this post was submitted on 27 Jun 2023
18 points (95.0% liked)

Fediverse

17734 readers
72 users here now

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of "federation" and "universe".

Getting started on Fediverse;

founded 5 years ago
MODERATORS
 

A post on kbinMeta states that "Lemmy.ml is blocking all inbound ActivityPub requests from /kbin instances." More details here, but the theory is that -- rather than defederating -- lemmy.ml returns a 403 'access denied' message in response to any inbound requests from a user agent with "kbinBot" in the string. Upvotes, comments, and boosts don't seem to be going through. However, it appears that lemmy.ml still federates information outbound to kbin instances.

I'm wondering if anyone here knows what is going on and why it might be happening? Federation between Lemmy instances and Kbin instances seems to be a selling point for both, so I'm sure others using both services are curious as to what's going on.

you are viewing a single comment's thread
view the rest of the comments
[–] taladar@sh.itjust.works 3 points 1 year ago (2 children)

Well, in case someone has the same idea, I just checked and the string kbinBot does not appear anywhere in the lemmy git repo.

I also must say the whole conspiracy nonsense in the comments over in that kbin link you posted really doesn't look good for their user base. Most likely this is some sort of bug or compatibility problem.

[–] clb92@lemmy.ml 6 points 1 year ago

Well, in case someone has the same idea, I just checked and the string kbinBot does not appear anywhere in the lemmy git repo.

Web developer here. This type of blocking based on user-agent would be easier done though the server configuration than in the Lemmy code anyway.

Most likely this is some sort of bug or compatibility problem.

Returning "403 Forbidden" makes it seem like it's not a bug or compatibility problem. The lemmy.ml server only appears to return 403 when the user-agent contains the exact string "kbinbot" (not case sensitive). That makes it seem deliberate.

I'm not saying it's done with malicious intent, mind you. It could definitely be some kind of WAF or other automated blocking happening, maybe simply a misclick when blocking a flood of other bots, but that's anyone's guess until the admins respond.

[–] IntlLawGnome@lemmy.ca 5 points 1 year ago

I'm not particularly concerned with how "the kbin user base" looks or any silly tribalism like that tbh. I'm just wondering if/why the issue might be happening. If the string doesn't appear in the git repo, that's a useful data point for sure. But plenty of people are confirming that something is going on, so the questions as to 1) what is causing it and 2) why are still out there.