HCSOThrowawayWhen did lemmy.world start clamping down on VPNs?
ozonedThat’s not usually how it works. Sites ban and block IP addresses. Someone going through your VPN caused such issues that Lemmy.world blocked the IP. The VPN is being used to abuse people. That’s not a VPN’s fault, but the nature of the beast.
I personally don’t think a VPN is even necessary with the Fediverse, as none of us are going to collect IP’s. But try changing the VPN’s location or trying a different VPN.
Staden_ スタデンNot sure about that last paragraph. How would an instance block an IP withouth storing IPs?
Yes, when you ban. You can see IP addresses coming through, but the fediverse folks aren’t leveraging your IP for any kind of advantage. No tracking for ads or things. So what security precautions are we taking for Fediverse servers? I peraonnaly do the feel the need, but I’m sure there at valid reasons to do it. But if it’s just tracking and ads, they don’t exist here really.
Honestly, if security is a main concern for anyone here, you should run your own. Anyone can run any of this. Follow what you want, then all connections to Lemmy.world come from your server you control that you connect to. I’m on piefed.social, but I’m planning on running my own eventually.
KraidenThe gamble of the fediverse is that you’re outside the realm of the blatantly bad actors like the Zucks and Muskerburgs, but you’re also off the edge of the map. No reason to believe that there be no dragons here. Anyone can run one, which includes bad actors. I wouldn’t be implicitly trusting that the hundreds of individual volunteers that keep the fediverse afloat all have good intentions. cough.ml serverscough
v_krishnaYour coughing might have caused you to not hear that those ml server folks literally wrote the software you are using…
asdfasdfasdfthe software is open source. we can verify it doesn’t do anything bad. the server is what you cannot trust.
How would an instance block an IP without storing IPs?
They could be blocking entire IP ranges. So they wouldn’t have to store specific IPs. I’m not in the hosting industry but I would imagine there are groups tracking the CIDR blocks (IP ranges) that VPN providers use for their exit nodes. If such a list exists, a host could simply subscribe to accept whatever updates occur to those lists and implement the block for them.
That’s not usually how it works.
It is apparently how it works for lemmy.world, as of at least this post from two years ago:
Content / Image posting restrictions (based on network) - Lemmy.World
Just wanted to keep everyone in the loop. If you encounter an issue where you cannot post or comment, but voting is functioning correctly, it is most likely because we have implemented a block for VPN & Tor users. If you are using these services, you can still take part in activities such as voting, reporting posts, and performing other passive actions on the site. We implemented this restriction because of users posting illegal content. See https://lemmy.world/post/11571711 [https://lemmy.world/post/11571711] While we value our users’ right to privacy, we also prioritize the protection of both ourselves and our users. We want to emphasize that we weigh the pros and cons of restrictions like these with the entire team. We do not take these actions lightly, and we hope everyone understands the reasoning behind it.
NOT_RICK
FrostyTrichsThe info has been on their sidebar for years now.
Content / Image posting restrictions (based on network) - Lemmy.World
Just wanted to keep everyone in the loop. If you encounter an issue where you cannot post or comment, but voting is functioning correctly, it is most likely because we have implemented a block for VPN & Tor users. If you are using these services, you can still take part in activities such as voting, reporting posts, and performing other passive actions on the site. We implemented this restriction because of users posting illegal content. See https://lemmy.world/post/11571711 [https://lemmy.world/post/11571711] While we value our users’ right to privacy, we also prioritize the protection of both ourselves and our users. We want to emphasize that we weigh the pros and cons of restrictions like these with the entire team. We do not take these actions lightly, and we hope everyone understands the reasoning behind it.
To those who didn’t click onward, the answer in that post is apparently 2 years (by implication of its post date)
Ironically it also invalidates the top comment in this thread claiming they aren’t concerned with VPNs, just specific VPN IPs that have been abused in the past.
Fireside FediIt says its due to people posting illegal content. Also, if you see this, I’m running a VPN and it worked. VPNs are just other people’s IP addresses that massive amounts of folks use. 1 bad apple ruins the lot.
Yes, that is what it claims.
NOT be able to […]
Spoiler: You are absolutely still able to :P
Dæmon S.@[email protected] @[email protected]
lemmy.world uses Cloudflare. I particularly don't use VPNs, but I see the CAPTCHA whenever I use mobile data (Brazilian mobile carriers) instead of my fiber optic internet to access lemmy.world (I access lemmy.world alongside other Lemmy instances, as a guest (without account) in order to read the threadiverse, as my Fediverse account is hosted by a Sharkey/Calckey instance).
The fact that lemmy.world uses Cloudflare seems to be the main reason why it's refusing your VPN. Cloudflare is particularly stubborn with VPNs. Doesn't seem to have anything to do with lemmy.world per se (although I'm aware the webmaster can configure things on Cloudflare, including the conditions to trigger the CAPTCHA).
lemmy.world uses Cloudflare. I particularly don't use VPNs, but I see the CAPTCHA whenever I use mobile data (Brazilian mobile carriers) instead of my fiber optic internet to access lemmy.world (I access lemmy.world alongside other Lemmy instances, as a guest (without account) in order to read the threadiverse, as my Fediverse account is hosted by a Sharkey/Calckey instance).
The fact that lemmy.world uses Cloudflare seems to be the main reason why it's refusing your VPN. Cloudflare is particularly stubborn with VPNs. Doesn't seem to have anything to do with lemmy.world per se (although I'm aware the webmaster can configure things on Cloudflare, including the conditions to trigger the CAPTCHA).
Turns out it’s not a Cloudflare issue, but a lemmy.world admin issue:
Content / Image posting restrictions (based on network) - Lemmy.World
Just wanted to keep everyone in the loop. If you encounter an issue where you cannot post or comment, but voting is functioning correctly, it is most likely because we have implemented a block for VPN & Tor users. If you are using these services, you can still take part in activities such as voting, reporting posts, and performing other passive actions on the site. We implemented this restriction because of users posting illegal content. See https://lemmy.world/post/11571711 [https://lemmy.world/post/11571711] While we value our users’ right to privacy, we also prioritize the protection of both ourselves and our users. We want to emphasize that we weigh the pros and cons of restrictions like these with the entire team. We do not take these actions lightly, and we hope everyone understands the reasoning behind it.
「黃家駒 Wong Ka Kui」 | (aka: 鳳凰院 凶真 Hououin Kyouma)idk man, sh.it just .works here 👀
(use another instance lmao)
talI dunno, but since the Threadiverse is federated, you can post on any community on lemmy.world (or elsewhere) that a federated instance can see by just creating an account on that instance.
I mean, there are plenty of public instances out there to choose from.
EDIT: If @[email protected] is correct that it’s some issue that CloudFlare is taking with the exit address on the VPN, you can check whether a given instance is using CloudFlare by running whois on its IP address.
For lemmy.today:
$ host lemmy.today lemmy.today has address 5.78.97.5 [snip] $ whois 5.78.97.5|grep -i ^netname netname: CLOUD-HILNot using CloudFlare.
for lemmy.world:
$ host lemmy.world lemmy.world has address 104.26.9.209 [snip] $ whois 104.26.9.209|grep -i ^netname NetName: CLOUDFLARENET $Using CloudFlare.
ain’t it typical, tho?
Not really an answer, but lassaiz-fair approach with VPN/Tor for a community like this is just a call for disaster.
Can’t have nice things. Can’t really complain either imo. Thats’s just how world is.