Just wanted to keep everyone in the loop. If you encounter an issue where you cannot post or comment, but voting is functioning correctly, it is most likely because we have implemented a block for VPN & Tor users. If you are using these services, you can still take part in activities such as voting, reporting posts, and performing other passive actions on the site. We implemented this restriction because of users posting illegal content.
See https://lemmy.world/post/11571711
While we value our users’ right to privacy, we also prioritize the protection of both ourselves and our users. We want to emphasize that we weigh the pros and cons of restrictions like these with the entire team. We do not take these actions lightly, and we hope everyone understands the reasoning behind it.
I hope there’s a useful error message, that could be very annoying to troubleshoot.
We did include a meaningful response body to help.
I image with how techy and fos lemmy tends to be, I’m sure there’s a ton of people using VPNs, so a lot of people will probably run into that issue.
It’ll come up in a curl or httpie request. All our WAF errors have meaningful returns, I make sure of it ❤️
I know I’m late to the party here, but sadly there is nothing obvious if you are on a desktop browser. The only feedback you get is an endless spinning gear.
I just found this post from a search and I’m sad I can’t connect with a VPN. :(
Ah, yeah, I wish there was a better way to let clients and browsers know. I’ll add a note to the sidebar at least.
What do you mean when you say a “response body”? What is it ? Does it show anywhere in a browser ?
That’s a bummer that CSAM is still being posted. I get that y’all need to stop the people posting it immediately, and I agree with whatever you need to do to make that happen. However, I hope you can find a solution later down the road that allows VPN users to continue fully interacting with the site.
Indeed. I don’t use the Internet at all without a VPN connected. These days you can’t possibly be blocking people for that reason. There are other ways to find child porn or whatever. Like calling the authorities.
Since lemmy.world is on cloudflare, a worker function could disallow images in comments (or POST to any of the routes that create content) from those IP ranges. I assume the driver here is CSAM and other problematic imagery.
We’ve looked into worker functions before for other things like routing on the edge (neat stuff). We’re all DevOps folks, and love to get feedback from the community ❤️
The issue is even folks linking to images unfortunately. Yeah, it’s mostly CSAM related, but also prevents other types of abuse as well.
I appreciate everyone being understanding, all of us try hard to keep everyone on LW (and folks we federate with) safe.
Yeah, my main thought was if the body contains any kind of URI/url from those IP sources, you could drop it as you are now. Or possibly just
![
. And obviously any post with a url field. Not sure where you collaborate (Lemmy matrix maybe?) but I wouldn’t mind throwing together a POC if it would be considered. I don’t even use Lemmy on VPN but I’m definitely interested in helping the community.You can message me on Matrix, it’s in my bio.
Please work on this it would be very useful!
All my devices and networks are constantly on VPN, it’s just basic obscurity, and it’s such a hassle posting on Lemmy now - my activity is probably down 90%.
Could you please consider allowing basic text posts and / or comments from behind a VPN? You could even disallow all markdown - that’s a decent trade off for my sake.
But please don’t just block all VPN usage if there are options you have not explored yet.
That was my assumption as well. Sucks that measures like this are required but understandable all the same.
How detailed is .world’s IP logging? I’m sure many privacy-minded users think that’s important to know before disabling their VPNs.
Additionally, would it be possible to allow posts/comments that don’t have any links or images? Or does even that introduce too much risk?
I realise that as individuals without the huge resources of a business your options are limited. I also have a lot of sympathy with the admins and mods being exposed to that shit. I don’t know what the answer is but I don’t think blanket silencing all users who care about their privacy is a solution.
The concern is valid but “You can’t post from behind a VPN” and “I’m being silenced” are two very different things.
Opera browser (with data saving on) is now blocked since your (this one) change.
P.S. : this post should be pinned to the entire site (not only to this community).
Does that enable Operas built in proxy service?
Does that enable Operas built in proxy service?
Yes, that what Opera Data Saver does.
So that is probably why it is blocked. That was a guess on my part. I looked at Opera once and did not like where it connected.
That was a few years ago on a clean device.
test
Understandable. Hopefully that can be removed via some reputation level based checks in the future.
It is so annoying that lemmy.world politics community is not about world politics. Either make it not only-US or rename it to US politics.
That’s such a lazy and irresponsible stance to take. If I get blocked from commenting because I value my privacy, it’ll be goodbye lemmy.world.
I’m sure the admins will have a real hard time choosing between the risks of hosting CSAM and the disgrace of not pleasing your entitled ass.
What privacy? You’re in the fediverse bud. There’s no privacy here. And nobody could care less about your IP address.
Byyye! ❤️
because I value my privacy
What makes you think you’re more private browsing Lemmy via a VPN? You’re aware you made an account and are logged in, right?
Oh no ! Anyway