Everyone, Last night, this ANC Pleroma instance was attacked by a bot. The bot created countless accounts that it used to spam other instances. This caused some instances to block us. We are working on cleaning up the mess and rectifying the situation. Sorry to anyone who was affected by this.

@RickyMolnar@social.ancreport.com I watched and removed your block when you guys had it under control. There are other servers effected by this and they have a script to remove the offending accounts from your database

@graf@poa.st Thanks a lot. I would love to get my hands on that script. Unfortunately, the problem with our instance is that our server cannot currently send out emails. I've been asking our server guy to handle this for quite some time, but it seems that real life factors have gotten in the way of him solving that problem. Thus, our server cannot enable email confirmation at signup. Do you know anything about how to get that to work in Matrix?

@RickyMolnar@social.ancreport.com absolutely, I just set up a poast group email for myself and my admins the other day for all of our reports and etc. took me a couple hours to get everything the way we needed it before we deployed it. I will look for the person I saw talking about it earlier, but the admin of Shitposter.club got hit before you guys did, thats [email protected]

@RickyMolnar@social.ancreport.com [email protected] actually [email protected] can you help our friend with a way to easily delete 11k+ accounts?

@graf@poa.st [email protected] [email protected] This is why I love the fediverse. You guys are awesome.

@graf@poa.st @Moon@shitposter.club @RickyMolnar@social.ancreport.com 11k, wow. In this case, the bot didn't follow anyone, so you can do something like update users set deactivated = 't' where local = 't' and following_count = 0 and follower_count = 0 and inserted_at > '2021-03-27 16:36:22'::timestamp;

[email protected] [email protected] @RickyMolnar@social.ancreport.com looks like someone has been manually deleting the accounts but yeah they went from 256 users to 11387 because the attack went on for i think 4-5 hours in total

@graf@poa.st @Moon@shitposter.club @RickyMolnar@social.ancreport.com Brace for incoming, just had to wipe another 20 or so users.

@RickyMolnar@social.ancreport.com @graf@poa.st [email protected] [email protected] Some bots can also be forced to log out with the EICAR test file

[email protected] @graf@poa.st [email protected] Can you please elaborate on where this is to be run? Is this a script or terminal command?

@RickyMolnar@social.ancreport.com [email protected] [email protected] assuming you followed the installation instructions for pleroma from the website, in terminal you would run something like sudo -Hu pleroma psql when the terminal prompt changes you would use \c pleroma to connect to the pleroma database then run the command he gave you

[email protected] [email protected] @graf@poa.st That command worked perfectly. We might have a couple left over, but considering we started at 256 users before the attack it looks like we're good. I'll just go through and delete the deactivated users. Thanks a lot for your assistance.

@RickyMolnar@social.ancreport.com [email protected] [email protected] glad you got it sorted, thankful to have you guys around and if you have any other issues feel free to ping us. I followed you earlier too

[email protected] @graf@poa.st [email protected] @RickyMolnar@social.ancreport.com Isn't that risky to mess up with the db directly ? What I did when someone made 2000 accounts : Put the result of the following request into a file > SELECT nickname FROM users WHERE registration_reason="Nigger! People cant even get emailsNigger! People cant even get emailsNigger! People cant even get emailsNigger! People cant even get emailsNigger! People cant even get emailsNigger! People cant even " > for line in $(cat del.txt line); do /opt/pleroma/bin/pleroma_ctl user rm "$line"; done del.txt being the list of names I got from the request. I couldn't find any date when looking at the db but maybe I didn't look properly. Lucky they all had the same registration reason. Btw, how do you even enter a registration reason when making an account ? Also is there a way to prevent it, except closing registrations or having the admin to let them in ? I don't have any email setup.

@marielouise@sorcie.re [email protected] [email protected] @graf@poa.st I have no problem messing with databases directly. That's what the software does anyway and I'm smarter than the software! It looks like the real solution here is to set up email. I personally haven't delved into what makes it so difficult to do this on the servers we've been setting up and have delegated the investigation on this topic to one of my team members, but it looks like i'm going to have to get my hands dirty and figure it out myself.

