/operate/ - Endchan Operations

Let us know what's up

Boards | Catalog | Bottom

Check to confirm you're not a robot
Drawing x size canvas

Remember to follow the rules

Max file size: 350.00 MB

Max files: 5

Max message length: 4096

FILE SUPPORT THREAD odilitime Board owner 01/23/2016 (Sat) 08:43:14 [Preview] No. 1017 [Reply]
What file types do we don't support that you would like us to add?

Making an official thread to keep on top of this better. Most of these are relatively easy to add.

I'm not quite sure why LynxChan has a filter on these. It maybe easy to start a list of what we don't want.


Here's the current list:

Message too long. Click here to view full text.

Edited last time by odilitime on 06/05/2016 (Sun) 10:44:34.
180 posts and 27 images omitted.

Anonymous 08/03/2017 (Thu) 22:34:14 [Preview] No. 6898 del
I use this site.

Also to Odilitime:
When will be the option to embed YouTube?
Link eh.. clipping? Separating? Makes sense.
There's that frequent .tk CP spam going on.
But I'm sick of cutting down long vids in WMM.

odilitime Board volunteer 08/12/2017 (Sat) 21:56:45 [Preview] No. 6918 del
We have youtube embedding.
What's link clipping? Separating?

We're working on the spam issue.

>I'm sick of cutting down long vids in WMM.
not aware of anything we can do to help with that.

Anonymous 08/14/2017 (Mon) 23:25:43 [Preview] No. 6921 del
I'm just not aware of how to YouTube embed. There was a feature on 8ch where it was in the options. Windows Movie Maker is not your problem. Just something I had to use alternatively because I can't into embedding. Trying a couple codes.

https://youtube.com/watch?v=[youtube]bHzFN6U8sX8[/youtube] [Embed]

[embed]https://youtube.com/watch?v=bHzFN6U8sX8 [Embed][/embed]

Anonymous 08/14/2017 (Mon) 23:27:16 [Preview] No. 6922 del
Hmm. Maybe the link by itself? Pretty sure on /pol/ it separates the link.
https://youtube.com/watch?v=bHzFN6U8sX8 [Embed]

Anonymous 08/14/2017 (Mon) 23:29:53 [Preview] No. 6923 del
Yeah, this is what I'm talking about. It's not embedding the video onto the thread like it would with a webm or mp4. Click on it, it directs you there. External linking.

PSA: Block bypass has been enabled for some IPs Balrog Board volunteer 05/17/2016 (Tue) 14:23:15 [Preview] No. 4154 [Reply]
I found where that spam full of random garbage is coming from. It doesn't have any discernable pattern so we can't use the autoban addon to remove it, but it's all coming from the same /24 range of IPs in Russia so we can just rangeban it. The problem is that Lynxchan currently only does /16 rangebans, which would result in substantial collateral damage. To counter this I'm enabling the block bypass function.

If you are rangebanned, you can use the block bypass function to solve a CAPTCHA and bypass the rangeban. This requires your browser to store a "bypass" cookie. No CAPTCHA will be required to post if your IP has not been subject to a rangeban. Block bypasses last for 24 hours or 50 posts.

I've already asked StephenLynx about adding a second, smaller rangeban level.
32 posts omitted.

Anonymous 06/13/2017 (Tue) 20:09:19 [Preview] No. 6448 del

Anonymous 07/14/2017 (Fri) 03:11:19 [Preview] No. 6768 del
captcha every 5 posts

Anonymous 07/14/2017 (Fri) 03:13:28 [Preview] No. 6769 del
Oh, and just recount the bumps when a post is deleted. So let's say your threads were layed out like so:

Thread 1.
Thread 2.
Thread 3.
Thread 4.
Thread 5.

Thread 5 is bumped and is now Thread 1. The post that bumped Thread 5 is deleted. Thread 1 returns to Thread 5. This is basically "reverse bumping"

Make it an opt-out feature. It should be the default to prevent spam, imo.

To OdiliTime: Thoughts?

odilitime Board volunteer 08/12/2017 (Sat) 21:58:05 [Preview] No. 6919 del
Wouldn't do anything for spam. I'll bring it up to StephenLynx see if he can put it in 1.9

Anonymous 08/14/2017 (Mon) 19:18:52 [Preview] No. 6920 del
I've just gotten a block bypass on my VPN for the first time, does this affect all IPs or just some?

odilitime Board owner 09/08/2016 (Thu) 05:12:04 [Preview] No. 4983 [Reply]
I had a development server breached that I had an old development copy of the Endchan database (without media).

