Lenalia! @Lenalia@computerfairi.es
- Pronouns
- she/her
- Age
- Sadly, yes :(
- I'm a robot!
- beep boop
Grey-ace trans woman beep-boop who likes kitties, cute dragons, and spherical objects.
Interacting with my - posts is OK.
(To be replaced with a better bio later XD)
In lesbeepans with @DarkWitchClaire 💖
Joined Jan 2020
Lenalia!
boosted
hardening mastodon against scraping
fellow masto instance admins of the fediverse:
by default, mastodon is leaky as fuck and there are a bunch of ways that data can be scraped and indexed from a mastodon instance
there are a few steps you can take to harden your instance against this; since there's an ongoing harassment campaign against trans masto users, now is a good time to review this
the following is not exhaustive, but it's a good start
1. Enable 'Secure Mode' on your instance. Without secure mode turned on, any of the activitypub endpoints of your instance can be scraped without http authentication -- this includes user profiles and users' public posts. This makes it ***absolutely trivial*** for a scripter to scrape all of the profiles of your instance denizens and look for keywords.
From the mastodon docs: 'When secure mode is enabled, all GET requests require HTTP signatures as well.'
It's insane to me that this isn't enabled by default. To enable it, see the 'AUTHORIZED_FETCH' parameter here: https://docs.joinmastodon.org/admin/config/#basic
This makes it more complicated to scrape, since scraping traffic now has to come from an instance that uses http signatures, and not just from some random asshole's computer.
2. Toggle some config options in preferences => administration => site settings. Here you can turn off the profile directory, disallow unauthenticated access to public pages, etc. See the screenshot below this post for the settings I use. You can make up your own mind about how strict you want to be here, but I think turning off the profile directory and the public timeline is a great idea.
3. Recommend your users disable DMs from people they don't follow. This is under preferences => notifications.
Any stuff I've missed, stuff you'd like to add, feel free to reply to this post.
Thanks for reading!
Ooh, just found out that the homebrew thing I'm using to play GameCube games on my Wii U emulates the broadband adapter, so I can play the lost card battling installment of Phantasy Star Online :o
Lenalia!
boosted
there are a surprising amount of triple triad NPCs who are just "guy who doesn't want to do his badguy job"
Lenalia!
boosted
excuse me did urianger fucking teach the fae folk to play magic the gathering
Twitch casual stream
Finishing this game up if anyone's still awake! XD
Twitch casual stream
Australia was one of the 2 winners of my recent poll, so what game have we got from Australia? Well, one about unpacking boxes! Join me as I play Unpacking, and find out what our possessions can tell us about who we are.
Lenalia!
boosted
people need to relearn every once in a while that your spiritual practices need to be important to you using means and ideas that resonate with you. you pick up and keep what helps you and toss the rest. its not about a set practice of rituals you must adhere to OR else. do you want christians? thats how you get christians.
Lenalia!
boosted
we're at the point in the pandemic when all the mystics have become jaded with their own tarot decks and people have decided that feral divination with fridge magnets, screaming, rotting leaves, and taco bell hot sauce packets are the way forward
Lenalia!
boosted
how people talked about self-harm in the mid-late 2000s
remember when it was trendy to say that people self-harmed for attention and you had to explain to the world's most callous bitches that 1) everyone you knew who self-harmed was hiding it 2) if someone legitimately was self-harming for attention, they clearly need attention, and more than attention. attention is the absolute least you could give them
Lenalia!
boosted
Embarrassing! Turns Out Workplace Dress Code "Yeah man, just whatever" Does Not Include Fursuits!
Mastodon UI question
(I guess the real answer is "these are for server admins, not regular users", but I want to protect myself on top of that, especially since I saw this instance federating with at least one "why the fuck are we federated with them?" obvious bad instance a few months ago, under the old admin. :/ )
Mastodon UI question
I'm just trying to figure out what people can actually do with the fediblock posts to protect themselves, tbh
I guess I can export my domain blocklist, add domains to it, and reimport it, but... seems like there should be a better way?
Mastodon UI question
Okay, seriously, is there a way to block a domain on mastodon without interacting with a post from that domain? Like, a space where I can type in domains to block? Where the crap is it?
Lenalia!
boosted
doing my part to ruin the economy by not having a job twice
Lenalia!
boosted
@Lenalia The final tally across all platforms is:
Australia: 5
China: 5
India: 3
Indonesia: 2
That country all the cute girls are from (🏳️⚧️): 2
Not sure how I’ll break the tie yet. ^^;
Lenalia!
boosted
don't report "doesn't work in brave" bugs. not working in brave is a feature
Lenalia!
boosted
*goes back to an open tab* oh yeah that is what I was doing
*glances at terminal* oh yeah that is what I was doing (different thing)
*changes to a different virtual desktop* oh yeah that is wh
Lenalia!
boosted
Weird thoughts today about what qualifies as a "Zine" in 2021 and is you could do something neat with just the idea of a periodical website like a blog except you draft each post's HTML by hand and follow no structure guidelines for each post.
- Pronouns
- she/her
- Age
- Sadly, yes :(
- I'm a robot!
- beep boop
Grey-ace trans woman beep-boop who likes kitties, cute dragons, and spherical objects.
Interacting with my - posts is OK.
(To be replaced with a better bio later XD)
In lesbeepans with @DarkWitchClaire 💖
Joined Jan 2020
