago

                  Are you using a third party app? I can’t think of any reason that’s happening so it is actually really weird.

  • lemmysmash
    link
    fedilink
    arrow-up
    1
    ·
    3 years ago

    I’m about to host a lemmy instance and I’m worried about such incidents.

    we have yet to code purging dangling pictrs

    Would you please explain what are dangling pics and how to delete them?

  • lavidaloca
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    3 years ago

    Just wanted to point out that Cloudflare has a CSAM feature that you can voluntarily turn on. It will search and automatically flag any child abuse content it finds and let you know in a timely way, so you can take care of it early. Also, it blocks anyone from accessing it of course.

    Figured since everything here is publicly readable anyways, the data privacy part won’t be as much of a concern.

    • pinknoise
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      3 years ago

      Please don’t mitm lemmy with cloudflare if possible! They wouldn’t only be able to see public stuff but also anyone’s browsing behaviour and passwords. Also they could inject malicious javascript and (non-javascript) csrf exploits.

      • lavidaloca
        link
        fedilink
        arrow-up
        1
        ·
        3 years ago

        All fair points! I figured in the larger scheme of things that any data Cloudflare receives will not be of much use to them considering how large they are and how much they handle. And the tradeoff would be exposing some data to Cloudflare, but also a much better fighting chance at tracking down and removing such material. If there is a way to make that work I think it is at least worth looking into because of the benefits.

        • pinknoise
          link
          fedilink
          arrow-up
          1
          ·
          3 years ago

          any data Cloudflare receives will not be of much use to them

          It likely won’t, but they operate under a jurisdiction that doesn’t accept the souvereignty of other states and actively engages in espionage and acts of terrorism online.

          the tradeoff would be exposing some data to Cloudflare

          This would expose all lemmy data to cloudflare and allow them to alter it! Also they can link lemmy users to other sites and they hinder users that need to use anonymity networks.

          Lemmy desperately needs a better moderation concept to fight illegal (and spammy) content, but using a service that endangers users can’t be a solution to any problem.