All users are advised to change their passwords ASAP.

Development server was breached used an redis/ssh exploit. Redis was installed and usually ran as a user but recently doing some development work, I accidentally started it up as root to look something up and left it running. Redis then can write to your ssh keys and insert unwanted keys and allow root access. All files in /root and /home were removed and a note was left:

>Hi, please view here: http://pastebin.com/raw/vadfLyDS for information on how to obtain your files!

Luckily I have bandwidth logs on that box and I can see there was nothing transferred out of the box. So my guess is they just deleted the files. The nature in which they left the machine leads me to believe this was an automated attack (plenty of other meaningful data directories were left alone).

The copy of Endchan's data is left untouched on this development server. However the dump that was used to transfer the copy was still likely in the /root directory that was deleted. I will get the date of the data copy as soon as I can do some data recovery on that machine, I estimated the copy to be an early 2016 Q2 dump. This server is now offline.

At Endchan, we want to be as transparent as we possibly can and even though we do not believe anything was leaked, we cannot rule out nothing happen with 100%. And even if we could be certain that nothing was at risk, we still want to report anything of this nature to our users.

I fucked up, I'm sorry for any troubles this may and has caused any of you.

Please let us know any questions you may have.
13 posts and 4 images omitted.

odilitime Board owner 11/29/2016 (Tue) 11:16:02 [Preview] No. 5344 del
>Why is/was your development/test server accessible online?
because we needed public testers.

>Could you check the logs if a mod volunteer like >>>/pol/23993 was in the logs of potential account takeovers
Not sure how to figure that out, let me talk with Lynx.

>You do still have a copy of that old DB, right?
No I don't.

Anonymous 11/29/2016 (Tue) 23:46:32 [Preview] No. 5380 del
Then make a mock test site, not a duplicate, yesh.
>No I don't.
This is bad. M8, when you can, study up on Sysadmin. Rule 37 of "After an attack" is to keep an archive of the exploit. You want to retrospect on how malicious attacks are growing, so you proactively scope those vulnerabilities.

odilitime Board owner 12/06/2016 (Tue) 01:38:31 [Preview] No. 5428 del
>make a mock test site
That's what this was. What's the point of the test if you aren't testing real data. Very few have a budget to generate similar but different data.
But you're right in the sense that we did need every users' account on the dev server. That could have and should been cleaned out more.

>keep an archive of the exploit
generally a good rule. I have a large archive of them, however the size of this development server was too large. I did a thorough analysis and deleted it. The vulnerability was easy to figure out and very popular, so there was plenty of documentation on it. In this specific case the storage costs outweighed the value.

Anonymous 12/07/2016 (Wed) 18:30:32 [Preview] No. 5430 del
As long as you archive and properly mock the test server from hither on, you will form a basis to document changes dependent on the master branch. Usually it is cheaper to VPN the server in a locked virtual environment, so you see a full scope of the system. Vulnerabilities are getting scarier and efficient, thanks in part to manufacturers leaving vulnerabilities in the hardware/UEFI/BIOS/firmware. Right now, the biggest threat are GPUs with DMA and their undocumentation: enormous processing power that when clustered, can replicate innumerable vulnerabilities in one machine before the next cycle hits the CPU to address the bus.

Anonymous 04/04/2017 (Tue) 22:02:00 [Preview] No. 6042 del
testing sticky bump

Anonymous 08/17/2017 (Thu) 21:21:29 [Preview] No. 6925 [Reply]
ADD [d+]

Anonymous 08/18/2017 (Fri) 02:23:59 [Preview] No. 6927 del
it exists, just check the "global" checkbox

(168.14 KB 1054x1854 CIAltKike.png)
Anonymous 08/17/2017 (Thu) 21:30:20 [Preview] No. 6926 [Reply]

Can you guys bring these threads back? They were slid off the board

Anonymous 05/02/2017 (Tue) 04:20:23 [Preview] No. 6241 [Reply]
has been hit hard by cp spam bots. I'm not going to go through and global report every post of it but its needing a nuke dropped. Might have hit some of the other low activity boards too, didn't check them all.
9 posts and 2 images omitted.

odilitime Board volunteer 06/13/2017 (Tue) 08:33:50 [Preview] No. 6441 del
thanks, nuked.

Anonymous 08/10/2017 (Thu) 21:43:33 [Preview] No. 6915 del
/draw/ has cp AGAIN

Anonymous 08/11/2017 (Fri) 08:26:34 [Preview] No. 6916 del
Use the global report form. It should quicker than posting here. I'm not an expert but it doesn't look like children to me, which might be why no one reported it.

