And then if it doesn't, we'll just ask if it was him on the mumble or not.

If it is the same IP we can just ask him why he is using tor and on linux and see if he freaks out or just gives a quick, reasonable response.

@Thomas do you want to give the cloudflare changes ago?

This is just for b&s.org on cloudflare for right now

The victory server is 206.81.15.30

Yes. Will go for it now.

Deployed. Now images won't load?

No idea if that was the goal.

@Jake AR

@Jason NY

(ip.src ne 206.81.15.30 and http.request.uri contains "/api")

You can undo it

Just turned the rule off.

Let's see if images send.

Yes.

So it was definitely the rule that blocked images somehow.

what images?

everything worked for me, but when I refreshed the page it wouldn't load

Any images. Both me and Mason tried to upload an image while the rule was in effect and they would not load past 0%.

so maybe the web version of rocketchat does use API calls

do we know what user agent the mobile app uses?

we can write a rule to just block that user agent

@Thomas Do we have dossier on Logan CA?

Very suspicious guy applying right now and he says Logan CA is his friend

Yes we do

Logan CA read my messages but his status says offline.

Vincent, is Logan CA set to "invisible" right now? Idek if you can check.

No way to check

Talk to brandon about him

I'm curious if Logan will only reply to me when we make a decision on this guy.

Don't let him in until he does then. If he is using Logan as a reference and Logan is unreliable...

Do you think we should tell him he's accepted as a lie to see how Logan reacts?

Actually, we'll put him on hold and wait for Logan to respond.

I'll tell him he's on hold until Logan responds as well.

Just put him on hold. Remember we don't need to jump through hoops for guys. We have a whole extra PF org just sitting waiting for us to contact them. Take your time and make sure to get the good guys.

We still need to enable DM pruning as well

I believe Jake was supposed to work with Thomas earlier this evening?

I think that was on blocking the DMs

DMs being pruned now

King

Based Jake

Does anyone remember if we figured out how to look at nginx logs and identify the app user agent?

blocking all API calls seems to break the browser

I think Michael did it once a while back

Can cloudflare block by a regex for a user agent?

not sure if regex

Best approach is to do that in the authorization endpoint

patch the server on the login api to reject new sessions for invalid user agents

Cloudflare WAF can probably do this too

cloudflare is ideal since its first contact

but I dont know what user agents we are blocking

does anyone know how to look at nginx logs?

Check the cron jobs. I believe there is something in there to clear them every so often.

You're right

So we are purging the nginx docker container logs every hour, and it does contain IP addresses and user agents and the GET url

So there should be something with the words mobile in there from what I remember

I will try to identify the user agent

it also looks like rocketchat might be saving IP addresses somewhere, looking into that now

So idek if this interviewee is an infiltrator because he completely failed the violence question.

probably legitimately a sperg or a bad actor trying to get us to do something compromising

Either way doesn't reflect well on Logan CA

So the sessions db has lots of IPs and client info

sessions should be purged if older than 7 days perhaps

The oldest one being 8/31/2021

We could do a cronjob that does something like that

if you delete a session does it force a relogin

was just gonna try

I think there is a separate collection for tokens

That might be under the users collection

https://pf3618.bloodandsoil.org/direct/KQv8jm4N4xZztLjkRn8Hnfj4Hze86xAjyf?msg=BDFkq5DfxpSSK36mW

A downtime project, perhaps.

Someone with a wikipedia account can simply revert the libtard's changes. He removed like 15,000 words with the reasoning "Wikipedia is not propaganda!"

He's not a wikipedia admin or anything

I had 150 instances, I deleted them all and nothing changed with me using RC. When I refreshed the page it did not make a new instance, but when I closed the tab and opened it again, it did.

So it may be good to regularly purge instances to minimize how many IP addresses we are keeping. Should we purge daily?

Nevermind, the wiki page "requires autoconfirmed or confirmed access" to edit. Whatever tf that means.

I would say hourly is good

Also it might be worth doing some housecleaning on the vetting server of named accounts I see some inactive folks on there.

@Vincent TX register me on mumble senpai

@Vincent TX these both are completed

Tested, and now IPs are not found on server after the hourly nginx logs purge and rc sessions puge

While you're in that db can you tell me if Logan CA is using a VPN?

i can find his IP, let me check

well since I purged it, I have to wait for him to log in again

Gotcha

test

also we could hide teh invisibl status option

I think I'd rather have it logged

okay, I am looking to where that is tored

I think i can derive who is using "invisible" status as long as they are currently online

currently, David WA and @Matthew MN

is that accurate @Matthew MN

I use that status

"we got em!"

Want to see my Antifa tats