128

I've brought up a new KBIN instance, https://feddit.online

It's administrated from the Greater Boston, Massachusetts area. Everyone is welcome to sign up, so long as they follow the rules

I now, because I must be crazy, have 4 Fediverse servers running.

KBIN: https://feddit.online
Mastodon: https://hear-me.social
Calckey: https://bostonsocial.online
Peertube: https://my-sunshine.video

#KBIN #Fediverse

you are viewing a single comment's thread
view the rest of the comments
[-] Awwab@kbin.social 9 points 1 year ago

Congratulations!

Side note, did you want the symfony explorer to show up for people? https://feddit.online/_profiler/a687ea?panel=db

[-] HarkMahlberg@kbin.social 3 points 1 year ago* (last edited 1 year ago)

Yeah the Symfony Toolbar shows up at the bottom of the homepage for me. I've never used Symfony before, but it looks like a developer tool, not something you want running in your production environment. ;) @Jerry

[-] burgersc12@sh.itjust.works 4 points 1 year ago

Yep, i saw secret keys, passwords, usernames and more just glancing at the Toolbar, he should change it ASAP

[-] duringoverflow@kbin.social 1 points 1 year ago

it is still like that. After 2 days. I actually believe that such low effort "contributions" to the fediverse are causing more harm than good.

[-] majkeli@kbin.social 1 points 1 year ago

I was looking through that and was thinking it was just reporting on the server configuration, but nope, all .env values are right there and nicely formatted. Yeesh.

[-] Jerry@feddit.online 1 points 1 year ago

Wow. Nice!. Is there an option to make it available, or would I just link to it in the "about" page?

[-] duringoverflow@kbin.social 3 points 1 year ago

hm, it actually shouldn't be public at all

[-] asjmcguire@kbin.social 4 points 1 year ago

Yes I remember having a look at that the other day and browsing through all the POST requests that server received from other servers.... And thinking I'm not sure this is supposed to be publicly available...

[-] duringoverflow@kbin.social 5 points 1 year ago

you can actually see even the username/passwords when one user logins

[-] stylishboar@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

I think it should only be enabled in the dev environment for debugging. You might need to change the APP_ENV and/or APP_DEBUG environment variables.

[-] burgersc12@sh.itjust.works 1 points 1 year ago* (last edited 1 year ago)

Might want to change the settings so this isnt public. I can see the actual info of these settings, and so can anyone else.

$_ENV[POSTGRES_USER] $_ENV[POSTGRES_PASSWORD]

this post was submitted on 21 Jun 2023
128 points (100.0% liked)

/kbin meta

38 readers
1 users here now

Magazine dedicated to discussions about the kbin itself. Provide feedback, ask questions, suggest improvements, and engage in conversations related to the platform organization, policies, features, and community dynamics. ---- * Roadmap 2023 * m/kbinDevlog * m/kbinDesign

founded 1 year ago