dormi.zone Meta
> ## What is Lemmy? > > Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top. > > ## Major Changes > > This version brings major optimizations to the database queries, which significantly reduces CPU usage. There is also a change to the way federation activities are stored, which reduces database size by around 80%. Special thanks to @phiresky for their work on DB optimizations. > > The federation code now includes a check for dead instances which is used when sending activities. This helps to reduce the amount of outgoing POST requests, and also reduce server load. > > In terms of security, Lemmy now performs HTML sanitization on all messages which are submitted through the API or received via federation. Together with the tightened content-security-policy from 0.18.2, cross-site scripting attacks are now much more difficult. > > Other than that, there are numerous bug fixes and minor enhancements. > > ## Support development > > @dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations. > > If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider [donating to support its development](https://join-lemmy.org/donate). No one likes recurring donations, but they’ve proven to be the only way that open-source software like Lemmy can stay independent and alive. > > - [Liberapay](https://liberapay.com/Lemmy) (preferred option) > - [Open Collective](https://opencollective.com/lemmy) > - [Patreon](https://www.patreon.com/dessalines) > - [Cryptocurrency](https://join-lemmy.org/donate) (scroll to bottom of page) > > ## Upgrade instructions > > Follow the upgrade instructions for [ansible](https://github.com/LemmyNet/lemmy-ansible#upgrading) or [docker](https://join-lemmy.org/docs/en/administration/install_docker.html#updating). There are no config or API changes with this release. > > This upgrade takes ~5 minutes for the database migrations to complete. > > You _may_ need to run `sudo chown 1000:1000 lemmy.hjson` if you have any permissions errors. > > If you need help with the upgrade, you can ask in our [support forum](https://lemmy.ml/c/lemmy_support) or on the [Matrix Chat](https://matrix.to/#/#lemmy-admin-support-topics:discuss.online). >
Hi Tenno ^and^ ^Envoys^! Earlier today (or yesterday, I guess), I took parts of dormi.zone down for about 2 hours to assess and migitate possible damages caused by a security vulnerability in lemmy-ui (the part of Lemmy you see in your browser), see here: https://dormi.zone/post/98161 (You probably had to log in again, that's normal) The good news is: We were never vulnerable! The bad news: Some of you might have been a bit lost during those 2 hours. If you were using a third-party app such as Jerboa or Liftoff, you could continue accessing dormi.zone as usual. Same if you were a user from another instance. But if you were registered on dormi.zone, you'd run into a 502 error and have no idea what's going on. Now that I'm back from work, I've taken some steps to ensure you'll be properly informed next time: - [dormi.zone is now on Mastodon!](https://mastodon.social/@dormizone) I'll be using this account to keep you informed about outages and planned maintenance. - When the dormi.zone frontend is down, instead of getting a 502 Bad Gateway error that doesn't tell you anything, the site will direct you to this Mastodon account for status updates.
**UPDATE:** Thanks to the analysis of other instance admins, it has been determined that instances without custom emojis (which includes dormi.zone) should be safe. As such, dormi.zone is now available on the web again. Expect another pinned post later today. Below you'll find the original post. --- Hello everyone, There is currently a security vulnerability being exploited across Lemmy. Comments and other content on an instance containing custom emojis may steal your login session, see here: https://lemmy.ml/post/1895271 Due to this I have decided to partially take down dormi.zone. Since the exploit takes place on the web UI of Lemmy, dormi.zone will be unavailable for the time being when visiting through https://dormi.zone/. Remote users will continue to be able to interact with dormi.zone communities as normal. Users registered on dormi.zone may continue to access it using a third-party app such as Jerboa or Liftoff. This instruction will be unavailable to anyone who isn't already using one. I'm aware that it's counterintuitive and I'm sorry. If I wasn't currently at work, I would have set up a proper status page when visiting dormi.zone. I'll make sure it's there the next time it's needed. Expect to see a follow-up post where I share the assessed damages and next steps.
