/meta/ - Meta Board

I have a problem and I need it fixed RIGHT NOW

--> Post site theme issues here <--

Try clearing your cache (Ctrl+F5 or Ctrl+Shift+R) before reporting issues.


Help Julay.world stay up.

JulayWorld onion service: bhlnasxdkbaoxf4gtpbhavref7l2j3bwooes77hqcacxztkindztzrad.onion

Max message length: 4096

Drag files to upload or
click here to select them

Maximum 5 files / Maximum size: 18.00 MB

More

(used to delete files and postings)


Statement about recent downtime Robi Board owner 11/30/2019 (Sat) 05:04:06 Id:366b9c No. 1547
Julay.world was down due to an imageboard software crash on 2019-10-30 between 03:30 UTC and 04:45 UTC.

What happened?
The database was filled with expired captchas. For some reason, the scheduled command to clear the expired captchas in the database was prevented from running. When Lynxchan crashed there were 1,051,459 captchas in the database.

How did this happen?
We are still investigating the cause. We're going to be monitoring the captcha counts in the database over the next couple of days to make sure that this doesn't re-occur. Currently the captcha counts are at normal levels.

Possible causes/speculation
Julay.world had to deal with an issue where MongoDB and subsequently Lynxchan would repeatedly crash due to MongoDB hogging almost all available system RAM. This could mean that the scheduled task that was meant to clear captchas may not have been triggered.
Of course it is also possible that a malicious attacker could've repeatedly requested captchas until the database was filled to the brim; however, our findings make this an unlikely case.
Lastly it is possible that an exploit exists in LynxChan to bypass limits on captcha generation.

Response to the incident
We are going to be closely monitoring the captcha expiration scheduling system to make sure it doesn't cause this sort of error again. Other than that, there doesn't seem to be any attack vector right now.

You can verify the authenticity of this message by verifying https://julay.world/.transparency/DOWNTIME-2019-11-30.txt with the key https://julay.world/.transparency/keys/robi.gpg
Key fingerprint: 5D89833AE72E802E0201DFFBB1C4E0DB8448A3EE
(374.39 KB 430x437 shirtless_gorezalo2.png)
++Thanks for the update++
(55.72 KB 551x408 3d9~2.jpeg)
>>1547
Updated as promised in Gunstream:
https://archive.vn/0i24M
Hopefully we do get an answer for this exploit.

Not to many people should hit the captcha if they aren't blockBypass.js reloading.
(86.28 KB 1024x1024 1561575601847.png)
This shit happened right when cakekike killed vch and forced /tv/ to migrate, I thought you were trying to pull a fast one for a brief moment.
>>1551
I'm sure it was just a (((coincidence)))
>>1551
If you don't do so already you should keep up with /a/'s bunker. It's stable and they have a meta thread where updates about this usually get posted. You can also usually find out what's going on from guntstream and the #julayworld irc channel.
(375.16 KB 480x480 giphy (2).gif)
>This site can’t be reached8channel.net refused to connect.
>Try: Checking the connection
>ERR_CONNECTION_REFUSED
(32.85 KB 388x394 047.gif)
>>1555
please delete this
>>1556
Why?
>>1557
nah not serious
i cant say its the same vector that was being used on here if this site was being attacked though. wasn't me
ill crash my own server later to see what the mem leak is
(41.90 KB 250x250 9aa.png)
>>1558
Whether you did it or not doesn't matter, it's an exploit. This site and the one in your video was exploited, and it needs to be patched up.
That is, IF we are going to keep lynxchan moving forward.
Btw, contracted StephenLynx just like ITT. Good Luck!
>>1559
>contracted StephenLynx
sorry to hear that. nobody deserves to be a faggot shoving dildos up their ass. hopefully one day we'll find a cure
>>1560
>the new faggots-only disease known as 'StephenLynx'
WE LOVE YOU EBOLA-CHAN
>>1559
The sooner someone makes a good imageboard software and we can forget lynxchan ever existed, the better.

