The funny thing is that the Lemmy nodes are synchronized with each other, and to calculate the real address of any Federation node, it is enough to raise a node, write a comment in the interested node, and then reply to yourself from that node. Done. Real IP in you node logs. However, everyone continues to use Cloudflare… This will only protect you from technically illiterate people.
And all this is done with a single entry in hosts after receiving the real address. After all, knowing the real address, the bot doesn’t have to go through cloudflare. The only good argument is caching, and it can be implemented independently. I find it strange to give all the traffic, including authorization, to cloudflare decrypt for the sake of caching.
Yeah, but I imagine federation between instances will be all messed up. Like if .world is not reachable, then federation between world and whatever other instance you use will get out of sync. But I’m not a server admin so I’m just guessing
Only until they come back online and resync. I don’t know the guts of the process, so I don’t know what pitfalls there may be, but I’m pretty sure it’s designed to handle temporary outages without requiring intervention.
Quite a few lemmy instances became inaccessible, including piefed.world.
Someone shared this with me earlier
Nice barcode generator
lemmy.filthyfilthy.one? oh wait
The funny thing is that the Lemmy nodes are synchronized with each other, and to calculate the real address of any Federation node, it is enough to raise a node, write a comment in the interested node, and then reply to yourself from that node. Done. Real IP in you node logs. However, everyone continues to use Cloudflare… This will only protect you from technically illiterate people.
The point of cloudflare isn’t just to hide your real IP. It’s the caching, bot scrape protection, etc.
And all this is done with a single entry in hosts after receiving the real address. After all, knowing the real address, the bot doesn’t have to go through cloudflare. The only good argument is caching, and it can be implemented independently. I find it strange to give all the traffic, including authorization, to cloudflare decrypt for the sake of caching.
You can simply configure your server to reject non-cloudflare traffic, as you’re supposed to if you’re doing it properly.
deleted by creator
and I don’t understand why you think CloudFlare keeps your traffic so secret. After all, if you don’t pay for the service, you’re the product.
Heh. You can just put a header that nginx routes to. For example:
curl -H “Host: lemmy.ml” https://1.1.1.1/
P.S. The address is not real. It’s just an example.
Yeah I realized that and deleted the comment before you replied
And an ai slop trainer blocker, which is a fucking godsend.
Yeah. I’m going to figure out another solution but this is a big one.
If you are technically capable, Anubis is an option.
Yeah that’s what I’m looking at for my instance.
Plus side of being federated is it’s easy to just switch to one of your alts on another instance and still be able to use it.
Yeah, but I imagine federation between instances will be all messed up. Like if .world is not reachable, then federation between world and whatever other instance you use will get out of sync. But I’m not a server admin so I’m just guessing
Only until they come back online and resync. I don’t know the guts of the process, so I don’t know what pitfalls there may be, but I’m pretty sure it’s designed to handle temporary outages without requiring intervention.