this post was submitted on 21 Jun 2023
128 points (100.0% liked)

/kbin meta

38 readers
1 users here now

Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign

founded 2 years ago
128
Introducing https://feddit.online , a new KBIN server (feddit.online)
submitted 2 years ago by Jerry@feddit.online to c/kbinMeta@kbin.social
42 comments fedilink hide all child comments
 

I've brought up a new KBIN instance, https://feddit.online

It's administrated from the Greater Boston, Massachusetts area. Everyone is welcome to sign up, so long as they follow the rules

I now, because I must be crazy, have 4 Fediverse servers running.

KBIN: https://feddit.online
Mastodon: https://hear-me.social
Calckey: https://bostonsocial.online
Peertube: https://my-sunshine.video

#KBIN #Fediverse

you are viewing a single comment's thread
view the rest of the comments
[–] Awwab@kbin.social 9 points 2 years ago (2 children)

Congratulations!

Side note, did you want the symfony explorer to show up for people? https://feddit.online/_profiler/a687ea?panel=db

[–] HarkMahlberg@kbin.social 3 points 2 years ago* (last edited 2 years ago) (1 children)

Yeah the Symfony Toolbar shows up at the bottom of the homepage for me. I've never used Symfony before, but it looks like a developer tool, not something you want running in your production environment. ;) @Jerry

[–] burgersc12@sh.itjust.works 4 points 2 years ago (1 children)

Yep, i saw secret keys, passwords, usernames and more just glancing at the Toolbar, he should change it ASAP

[–] duringoverflow@kbin.social 1 points 2 years ago (1 children)

it is still like that. After 2 days. I actually believe that such low effort "contributions" to the fediverse are causing more harm than good.

[–] majkeli@kbin.social 1 points 2 years ago

I was looking through that and was thinking it was just reporting on the server configuration, but nope, all .env values are right there and nicely formatted. Yeesh.

[–] Jerry@feddit.online 1 points 2 years ago (3 children)

Wow. Nice!. Is there an option to make it available, or would I just link to it in the "about" page?

[–] duringoverflow@kbin.social 3 points 2 years ago (1 children)

hm, it actually shouldn't be public at all

[–] asjmcguire@kbin.social 4 points 2 years ago (1 children)

Yes I remember having a look at that the other day and browsing through all the POST requests that server received from other servers.... And thinking I'm not sure this is supposed to be publicly available...

[–] duringoverflow@kbin.social 5 points 2 years ago (1 children)

you can actually see even the username/passwords when one user logins

[–] stylishboar@lemmy.world 1 points 2 years ago* (last edited 2 years ago)

I think it should only be enabled in the dev environment for debugging. You might need to change the APP_ENV and/or APP_DEBUG environment variables.

[–] burgersc12@sh.itjust.works 1 points 2 years ago* (last edited 2 years ago)

Might want to change the settings so this isnt public. I can see the actual info of these settings, and so can anyone else.

$_ENV[POSTGRES_USER] $_ENV[POSTGRES_PASSWORD]