Skip to main content


Nerdica upgraded to 2019.09


!Nerdica Forum

Today, approx. between 11 and 12:00 CEST, the Nerdica was offline, because I upgraded to newest release version 2019.09 of Friendica and well, not everything went well, but now it is running on newest stable release.

Have fun!



Twitter Plugin?


!Nerdica Forum

Another topic:

Do you mind when I disable the Twitter plugin? Do other people use it here?

I mean: you are using Friendica or the Fediverse in whole by purpose, because you decided to not use Twitter. I don't think that anyone is using Friendica as a Twitter client.

So, are we ok with disabling the Twitter plugin on Nerdica?

Ok, I've now disabled the Twitter addon.

Now I have all the "invisible" twitter contacts impossible to remove u.u

I asked in the Friendica support forum... let's see...



DoS against Webserver


!Nerdica Forum

I don't know why, but the webserver seems to be under attack the last days. At least there was way too much load on the webserver caused by connections in "sending" state:

Total accesses: 1080 - Total Traffic: 11.5 MB - Total Duration: 222445988
CPU Usage: u6.3 s.84 cu8.99 cs1.45 - 3.12% CPU load
1.92 requests/sec - 20.9 kB/second - 10.9 kB/request - 205969 ms/request
195 requests currently being processed, 5 idle workers

WRCWWWWWCRCCWWRRWRWRCWCRWWWWWWWWWRCRWWRRWWWWWWWCWWWWWWWWWRCWRCWR
RWRWCCWWWCWWWWWWWWWRWWRWWWWCWWWWWWWWWWWWWCRRWWWWWCWWWCRWWRWWWWWW
WWWWCWRCWWWCWWWWWWWWCWWWWWRWWWWWWWRWWRCRCWWWWWCW.WWCWWWWWRWWRWW.
WRWRWWRWR_WWWRWWWW_RWWWWW__RRRW_W.........................WCWCWW
WRWWWCRWWWWRWWWRWWW.......W.WWCWWWWWWWWWWWWC..WW........W..G.W..
........WW..W.CC.WWWWWWWWWWWWWWWWWWWWWWWWCWWRWWRRWCWRRWWWWWWWWWC
WWWCWRRWRWWWRRWR

Scoreboard Key:
"_" Waiting for Connection, "S" Starting up, "R" Reading Request,
"W" S
... show more

Bond In Guy reshared this.

Now seems to be OK. Yesterday was problem indeed.

Well, maybe it's not directly a DoS against the webserver, but instead more likely just an increased server load despite limiting the number of users.

It seems that some users have lots of interconnections and feeds and the more of these users are on this node, the higher the number of connections.

Today the webserver was quite loaded and unresponsive again, although I did some stuff to minimize the load in the past few days.
Now I did some other changes and this seems to greatly improve the performance of the server.

So, please report back here if the server responsivity is ok for you again or not.



Limiting number of users - now in place


!Nerdica Forum

Hi!

As already proposed some weeks ago, I've now implemented a method to shutdown the open registration when there are 1200 users on Nerdica. Currently we are at 1194 users.

Registration will automatically re-open when the number of users drops again under 1100 users.

Already registered users can invite family and friends to Nerdica.Net regardless of public registration status being open or closed. Just invite them by mail.
But public registration will now be automatically closed and re-opened as described.



Short interruption


!Nerdica Forum

There was another short outage for maintenance to mitigate some CPU bugs:

SUMMARY: CVE-2017-5753:OK CVE-2017-5715:OK CVE-2017-5754:OK CVE-2018-3640:OK CVE-2018-3639:OK CVE-2018-3615:OK CVE-2018-3620:OK CVE-2018-3646:OK CVE-2018-12126:OK CVE-2018-12130:OK CVE-2018-12127:OK CVE-2019-11091:OK

Services should be back to normal now.



@Nerdica Forum
I don't think "null" is a user, since I don't appear in the "introduction", and I can't cancel the notification...

is there a way to solve it?

Image/photo

At the moment? No idea...

Only idea is: maybe it's a request from a user that got deleted in the meanwhile. In that case everything related to that user should be deleted 7 days later. So I'd recommend to wait a week and if the problem persist, then we have to investigate with the developers in the helpers forum.