It might be worth deleting unclaimed boards after a certain number of months? Boards should have their own staff to take care of this.

Anonymous 08/11/2017 (Fri) 08:58:16 [Preview] No. 6917 del
Actually, they did get deleted but 2 new ones have been posted. One of which doesn't look like cp but the other one does.

Anonymous 08/14/2017 (Mon) 23:35:32 [Preview] No. 6924 del
Someone's been spamming the child porn links with not always actual CP (but sometimes) and file names like asdadasdas. I know who this is. The same faggot who fucked with /pol/ constantly, and uses VPN to hop around as he's banned. When you report, make sure to tick the Global box and pay attention whether the reporting system doesn't say you're "spamming" the report. Otherwise it probably won't go through.

Embeds Anonymous 07/25/2017 (Tue) 12:41:53 [Preview] No. 6839 [Reply]
Can you change the embed option?
For example this
https://youtube.com/watch?v=2YBVcFaVPvw [Embed]&lc=z13gfzma0nzavhstm22dxrypuwqvenpuo.1414579869517629
It does not allow anyone to link stuff.
The only thing you can link on youtube is direct video links, no comment links, no playlist links, the embed button is right in the middle of the link.
Can you either put it before the https://youtube.com or after the full link?

Anonymous 08/04/2017 (Fri) 15:34:38 [Preview] No. 6901 del

Anonymous 08/10/2017 (Thu) 14:17:02 [Preview] No. 6914 del

(67.21 KB 640x640 cock.jpg)
60 second post cooldown flood error Anonymous 07/31/2017 (Mon) 17:33:40 [Preview] No. 6873 [Reply]
plz remove
k thx
4 posts and 2 images omitted.

Anonymous 08/01/2017 (Tue) 03:08:21 [Preview] No. 6886 del
(43.14 KB 700x689 be97.jpg)
Meant to reference
Fatigued brain.

odilitime Board volunteer 08/01/2017 (Tue) 09:02:41 [Preview] No. 6888 del
yea I think this is the way forward. I'll reduce it until we can get the BO option in place.

Anonymous 08/01/2017 (Tue) 17:44:15 [Preview] No. 6889 del
thx budy

Anonymous 08/04/2017 (Fri) 20:59:47 [Preview] No. 6902 del
its still too high
hurry up with the change or lower it back to what it was
nobody is raiding

Anonymous 08/09/2017 (Wed) 18:32:37 [Preview] No. 6913 del

Anonymous 08/08/2017 (Tue) 23:20:26 [Preview] No. 6911 [Reply]
>>>/pol/45414 gives me a 404, I checked the logs and nobody has deleted it, what's up with that?

odilitime Board volunteer 08/09/2017 (Wed) 11:15:23 [Preview] No. 6912 del
not a 404 for me.

how to stop the cp spam Anonymous 08/03/2017 (Thu) 17:53:58 [Preview] No. 6896 [Reply]
Some ideas to help stop or at least slow down the cp spam. If you could implement a way to ban the urls that are getting posted from getting posted again. 4chan, 420chan a lot of chans spitout a ban for certain links automatically, since these are cp links there should be no qualms about doing that if it can be done. Also, if there's a way to autoban the images that get posted. Now the bots will adapt past this but these two steps would really help. Anyone else got some ideas?

Anonymous 08/03/2017 (Thu) 17:58:56 [Preview] No. 6897 del
Important to note is that various sites that have even put up a google catchpa still see this shit. The catchpa is being worked around or its being posted manually. I think the only real thing to do is make the spammers job difficult enough (person or bot) so that it dosen't make it through.

odilitime Board volunteer 08/04/2017 (Fri) 12:33:13 [Preview] No. 6900 del
We already do this.

It's a tough balancing act.

Anonymous 08/07/2017 (Mon) 08:54:42 [Preview] No. 6906 del
Seeing this cp spam constantly is starting to really fucking depress me.

We need hash bans for this guys pictures to stop him from uploading it repeatedly.

We also need more glovols for around the clock coverage on an agreement to only delete the spam. Can we have a recruitment campaign please? Pull some people in from IRC maybe? A message to BOs?

Anonymous 08/07/2017 (Mon) 09:58:46 [Preview] No. 6907 del
>muh freedom of speech

You know there will be someone who'll argue that, they always do.

Anonymous 08/07/2017 (Mon) 23:53:54 [Preview] No. 6910 del
He changes them constantly.

The only thing that barely kept him at bay over lynxhub was doing an OCR on images looking for the link.

He posts manually but doesn`t have many domains available.