Hmm, afaik other than some generated small thumbnails no remotely sourced images are stored on your server when you turn off the proxy. At least in theory, but the entire Pictrs integration in Lemmy is such a mess with random unexpected behavior that at this point I am hesitant to claim that no remote images ever get stored (there seem to be alternative code paths for specific image hosts like Imgur and crap like that).
Comment on What's the factor when you're planning to self-hosted a instance?
scrubbles@poptalk.scrubbles.tech 3 weeks agoIt’s halfway between us. Without proxying images are pushed into my server and I end up hosting them indefinitely, requiring me to manually review and remove something if it’s removed on another server. (Moderation actions like that from what I understand are still not federated, although maybe that has changed in one of the last updates).
The proxy feature is a privacy feature, but for us admins it also works from a liability standpoint. If proxying is set to ProxyAllImages, it will send the image URL down to pict-rs. From there, pictr’s will cache the image based on time that you set. So yes, it’s stored temporarily in Pict-rs for quick retrieval, but then I time out after a day also, so if something was banned I hosted it for max a day before it was purged. It removes me manually needing to manually trace back to events that happened a month ago and wiping it from my S3. If my S3 was searched you’d find images from today, and a bunch of images of Taylor Swift.
poVoq@slrpnk.net 3 weeks ago
scrubbles@poptalk.scrubbles.tech 3 weeks ago
I read the source code, the proxy essentially just hands all the responsibility down to pict-rs. Then pictrs has that environment variable where you can set how long-loved you want the thumbnail to be.
Shadow@lemmy.ca 3 weeks ago
We dont proxy on lemmy.ca yet, but I assumed thumbnails would still be stored in pictrs like usual? I thought it was just the actual image links that got proxied, and thumbnails were still dumped in like usual.
We turned on cloudflare’s CSAM scanner and remove anything it flags for us.
scrubbles@poptalk.scrubbles.tech 3 weeks ago
They are but there’s an environment vatiable to set how long it stays in cache. Cloudflare actually just ended their csam auto submission, at least the auto reporting. Does it still at least flag it?
Shadow@lemmy.ca 3 weeks ago
Yeah it emails us and pops up a thing in the ui where we can mark it as resolved
scrubbles@poptalk.scrubbles.tech 3 weeks ago
oh that’s good to hear, I’ve never had anything pop up on mine, I’m sorry something has for yours. While I have you, do you have a script or anything you use for removing the flagged item?