Okay, I'll take note, and in 10 days, in case, I'll rewrite in this post, without writing another one ^^

8 days have passed and still nothing has changed O.o

!Friendica Support

See the discussion... one user has a user labeled "null" in introductions that seems to be a non-existing user...

Any ideas how to get rid off of this introduction?



Is it possible on github to post an issue potentially affecting two seperate projects at once? Because I would like to post this issue ( https://mastodon.social/@guidoV4/102321231432123013 ) potentially affecting the two projects nerdica.net (cc @nerdicasupport ) and #Fedilab (cc @fedilab ) simulataneously.

Ping me when it's done. I checked and an endpoint verify_credential returns an account object whatever the credentials (I currently don't understand how it is picked up).
Their is no risk only public statuses are displayed because the token is no valid. So nothing private is displayed and nothing can be done with this account. It's like visiting a profile.
@nerdicasupport

Ok, in this case the issue is atleast not as serious as I thought.



A warning for #Fedilab- and #Nerdica-users: unfortunately there currently is a giant security-issue if you try to use Fedilab with a nerdica.net-account. If you are doing this you will always be logged in to someone elses account instead of your own and there is also another problem: unlike f.e. mastodon.social nerdica.net also doesn't ask to authorize the Fedilab-app. It just redirects you to the account the Fedilab-app logged you in to.

cc @nerdicasupport @fedilab

I think this security issue is so serious that I would reccommend @fedilab and @nerdicasupport to temporarily shut down the Fedilab-app and the nerdica.net-instance until they solved this serious security-issue.

Ok, I found out that the f-droid-version of #Fedilab (2.6.1) isn't the most recent one. Maybe this issue doesn't exist in 2.7 anymore but I haven't tested it because I want to avoid the Google Play Store as much as possible.

But I would still urgently recommend you to take down the f-droid-version 2.6.1 for now and maybe also version 2.7 from the google-store if it should turn out to also still exist in this version because of this serious security issue as it could enable criminals to take over nerdica.net-accounts of other users.

Therefore I would also recommend nerdica.net to generally block all requests coming from the #Fedilab-app for now if it's possible.

Have you reported this to the developers in !Friendica Support ?

Can you please contact me directly for more details?

So to give an update from a different discussion:
Fedilab apparently shows (a more or less random) user profile when the account credentials don't work and displays public posts.
No issue in regard of security, as it seems.

Not a security issue I confirm. I checked it deeply. As soon as it requires a token, it throws a 401.
But, the reply for the random account comes from the server reply.
@guidoV4 @nerdicasupport



Limiting number of users?


!Nerdica Forum

Right now this #Friendica node has 1098 registered users and like 200 monthly active users.

I'm thinking about switching the registration mode from open registration to closed registration. With closed registration it should be still possible to invite friends over here and get new users, but it won't be possible to still register without an invitation.

The idea of limiting the number of users on this node are:
* this is a private server with limited resources. So having thousands or tenthousands of users is unlikey to run will on the current hardware. It's not like the current hardware is facing its limits, but I want to avoid facing these limits for the sake of smooth operation for the current users
* the basic idea of the federation is that everyone can run an own node instead of having large, centralized nodes. Currently we have 3 or 4 large nodes... show more

I understand your stance as an instance owner, but I'm not sure closing registrations is the best way to entice the spawning of new instances.

With such a limited number of instances, if they all close registrations that means creating a Friendica account to try things out (just like I did with this one, my main account being on Mastodon) will be much more difficult.

This is just pure speculation and maybe it won't be that much of a deal, maybe othere instances won't close registrations, maybe people will find ways to get invited, but I wouldn't want Friendica becoming a closed community that eventually dies off for lack of interest.

Again, I'm not telling you what to do, on the contrary, I must thank you for hosting this instance, and I'm just offering my perception as a new user that doesn't interact much with Friendica.

Limiting the number of registrations or users on Nerdica doesn't mean that the number of users for Friendica is limited.
Currently we have about 100 Friendica nodes listed, but most users are registering on the big 4 nodes. This makes it difficult for smaller nodes to grow. And therefor closing down registrations when a high-water mark is reached can improve the situation (=user count) for the smaller nodes. And there can help with the robustness of the Fediverse in general: more nodes of the same size instead just a few bigger nodes.