@marielouise@sorcie.re [email protected] [email protected] @RickyMolnar@social.ancreport.com messing with the database directly isn't an issue if you are maintaining backups on a regular schedule. i dont mean the level that we do where its several backups a day, but at least a daily or weekly backup should be something you are doing so in the event something goes awry you can piece it together or fully restore your backup. I made a simple bash script that dumps the pleroma database several times daily, bzips it and stores it locally as well as offsite ``` #!/bin/bash # define backup locations backup_dir="/var/backups/databases/" nightly_dir="/var/backups/databases/latest/" # datastring to append to nightly backups backup_date=`date +%d-%m-%Y_%H:%M` # keep backups for X days number_of_days=15 databases=`psql -l -t | cut -d'|' -f1 | sed -e 's/ //g' -e '/^$/d'` for i in $databases; do if [ "$i" != "postgres" ] && [ "$i" != "template0" ] && [ "$i" != "template1" ] && [ "$i" != "template_postgis" ]; then echo Dumping $i to $backup_dir$i\_$backup_date.sql pg_dump -d $i --format=custom -f $backup_dir$i\_$backup_date.sql echo Dump of $i successful, bzipping bzip2 $backup_dir$i\_$backup_date.sql ln -fs $backup_dir$i\_$backup_date.sql.bz2 $nightly_dir$i-nightly.sql.bz2 rsync -avz -e 'ssh -p xx' $backup_dir$i\_$backup_date.sql.bz2 pleromaxx.xx.xx.xx:/home/pleroma/database fi done find $backup_dir -type f -prune -mtime +$number_of_days -exec rm -f {} \; ```

@RickyMolnar@social.ancreport.com @marielouise@sorcie.re [email protected] [email protected] you can set it up easily for 20$ yearly. We use ethernetservers for our mailhost VPS and they were pleasant and unblocked the ports we needed for mail to be sent fairly quickly. https://www.ethernetservers.com/clients/cart.php?a=add&pid=143 you can use mailinabox.email to automatically configure it for you and just take the entries from the DNS section of the admin page and put them in the DNS settings at your registrar and you should be gucci

RickyMolnar Moon marielouise @p@poa.st alternatively you could set it up to use sendmail if your machine has a PTR record (reverse DNS on the IP you are hosting pleroma on) so it doesnt end up in spam boxes or there is also the gmail option, you could probably easily get the gmail api for an account if you wanted to go that route

@iamtakingiteasy@pleroma.eientei.org [email protected] @RickyMolnar@social.ancreport.com @marielouise@sorcie.re [email protected] absolutely and for the layman, mailinabox does guide you to do that for the most part (this is one of the reasons I told you to copy the DNS panel of mailinabox, all of those records you need to add are present)

@graf@poa.st @iamtakingiteasy@pleroma.eientei.org [email protected] @RickyMolnar@social.ancreport.com [email protected] Nice I'll take a look at all that, thanks

@marielouise@sorcie.re [email protected] @RickyMolnar@social.ancreport.com @iamtakingiteasy@pleroma.eientei.org [email protected] if you need help shoot me a message, if im not too hungover ill try my best to help

@p@freespeechextremist.com @Moon@shitposter.club @RickyMolnar@social.ancreport.com @graf@poa.st does this mean that captchas have basically become useless?

@yellowbeard@queenlainsrevenge.xyz @Moon@shitposter.club @RickyMolnar@social.ancreport.com @graf@poa.st I haven't done captchas yet, I am going to test that MRF.

@p@freespeechextremist.com @Moon@shitposter.club @RickyMolnar@social.ancreport.com @graf@poa.st Oh, I figured almost everyone would have that on, at least for signups. The biggest challenge to free speech absolutism isn't "hate speech", vulgarity, or even direct threats. It's fucking spam.