Spyke
Pikareply
lemmy.world

According to the support Community this was fixed about an hour and a half ago, but I continued to have issues I had to manually log out again and log back in to fix it

14
wpuckeringreply
lm.williampuckering.com

I guess they don't really know what they're doing and are learning how load balancing works on the fly, and thinking that'll result in HA without side-effects without further work.

EDIT: Don't really get why this was downvoted. With the proper technical knowledge it's clear to anybody that two instances with different JWT secrets behind a load balancer is going to cause this very issue. So the fact that they set it up that way means they have a knowledge gap ("they don't really know what they're doing"). At the very least they should enable sticky sessions on the load balancer if they insist on going this route, which would mitigate the issue (but depending on client-side configuration would not necessarily prevent it completely).

Don't take this as an insult towards the admins of the instance, I'm just pointing out there's a lack of knowledge, and some trial-and-error going on.

-14
Jcb2016reply
sh.itjust.works

Lemmy.world when I tried to post kept saying not logged in. Created an account on sh.it just.works

e: This instance hardly has anything

3
Madbrad200reply
sh.itjust.works

You can access all your lemmy.world communities from sh.itjust.works, it doesn't really matter if it has much locally.

Only issue is it's hot feed seems bugged

1
fubo
lemmy.world

Server-side authentication bug; maybe fallout from the recent attack? I'd expect instability for the next day or so as auth & related problems shake out.

14
fuboreply
lemmy.world

https://lemmy.world/post/1290412

Summary: Attacker found a way to inject JavaScript into the sidebar, letting them steal auth tokens ("JWTs"), including from an admin account. They then used the stolen admin access to vandalize the site. At one point, the attacker used the stolen admin account to falsely announce that the attack had been remediated. Later that day, the attack actually was remediated by the site owner (Ruud) and the vulnerability was patched in the Lemmy code.

3
fuboreply
lemmy.world

Production services are actually fuckin' goddamn difficult, and I add another swear to this comment for every time I have to try reposting it.

21
Laxariareply
lemmy.world

Yep lemmy.world is live (stress) testing in production. It has its benefits, like when a set of patches were committed to vastly improve performance that was a big problem on a huge instance like lemmy.world but not on the smaller ones, and its downsides with all the random issues that pop up which happen when testing live in production.

12
puppyreply
lemmy.world

Lemmy has been improved at light speed over the last couple of weeks. When I joined around 3 weeks ago everything felt prototype-like. But now lemmy.world back-end with Voyager front-end feels almost like Apollo quality. At this rate, it definitely will, in another couple of weeks.

6
Gormadt
lemmy.blahaj.zone

Different instances have different levels of stability

Blahaj has been pretty stable for me except during the recent attack

Beehaw has been kinda meh on stability

Lemmy.ml has been pretty stable when I've used it

Jerboa (the app I use to browse) has been hit or miss at times, but has been really stable since instances moved to 0.18.

10
Silverserenreply
kbin.social

Kbin has had no issues for me and hasn't been attacked yet (or if it has been, dev Ernest apparently fought them off, probably barehanded too).

8
ඞmirreply
lemmy.ml

Lemmy.ml was overloaded half of the evenings before lemmy.world found the causes of performance issues (now solved in 0.18.1)

4
xkforce
lemmy.world

Getting logged out randomly and having to submit comments multiple times for them to post sure is fun. /s

4
gusVLZ
lemmy.world

Clean app data and cache, login again, fixed for me at least

4
ultranautreply
lemmy.world

That seemed like it worked for me but then it happened again eventually.

3
Pandanticreply
lemmy.world

Memmy signed me out (covertly - only way I could tell is my subscription view showed communities wasn’t subscribed to). Re-entering my credentials fixed it. Let’s see if this posts first time.

2
Gutotito
kbin.social

Getting federation working as advertised is a pain in the ass. I ran a solo instance back when Mastodon was new, and there was no end to the nonsense it generated. That's why I'm now subscribed to the instance @ernest is running. :)

3
Pandanticreply
lemmy.world

Ernest is running lemmy instance or you’re talking about kbin?

3
fury
lemmy.world

Reminds me of when I had to change my site's login cookies from "session" cookies to "persistent" cookies because mobile browsers aggressively clear the session. I don't know if that's what was going on in this case.

2
Xariphon
kbin.social

I logged out and back in again and that seems to have helped. Not sure if it mattered at all or if the timing was coincidental.

2
xkforcereply
lemmy.world

Logging out and back in only really fixes the "youre logged out" (not entirely though) issue. Posts still have to be posted multiple times for it to actually happen most of the time from my experience.

2
Laticaudareply
lemm.ee

I also use liftoff and I've definitely been having that issue on my lemmy.world account.

3
Sir_Kevin
discuss.online

There are thousands of instances. I don't understand why everyone is piling on to lemmy.world

-2
lemminerreply
lemmy.world

Dude, admins upgraded the server. It was down for that reason.

5
niktemadurreply
lemmy.world

Armchair internet weekend warriors see everything in black and white with no in-between grays and no context. Tune in for more details at eleven.

3