Your comment is very much appreciated! :-)

Limiting the number of registrations or users on Nerdica doesn't mean that the number of users for Friendica is limited.
Currently we have about 100 Friendica nodes listed, but most users are registering on the big 4 nodes. This makes it difficult for smaller nodes to grow. And therefor closing down registrations when a high-water mark is reached can improve the situation (=user count) for the smaller nodes. And there can help with the robustness of the Fediverse in general: more nodes of the same size instead just a few bigger nodes.

Your comment is very much appreciated! :-)



Nerdica upgraded to 2019.06-rc


!Nerdica Forum

Hi!

Just some minutes ago I upgraded Nerdica to current release candidate version 2019.06-rc:

Version
Friendica 'Dalmatian Bellflower' 2019.06-rc - 1313

Prior upgrade tries were failing, but this time everything went well.

If you experience any issues please report them to !helpers@forum.friendi.ca - that way the issues can be worked on directly by the developers.

I think there are some problems, because the "social network" section doesn't seem to work anymore, exactly since you have updated O.o

Try again... it seems as if some addons were missing (short outage while working on this)

Okay, everything seems to be working now, thank you very much :)

I do see Estonian translation, and it is working very well. Thank You!



Downtime on Friday


!Nerdica Forum

Dear users,

as you certainly have experienced on Friday, Nerdica.Net was unavailable for a longer time.

What happened?

Well, I tried to upgrade the underlying Debian Linux installtion from stretch to buster. Although I did that before on other virtual servers, there was a new problem on this server: the Apache webserver didn't want to start.

Unfortunately, as a bonus challenge, I needed to go away from my desk and was only able to work on the issue via my iPhone SE and an SSL client. This lead to longer time to fix this issue than it would have been when I was still on my laptop.

In the end everything should work again. If you experience some problems, please drop me a note. Thanks!

Thanks for the effort to get us back online!

Thanks a lot, Jürgen!



Failed upgrade to RC candidate


!Nerdica Forum

Dear users,

you may have experienced some outage this evening. Reason was that I tried to upgrade to the release candidate of Friendica 2019.06-rc today. This failed and I needed to restore the code from backup.

Apparently it is now running again on latest stable release.

Sorry for the inconvenience...

Today I tried again to switch to 2019.06-rc and it failed again the same way.

I won't give it another try until a new RC2 has been released or the final release version is available.

*GRMPF*



Can't set password


Hi all, I have just joined, it seems I can't change my password.

When I go to settings, select "Password change", fill in my new password and confirmation, fill in the current password (the one I got via email), then click "Save Settings" I get 4 warnings, one of which displays "Password unchanged".

Image/photo

Image/photo

And indeed when trying to log off/in my new password doesn't work and the old one still does.

Is this an issue with Friendica, should I be submitting it on Github?
Password (x)

I also had this problem, and I believe it was because of my password manager's autofill feature. After I disabled it for Nerdica I was able to change my password.



Nerdica upgraded to 2019.03-rc


!Nerdica Forum

Dear users,

this evening I switched Nerdica to the current release candidate 2019.03-rc of Friendica.

The migration took a little longer as the database upgrade failed again and again with a strange error. It took a while until I figured out was the problem was and fixing it.

Sorry for the unexpected long downtime, but now it should be running just fine again. If you experience any issues, please report here or in the Friendica Support Forum, where the developers are also reading...

Thanks!



Cross-posting to Wordpress from Nerdica


Hi -- I'm brand new here, and one of the things I wanted to be able to do from Nerdica/Friendi.ca was crosspost to my (self-hosted) Wordpress blog.

I found the Social Networks page, and the Wordpress Export section. But I can't find any documentation anywhere that explains what's being looked for in the key "WordPress API URL" field. Anyone have an answer, or know where I can dig up more information on this?

Thanks!
wordpress (x)

With API URL the addon means XMRPC API URL. There is also a REST API URL for Wordpress.
From the Wordpress addon system setting:
Post to WordPress (or anything else which uses blogger XMLRPC API)


Maybe this helps:
https://codex.wordpress.org/XML-RPC_Support

So it looks like it's the path to the WP xmlrpc.php file ... hmmm, okay, thought I had that identified. That gives me something to play with. I'll give it a try and update this if I get it working. :-)

Thanks, Ingo!