I looked into it the other day while trying to set up an imageboard with the goal of heavily modifying it, and holy shit that thing is a disaster. Like what the shit was I even looking at, I don't know if that kind of architecture is normal in webdev world but just what the fuck man. In the end I decided that it'll be easier and less painful to learn to make an engine from scratch.
>>1563
/throd.
>>1563
It's the most promising project, but needs more time and testing. I think the developer is in college or something too, who knows if he continues the project long-term.
>>1565
I think he just graduated actually.
The problem has to do with your onion address. LynxChan doesn't ratelimit localhost.
Admin, for a possible solution, see: https://8channel.net/lynxchan/res/1.html#140
The fuck is happening? This place is getting shutters every waking moment now.
REMINDER FOR BOARDS HERE TO HAVE BUNKERS ON ANON.CAFE AND FATPEOPLE.LOL
>>1570
>bunkerception
>>1569
Possible ddos from Cakejew and/or Bonegoblin.
>>1570
nah that's unnecessary, admin here can deal with anything (((they))) throw at him
>>1570
Nanotranny.net too
Edited last time by Chobitsu on 12/04/2019 (Wed) 15:09:08.
>>1574
fuck off nano
Julay.world was down due to administrator incompetence on 2019-11-30 between 14:30 UTC and 16:00 UTC.

What happened?
I had just pulled an all-nighter shitposting when the captcha exploit thing happened. In a desperate attempt to figure out the cause of the error I made it so that every single output to the console would be accompanied by a full stack trace and also added about 10 console.log commands to Lynxchan's source code. The result was full stack traces being pushed to the syslog for over 8 hours which promptly made the server run out of disk space.

How did this happen?
lol

Possible causes/speculation
lol

Response to the incident
Next time maybe I shouldn't try to debug an exploit after being up for 26 hours.

You can verify the authenticity of this message by verifying https://julay.world/.transparency/DOWNTIME-2019-11-30-2.txt with the key https://julay.world/.transparency/keys/robi.gpg
Key fingerprint: 5D89833AE72E802E0201DFFBB1C4E0DB8448A3EE
>>1574
May go to 8glow as well fag
(37.17 KB 600x600 sweat.jpg)
>name one good, full-featured imageboard software
(4.66 KB 225x225 index.jpg)
(13.58 KB 400x400 ClipboardImage.png)
>>1574
You'll never get your maid outfit back, Nathaniel.
>>1580
Did you release the jewtext addon yet?
(58.38 KB 480x480 Vordrak.jpg)
>>1579
Hey there Joshua. I hear you still have means to make money somehow. It would be a crying shame if it were to, you know, disappear!
(897.41 KB 245x245 124.gif)
>>1576
>I made it so that every single output to the console would be accompanied by a full stack trace
I'm amazed this went through your head unquestioned.
>>1573
It's still good to be proactively paranoid and have one place if the worst happens (ie: some fag shoots up a federal building and frames the board)
>>1584
After 26 hours of staying up people can end up short on common sense. He was in a state of impaired judgment, so to say. (Being sleep-deprived can actually be more dangerous than being drunk.)
>>1585
that's true enough, that's the purpose of the webring - to do away with centralized structure. So I guess do have bunkers there.
>>1584
Lynxchan does not output any information about where the error happened. All I saw on the console was the BSONObject error printed from somewhere in a 50KLoC codebase. It was the sensible thing to do in dire circumstances but I should've removed it afterwards.
>>1588
ROBAY, address the /tv/ issues
>>61034
>>61045
>>1588 (checked)
Try short stack traces instead, if the system behind LynxChan can do them. Just the innermost frame from another module, or where the function that encountered the error was itself called from.

