Is Akkoma immune to the current attack against Mastodon and Misskey?

The information I saw is this:

I’m assuming blocking the domains will also prevent account creation? How about limiting the federation fetch depth?

i believe it is mitigated, perhaps not entirely immune, but as good as we can be

we already have a limit on federation depth to prevent exactly this

consider lowering federation_incoming_replies_max_depth if you’re really concerned

2 Likes

post on the matter

1 Like

Somewhat related, but does Akkoma respect /etc/hosts.deny? In this case, would something like this be the easiest way to blacklist abusive domains?

ALL : .activitypub-troll.cf
ALL : .misskey-forkbomb.cf
ALL : .repl.co

I did a quick look at the “Configuration” section in the docs and didn’t see an obvious page describing how blocking works for admins, so if there’s something that can be referenced that would be great (brand new at Akkoma running a single-user instance w/ Caddy).

Also, the linked PIA looks pretty useful, should those config options make their way into the “Hardening” docs (or somewhere else?) Hardening your instance - Akkoma Documentation

1 Like

In general, you want to enable the MRF SimplePolicy which then allows you to do various levels of blocking of domains. This is in the Admin panel under settings MRF. Once that’s enabled, you can mute, or in this case, reject those domains or any others.

1 Like