Can't connect to nerdica.net with XMPP-client Conversations.im


I just tried to connect to my account on nerdica.net with Conversations.im but got the error message "Incompatible server"? Conversations.im should be a real XMPP client? The information about nerdica.net also says:

"All (friendly) creatures welcome! Free registration. Server located in Germany. As a registered user on Nerdica.Net you are also able to use XMPP (Jabber) under the same address and with your password. Get the best of free and open networks at Nerdica.Net! :-)"

Hmmm, it should work. Have you tested the web interface on https://jabber.windfluechter.net/ and logging in with your "PrivSecurity@nerdica.net" and your password?

After help from @Ingo Jürgensmann I think we can be pretty sure the problem is in the Conversations.im client in connection with the nerdica server. When I try to connect with another client, Xabber for Android, it works fine.

@PrivSecurity
Ok, I checked back with Daniel Gultsch on Twitter... in his opinion the problem might be that I'm using "slt" for proxying SSL connections to TLS and TLS is expecting STARTTLS command... So, the compliance tester is happy with the current setup, but the real client is not.

For some unknown reasons (at the moment) the configuration does not work as documented (legacy_ssl_ports for Prosody)...



!Nerdica Forum

I received a mail from Google about the closing down of #Google+ :

Hello Google+ Developer,

The email below contains your most recent usage of Google+ APIs. Note: It includes Google+ OAuth scope requests, which are also affected by the Google+ shutdown. A prior email sent to active API callers did not include information about OAuth requests. One final reminder email will be sent in February to users who still have active API or OAuth request activity.

What do I need to know?

On March 7, 2019, all Google+ APIs and Google+ Sign-in will be shut down completely. This will be a progressive shutdown, with API calls starting to intermittently fail as early as January 28, 2019, and OAuth requests for Google+ scopes starting to intermittently fail as early as February 15, 2019.

What do I need to do?

Please update your projects liste
... show more



Workaround for bug in newest release applied


!Nerdica Forum

There is a small nasty bug in newest Friendica release 2019.01:

When enabling "use browser location" the modal for writing the post doesn't appear


So, when you're using browser location you might not be able to post anything on Nerdica.Net. As a workaround I've followed the tip to disable this function on SQL level:

MariaDB [friendica]> UPDATE user SET `allow_location` = 0 WHERE `allow_location` = 1;
Query OK, 10 rows affected (0.01 sec)
Rows matched: 10  Changed: 10  Warnings: 0


As you can see there were 10 users affected. In the development branch this bug has already been fixed, but I still await a fixed release version. As soon as this fix is available you should be able to enable "use browser location" again.



XMPP for all Nerdica.Net Users


!Nerdica Forum

As yesterday already pointed out, I worked on enabling XMPP for all Friendica.Net users. A short test showed that this was successful, at least as far as I could test it.

So, what's this XMPP stuff is all about?

What is XMPP?
XMPP, or formerly known as Jabber, is a protocol for instant messaging. You can read the XMPP article in Wikipedia if your interested in details.
XMPP is similar to Friendica in that it is a federated protocol as well as email is. So, there is no central server infrastructure like for Facebook, but basically everyone can run his/her own server, if wanted. But you don't need to! There are hundreds of free XMPP servers out there where you can register an account. As an user of Nerdica.Net you already have an XMPP account with the same address as your Friendica account: <username>@nerdica.net.

How can I use XMPP?
There are multiple options.

1) Within your profi... show more

Oh, sorry... thought that the default setting will be used as a default in the user settings as well. You'll need to set the BOSH URL to:

https://jabber.windfluechter.net:5281/http-bind

Hope, this helps. Otherwise you can also use the fully featured webclient on https://jabber.windfluechter.net/ - there you'll need just your account and password.

Ok, I see you in the chatroom and also have added the BOSH URL to the original posting...



Nerdica.Net upgraded to 2019.01 release


!Nerdica Forum

Just upgraded to today release of Friendica 2019.01


Version Friendica 'The Tazmans Flax-lily' 2019.01 - 1293