this post was submitted on 10 Jul 2023
32 points (100.0% liked)

Beehaw Support

2797 readers
1 users here now

Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.

A brief FAQ for lurkers and new users can be found here.

Our September 2024 financial update is here.

For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community


This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.


if you can see this, it's up  

founded 2 years ago
MODERATORS
 

Were we actually even hacked? Are we patched? And should we do anything like change our passwords?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 48 points 1 year ago (3 children)

We were not hacked. The site was taken down preemptively for security measures. Are we ok? Yet to be determined fully.

Incident response on the available systems and data, show attempted XSS comments sourced from federated instances; none on Beehaw itself. Those were deleted from our Beehaw database. Additional security measures put in place to try and mitigate XSS and other Web based exploits. Changed the Content-Security-Policy to be more strict (might break some apps). Secrets for tokens and salting passwords were changed on the backend. You shouldn't need to change your password, but it can't hurt at this point.

If you're unable to login on Firefox:

* Open Beehaw website, tools -> more tools -> web developer tools

* Delete EVERYTHING for cache, cookies, indexed db, local storage, session storage

* Ctrl+F5 the page and try to login again.
[–] [email protected] 8 points 1 year ago (2 children)

I'm a Liftoff user right now, I had to clear the app cache and relog in order to continue using the app. Maybe it will help someone

[–] [email protected] 4 points 1 year ago

I had to relog on Memmy as well. Both here and for .world

[–] [email protected] 3 points 1 year ago

Same but for Memmy. Cleared cache and a relog, back in business

[–] [email protected] 3 points 1 year ago

Good on y'all for being on top of things!

[–] [email protected] 1 points 1 year ago

If you’re unable to login on Firefox:

I also had trouble signing back in again on Edge.

To fix it I had to delete the Beehaw.org cookies using the following method:

  • Click the menu (three dots) button.
  • In the menu that then opens click "Settings".
  • Click "Cookies and site permissions" in the list on the left.
  • Click "Manage and delete cookies and site data" at the top of the list in the centre.
  • Click "See all cookies and site data". This is located fourth option from the top. The last option in the first block of options in the centre.
  • Type "beehaw.org" in the "Search cookies" box at the top right (or just scroll through the list until you find it.)
  • Click the chevron/down arrow on the right hand side of the beehaw.org entry. Then click all the little trashcan icons next to the beehaw.org cookies to delete them (I had two, but now only have one. Make sure they are only the ones marked beehaw or you may delete cookies from other sites if you chose to scroll rather than search.)
  • Can't remember if I used "ctrl + F5" on the log in page to cleanly refresh it but it probably wouldn't hurt.-