Same. Although sometimes I set up a public instance, because I’m setting one up for myself anyway, right? And then I have regrets LOL

How is this different from cosmos-cloud.io? The feature list looks identical.

Sarcasm: Yup. The black people who were lynched should have just participated in local communities and confronted the KKK! That’ll fix everything!

Anyway, online isn’t the place to take up space and confront people. You do that in person. Online is where you come to get support, encouragement, and resources for the in-person fight. And that doesn’t work if your online profile is also local. For many people, there online participation cannot, and should not, be geographically local. Remember the “good old days” of the local BBS that you had to dial into? Isn’t it interesting that every single documentary full of sepia toned reminiscences about how wonderful those local communities were is entirely created by and featuring old middle-class white dudes? No women, no homosexuals or transsexuals, no people with disabilities, and no ethnic minorities? I wonder why!

Again, speaking from personal experience: blind people had NFBNet, but it wasn’t local. And the local BBS’s had so much ASCII art and other accessibility issues that we couldn’t participate.

And now, on local Reddits and Facebook groups, nobody uses alt text. I guess that’s my fault for not participating in a space that is completely inaccessible to me. I’m the problem with democracy!

If we look at how toxic and racist the local city groups are on Reddit or Facebook, I’m not sure this is a good model. If I’m a black trans woman living in a small town in Mississippi, my local instance might not even be a safe place, for me.

Similarly, I would encourage blind folks to join us at rblind.com rather than a local instance, because a local instance might not take our needs into account: many have captchas, some use inaccessible themes, etc. At rblind.com you can be sure that we won’t deploy an update or configuration change that will break accessibility, because the server admins and moderators are all blind ourselves. But the beauty of federation means that you can talk to everyone else on other instances, so being part of a particular identity group doesn’t limit you to just talking to other members of that group.

If your response to discussion is curses and insults, please also consider shutting down your instance while your at it.

This is exactly my point, though. Yes, all of these changes are easy and possible. But you have to know about them, first. This is not a drop-in “protect everything without side effects” tool like your initial post seems to say. For every app you put behind it, you need to take time to think over exactly what access is required by whom, when, and how. Does it use Oauth, RSS, .well-known, xmlrpc/pingbacks, RDF/sparql endpoints, etc? Do some robots need to be allowed (for federation, discoverability, automated healthchecks, etc)? Are there consumers of API’s provided by the app? Will file downloads occur from downloaders that resume downloads/chunking for multiple connections at once? What is the profile of the humans you expect to be accessing the service: are they using terminal browsers like lynx, do they disable JavaScript and/or cookies for privacy, are they on a VPN, are they using low profile devices like raspberry pi’s or low-end android tablets, etc? What bots are you intending to block and how do they behave: they may just be running headless chrome and pass all your checks, they may be on zombie consumer machines part of a botnet, etc. As with anything in life, there are no magical shortcuts, and no way to say “block all the bad people I don’t like and allow the good people in” without first defining who the good people are and what you don’t like.

In your case, all you’ve effectively done is said “good people run JavaScript and allow cookies, bad people do not”. Without really thinking through the implications of that. I suspect what you really mean is “I don’t need or want anyone but me accessing my personal lemmy instance”. So why not block lemmy-ui from every country but your own, or even restrict it to subnets belonging to the ISPs you use? That would seem to be a lot easier in the case of a personal instance. In the case of a public instance like mine, though, the problem is much harder.

Good to know. But most RSS readers already pretend to be browsers, because otherwise many publications with misconfigured reverse proxies will block them from accessing the RSS feed. cbc.ca is a good example of this. Because deploying a web firewall is neither easy or trivial, unless you know exactly who needs to access what, when, and why. Most people, in my experience, do not.

In brief testing I get challenges before trying to load robots.txt on hosts running Anubis. I also see reports of it blocking OAuth flows and access to stuff like .well-known

And what about RSS? Favicons? OAuth? robots.txt? There are lots and lots of things that need to be accessed by automated programs without user intervention. It is not trivial to determine what these things might be. For your personal instance, go nuts. But no public instance should be doing this.

What about folks on low spec Android phones? Or folks who browse with JavaScript off? Every solution to block AI will block some percentage of humans.

Because Spotify, YouTube, Apple Music, etc. are so cheap or free that it’s not worth the trouble of setting one up for the people who have the resources to do it. Sure, download what you want to keep. But for Discovery? The streaming services are fine. And the people who can’t access/afford them also don’t have the resources to set something like this up.

Perfect! Thanks for the info!

How do those of us who loathe the horrific and proven bad idea of quote posts, and also refuse to use Mastodon, opt out of this terrible misfeature? Will blocking anyone who quote posts me and defederating from their instance remove the quote?

If you’re comfortable with using codeberg, yes, that’s the best place. Otherwise you can post in the comments of the original thread, complete the survey, or use github issues (if you must).

Sadly I don’t have an einc device. But if someone does, we’d be happy to accept feedback and include some images.

So most modern activitypub servers backfill threads and profiles. My single user instance processes 30000 notes a day. If I was actually trying, I’m sure it’d be easy to grab much more while appearing well behaved.

How does that help? My personal instance currently has a database of several million posts thanks to the various Mastodon relays. I don’t need to scrape your instance to sell your posts. I don’t, of course, but it’d be easy for some company to create friendlycutekittens.social and just start collecting posts. Do you really have time to audit every instance you federate with?

When watching a movie or tv show by ourselves, blind people can’t see the picture. So unless we are watching with a sighted friend, we would rather save on storage and bandwidth by only downloading the audio.

Audiovault.net is the website you want. Made by and for blind folks, it has thousands of AD tracks in mp3 format. You should be able to just sync them with the video. Though blind folks never bother; we only care about audio anyway.

Works well. I host this myself to check up on my data center and how it’s doing routing traffic to consumer isps in the real world.