My experience from when my backend server died, and Lemmy instances were getting a 502 response to ActivityPub POST activity, they eventually stopped sending anything. They kept trying to GET stuff though (user account details, nodeinfo responses), and lemmy.ml has never stopped POSTing, even though I configured nginx to always respond 403 to anything from them for about a year now.
Comment on Lots of dead Lemmy/Kbin domains have CNAME records pointing to a domain parking company
slazer2au@lemmy.world 3 months ago
Isn’t there a mechanism for this? If the receiving instance doest respond the sending instance marks it as dead.
andrew_s@piefed.social 3 months ago
pcouy@lemmy.pierre-couy.fr 3 months ago
never stopped POSTing, even though I configured nginx to always respond 403 to anything from them for about a year now.
Lol, there are definitely some stubborn stuff out there. I’ve been serving 418 to a bunch of SEO crawlers - with fail2ban configured to drop all packets from their IPs/CIDR ranges after some attemps - for a few months now. They keep coming at the same rate as soon as they get unbanned. I guess they keep sending requests into the void for the whole ban duration.
Using the 418 for undesirable requests instead of a more common status code (such as 403) lets me easily filter these blocks in fail2ban, which can help weed out a lot of noise in server logs.
rammer@sopuli.xyz 3 months ago
That’s a really good idea. I’ll have to remember that.
pcouy@lemmy.pierre-couy.fr 3 months ago
I think they do get marked as dead after the Bodis subdomain does not act as a Lemmy instance. But I was wondering if a large number of instances “waking up from the dead” and acting maliciously could cause some trouble. Or would such “undead” instances pose no more threat to the fediverse than the same number of newly created malicious instances ? I’m mainly thinking about stuff like being in a privileged position to DoS most instances at once, or impersonation of accounts that used to actually exist on these “undead” instances
otter@lemmy.ca 3 months ago
From what I can tell, an instance is either ‘linked’ (federated) or ‘blocked’ (defederated) on Lemmy. Mastodon has some more granularity. If an instance came back as a zombie, it wouldn’t be any more powerful privilege wise than a new instance that is malicious. It would get defederated same as always.
What could be a problem is on the individual user level. Say that a lot of users sort their feed by subscribed. They are not affected by random instances coming and going. However, they will be affected if a bunch of their (dead) subscribed communities suddenly become malicious.
It’s an important point for sure.
Your sensitive data and logins are tied to email addresses, which are tied to domains. Lose your domain, someone can access everything.
pcouy@lemmy.pierre-couy.fr 3 months ago
I recently stumbled upon an article showing how bad this can be when the expiring domains are used for important stuff