...And maybe it was another site, but I seem to remember a LynxChan instance that put a CAPTCHA on every page loaded.
>>1590 (derp!)
Oh right... the "Report/Ban" box at the bottom of the page has a CAPTCHA in it...
>>1591 (more)
... and it seems stable across simple reloads but not when posting. Could an increase in ordinary traffic have caused a spike in CAPTCHAs?
>>1553
Oh ok thanks
>>1573
>having more bunkers is unecessary
Retards with your mentality are why so many niche boards and their communities are lost forever.
D
If you have any interest in preserving your own board don't listen to this imbecile.
>>1595
>torfag sperg
go back to cuckchan
>>1596
Glownigger, pls. Terry can still run you down you know.
>>1597
based
>>1597
>trying this hard to fit in
lol
go back
>>1600
You fedcunts will never stop IB culture, you cock-slobbering faggots. The people will win.
(23.59 KB 200x220 346578977765432.png)
>Lynxchan is the code equivalent of indian food shat into a rusty bucket.
I mean just look at the coomer who developed it. No big surprised it managed to find such a retarded and fantastical way to catch on fire.
Well, atleast admin had the spine to admit that he dun fucked up. Unlike certain mobility impaired living(?) morbid curiosity or a pastry-consuming member of a certain semitic tribe.
>>1596
>>1600
>no don't create more bunkers
>I want you to be in one easily controlled spot
>fuck having a fallback option being scattered to the wind after an oy vey is the best!
kill yourself retard
there is literally no good reason to not have backups in place
go back to herding dumbfucks on discord into crossdressing and shooting up malls
So did Vaush debate sargoy last night or did Carl stand him up like he did venti?
>>1562
Picochan is a good imageboard software. Doesn't require or use any JS at all. It's designed for tor boards though so will require the addition of a ban system etc. for clearnet usage.
http://picochanrpzlemllkdr46tilw7b4q3bv5ipetkmty37fuqq4hjfnhwad.onion
Example/testing instance:
http://nanochangkn3dxfkr5prfw76hiq3qpjyzr44m4zxbwub5f4kditlufid.onion/pico/test/
>>1614
>there's an index now
Nice. I understood why nanochan didn't want to implement an index, but I have no idea how people use imageboards using the catalog only.
>>1547
Admin of another webring site here. Somebody tried attacking my captcha page too.
The IP whois'd to an MIT IP.
[code]
OrgName: Massachusetts Institute of Technology
OrgId: MIT-2
Address: Room W92-167
Address: 77 Massachusetts Avenue
City: Cambridge
StateProv: MA
PostalCode: 02139-4307
Country: US
RegDate:
Updated: 2017-01-28
Ref: https://rdap.arin.net/registry/entity/MIT-2
[/code]

This is most likely caused by spamming the https://julay.world/noCookieCaptcha.js page. They can generate unlimited captchas on a single IP and there is no ratelimit whatsoever.
Probably the reason lynx has no ratelimit is because it assumes multiple people could be hitting the nocookiecaptcha page on TOR from the same relay/exit node and the ratelimit would count multiple users. In practice, that would be rare and just leaves a huge security hole where spamming enough can fill up the disk or crash mongodb.

Hope this helps.
>>1616
see your torrc and you'll know the reason
>>1616
https://8channel.net/lynxchan/res/1.html#147
>It's unthrottled if you are accessing it through an onion service.
He is dumb as bricks.
>>1617
Some educational institutions have exit nodes, cant check right now just assuming. Didnt think so at first because usually they add some notes to their whois saying so.

Still robi should check what was said about the nocookiecaptcha page
>>1618
well theres your problem, lmao
>>1576
I've had this glitch happen to me during bad connections where I'd hit the Reply button several times and the captcha would come up, except instead of just one box to fill out several would come up, each with its own "send" option. Next time it happens, I'll be showing it to you. Might be one thing that is causing this many problems.
(381.49 KB 1200x1200 ohreallycatwtf.jpg)
<10 Click on Reply to post
<20 You need block bypass to post
<30 Enter the captcha
<40 Captcha entered
<50 Click submit
<60 Your Captcha has expired!
<65 WTF?
<70 Refresh to get new captcha
<80 GOTO 20
>Shit finally breaks.
>People surprised.

Only by ignoring the captcha after about the 4th time and hitting cancel instead allowed the post to go through anyway.
>>1630
It's literally easier to just have a captcha for every post. At least that way I don't need to enable cookies and javascript.
>>1547
Why are we blue now and what happened to the buttons in the top right?
>502 Bad Gateway
oh fuck what now
looks like lynxchan is pretty buggy
Open file (45.74 KB 640x480 gondola_rome_burning.png)
>kikes take down 8ch to distract from the fact twitter, twitch had the stream up for hours
>other kikes pull the plug on vch
>8kun is a piece of shit
>julay just fucking dies
Why does this keep happening?
>>1739
It's just giving you a taste of what will happen to society soon.
>>1740
>implying we're that lucky
>>1547
recent posts don't show as "5 minutes ago" etc but just show the overall date like old posts.
>>1739
>other kikes pull the plug on vch

Delete
Report/Ban

Captcha (required for reports and bans by board staff)

no cookies?