geteilt von: https://lemmy.ml/post/1895271 > FYI!!! In case you start getting re-directed to porn sites. > > Maybe the admin got hacked? > > --------- > > edit: **lemmy.blahaj.zone** has also been hacked. **beehaw.org** is also down, possibly intentionally by their admins until the issue is fixed. > > Post discussing the point of vulnerability: https://lemmy.ml/post/1896249 > > Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895
Hi everyone, the Lemmy version of dormi.zone has been updated to 0.18.1. This brings several changes, including: - Two-Factor-Authentication - Custom Emojis (stay tuned!) - Ability to install dormi.zone as a [Progressive Web App](https://developer.mozilla.org/en-US/docs/Web/Progressive_web_apps/Guides/Installing#installing_and_uninstalling_pwas) - Better error pages - different URL structures (check your dormi.zone browser bookmarks if you have any) - Share button on posts - performance improvements **If you notice double banners or any other theme weirdness, make sure to hard refresh dormi.zone in your browser (press CTRL+F5)!**
Jerboa complains that we are not running 0.18 yet.
While it's not developed by DE, it is published and supported by them, so I expect a lot of Tenno will have their eyes on it. I know from the beta I met a lot of other Warframe players.
Would it be a good idea to import all posts from /r/warframe into dormi.zone? (maybe using the linked scripts) There is lots of useful information in old reddit posts and they are pretty consistently among the top google results for various Warframe-related searches
dormi.zone Meta
!meta@dormi.zonedormi.zone community for discussion about the dormi.zone instance.
Got a question for the /c/meta mods? Send a message!
Strike System
We use a 3 strike system. Strikes are given for breaking the Golden Rule, Excessive Trolling Rule, repeated failure to credit artwork, or for continued spam after a warning. Upon the third strike, the offending user is banned from accessing dormi.zone.
Extreme offenses, including but not limited to wishing death on another user or extreme bigotry will result in an instant permanent ban from dormi.zone.
Rules on dormi.zone
The following rules apply to users registered on dormi.zone, as well as users from instances federated with dormi.zone who interact with our users and communities.
Posts, Comments & Private Messages
These rules apply to posts and comments within dormi.zone communities, as well as private messages that include users registered on dormi.zone.
Golden Rule
Do not be rude, condescending, hateful, or discriminatory.
Excessive Trolling Rule
Do not intentionally mislead or antagonize others or act contrarian.
Prohibited Content
Do not post any of the following:
- pornographic content.
- sexual or suggestive content involving minors or individuals appearing as such.
- content that encourages or incites (real-life) violence.
- content that conducts or encourages threats, harassment or bullying
- another person's personal or confidential information
- content that impersonates another person in a misleading or deceptive manner
Violating this rule will result in an instant ban from dormi.zone.
Ban Evasion Rule
Do not create an account to evade punishment or avoid restrictions.
Posts & Comments
These rules apply to posts and comments within dormi.zone communities.
Accusation Rule
You may only accuse another person's or organization's integrity, business practices, etc. if you have sufficient evidence.
Begging Rule
Do not beg for in-game items.
Link Obfuscation Rule
Do not obfuscate links using link shorteners like bit.ly.
Naming Rule
You must obscure other person's names or usernames in your posts and comments.
Real World Controversy
Do not introduce politics or other real-world controvery in your posts and comments.
Spoiler Formatting
When the sidebar of a community states that "Spoiler Formatting" is being enforced, the following rules apply for posts that involve lore/story spoilers:
- You must begin the title of your spoiler post with "[Spoiler]" and not include the actual spoiler in the title.
- Comments containing spoilers outside of spoiler posts must be formatted as a spoiler block, see here.
Posts only
These rules apply only to posts within dormi.zone communities.
Context Rule
Posts with vague or no context or with little-to-no information are removed.
Expired Event Rule
Event posts are removed after the event (alert, invasion, etc.) is over.
Fluff Post Quality Rule
Meme posts must be 100% (or very close to it) Warframe content, even if it's modelled after an existing meme template.
Help Desk Rule
Posts that involve issues with your Warframe account are removed and referred to the official Warframe support desk.
Relevance Rule
Posts that are not directly related to the community they're posted in are removed. A clever title or text placed over an image are not enough.
Creative Content Rule
You must limit posts of your own creative content (Captura,art, videos, etc.) to twice a calendar week, starting on Sunday, with at least 24 hours in between.
Trading Rule
Posts that offer trades or exchanges of any kind are removed.
Recruitment Rule
Squad recruitment posts are removed and redirected to the pinned Squad Recruitment post.