this post was submitted on 10 Jul 2023
32 points (100.0% liked)
Beehaw Support
2797 readers
1 users here now
Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.
A brief FAQ for lurkers and new users can be found here.
Our September 2024 financial update is here.
For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community
This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
We were not hacked. The site was taken down preemptively for security measures. Are we ok? Yet to be determined fully.
Incident response on the available systems and data, show attempted XSS comments sourced from federated instances; none on Beehaw itself. Those were deleted from our Beehaw database. Additional security measures put in place to try and mitigate XSS and other Web based exploits. Changed the Content-Security-Policy to be more strict (might break some apps). Secrets for tokens and salting passwords were changed on the backend. You shouldn't need to change your password, but it can't hurt at this point.
If you're unable to login on Firefox:
I'm a Liftoff user right now, I had to clear the app cache and relog in order to continue using the app. Maybe it will help someone
I had to relog on Memmy as well. Both here and for .world
Same but for Memmy. Cleared cache and a relog, back in business
Good on y'all for being on top of things!
I also had trouble signing back in again on Edge.
To fix it I had to delete the Beehaw.org cookies using the following method: