Just wanted to keep everyone in the loop. If you encounter an issue where you cannot post or comment, but voting is functioning correctly, it is most likely because we have implemented a block for VPN & Tor users. If you are using these services, you can still take part in activities such as voting, reporting posts, and performing other passive actions on the site. We implemented this restriction because of users posting illegal content.

See https://lemmy.world/post/11571711

While we value our users’ right to privacy, we also prioritize the protection of both ourselves and our users. We want to emphasize that we weigh the pros and cons of restrictions like these with the entire team. We do not take these actions lightly, and we hope everyone understands the reasoning behind it.

      • JohnDClay@sh.itjust.works
        link
        fedilink
        arrow-up
        11
        arrow-down
        1
        ·
        5 months ago

        I image with how techy and fos lemmy tends to be, I’m sure there’s a ton of people using VPNs, so a lot of people will probably run into that issue.

        • Jelloeater@lemmy.worldM
          link
          fedilink
          English
          arrow-up
          6
          arrow-down
          1
          ·
          5 months ago

          It’ll come up in a curl or httpie request. All our WAF errors have meaningful returns, I make sure of it ❤️

          • WhatsHerBucket@lemmy.world
            link
            fedilink
            arrow-up
            4
            ·
            4 months ago

            I know I’m late to the party here, but sadly there is nothing obvious if you are on a desktop browser. The only feedback you get is an endless spinning gear.

            I just found this post from a search and I’m sad I can’t connect with a VPN. :(

            • Jelloeater@lemmy.worldM
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 months ago

              Ah, yeah, I wish there was a better way to let clients and browsers know. I’ll add a note to the sidebar at least.

      • A_A@lemmy.world
        link
        fedilink
        arrow-up
        4
        arrow-down
        1
        ·
        5 months ago

        What do you mean when you say a “response body”? What is it ? Does it show anywhere in a browser ?

  • dirtySourdough@lemmy.world
    link
    fedilink
    arrow-up
    20
    ·
    5 months ago

    That’s a bummer that CSAM is still being posted. I get that y’all need to stop the people posting it immediately, and I agree with whatever you need to do to make that happen. However, I hope you can find a solution later down the road that allows VPN users to continue fully interacting with the site.

    • marathon@lemmy.world
      link
      fedilink
      English
      arrow-up
      5
      ·
      3 months ago

      Indeed. I don’t use the Internet at all without a VPN connected. These days you can’t possibly be blocking people for that reason. There are other ways to find child porn or whatever. Like calling the authorities.

  • andrewA
    link
    fedilink
    English
    arrow-up
    11
    ·
    edit-2
    5 months ago

    Since lemmy.world is on cloudflare, a worker function could disallow images in comments (or POST to any of the routes that create content) from those IP ranges. I assume the driver here is CSAM and other problematic imagery.

    • Jelloeater@lemmy.worldM
      link
      fedilink
      English
      arrow-up
      9
      arrow-down
      2
      ·
      5 months ago

      We’ve looked into worker functions before for other things like routing on the edge (neat stuff). We’re all DevOps folks, and love to get feedback from the community ❤️

      The issue is even folks linking to images unfortunately. Yeah, it’s mostly CSAM related, but also prevents other types of abuse as well.

      I appreciate everyone being understanding, all of us try hard to keep everyone on LW (and folks we federate with) safe.

      • andrewA
        link
        fedilink
        English
        arrow-up
        6
        ·
        5 months ago

        Yeah, my main thought was if the body contains any kind of URI/url from those IP sources, you could drop it as you are now. Or possibly just ![. And obviously any post with a url field. Not sure where you collaborate (Lemmy matrix maybe?) but I wouldn’t mind throwing together a POC if it would be considered. I don’t even use Lemmy on VPN but I’m definitely interested in helping the community.

      • Z4rK@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        3 months ago

        All my devices and networks are constantly on VPN, it’s just basic obscurity, and it’s such a hassle posting on Lemmy now - my activity is probably down 90%.

        Could you please consider allowing basic text posts and / or comments from behind a VPN? You could even disallow all markdown - that’s a decent trade off for my sake.

        But please don’t just block all VPN usage if there are options you have not explored yet.

    • Coelacanth@feddit.nu
      link
      fedilink
      arrow-up
      3
      ·
      5 months ago

      That was my assumption as well. Sucks that measures like this are required but understandable all the same.

  • sp6@lemmy.world
    link
    fedilink
    English
    arrow-up
    10
    ·
    5 months ago

    How detailed is .world’s IP logging? I’m sure many privacy-minded users think that’s important to know before disabling their VPNs.

    Additionally, would it be possible to allow posts/comments that don’t have any links or images? Or does even that introduce too much risk?

  • Leraje@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    9
    arrow-down
    2
    ·
    5 months ago

    I realise that as individuals without the huge resources of a business your options are limited. I also have a lot of sympathy with the admins and mods being exposed to that shit. I don’t know what the answer is but I don’t think blanket silencing all users who care about their privacy is a solution.

    • Krudler@lemmy.world
      link
      fedilink
      English
      arrow-up
      4
      arrow-down
      3
      ·
      5 months ago

      The concern is valid but “You can’t post from behind a VPN” and “I’m being silenced” are two very different things.

  • A_A@lemmy.world
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    edit-2
    5 months ago

    Opera browser (with data saving on) is now blocked since your (this one) change.

    P.S. : this post should be pinned to the entire site (not only to this community).

  • uis@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    3
    ·
    5 months ago

    It is so annoying that lemmy.world politics community is not about world politics. Either make it not only-US or rename it to US politics.

  • dohpaz42@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    arrow-down
    26
    ·
    5 months ago

    That’s such a lazy and irresponsible stance to take. If I get blocked from commenting because I value my privacy, it’ll be goodbye lemmy.world.

    • vzq@lemmy.blahaj.zone
      link
      fedilink
      arrow-up
      16
      arrow-down
      1
      ·
      5 months ago

      I’m sure the admins will have a real hard time choosing between the risks of hosting CSAM and the disgrace of not pleasing your entitled ass.

    • Asudox@lemmy.world
      link
      fedilink
      arrow-up
      7
      arrow-down
      2
      ·
      5 months ago

      What privacy? You’re in the fediverse bud. There’s no privacy here. And nobody could care less about your IP address.

    • woelkchen@lemmy.world
      link
      fedilink
      arrow-up
      7
      arrow-down
      4
      ·
      5 months ago

      because I value my privacy

      What makes you think you’re more private browsing Lemmy via a VPN? You’re aware you made an account and are logged in, right?