Beehaw Support

2794 readers

1 users here now

Support and meta community for Beehaw. Ask your questions about the community, technical issues, and other such things here.

A brief FAQ for lurkers and new users can be found here.

Our September 2024 financial update is here.

For a refresher on our philosophy, see also What is Beehaw?, The spirit of the rules, and Beehaw is a Community

This community's icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

founded 2 years ago

MODERATORS

[email protected]

So is everything ok at Beehaw now? (beehaw.org)

submitted 1 year ago by [email protected] to c/[email protected]

9 comments fedilink hide all child comments

Were we actually even hacked? Are we patched? And should we do anything like change our passwords?

top 9 comments

sorted by: hot top controversial new old

[–] [email protected] 48 points 1 year ago (3 children)

We were not hacked. The site was taken down preemptively for security measures. Are we ok? Yet to be determined fully.

Incident response on the available systems and data, show attempted XSS comments sourced from federated instances; none on Beehaw itself. Those were deleted from our Beehaw database. Additional security measures put in place to try and mitigate XSS and other Web based exploits. Changed the Content-Security-Policy to be more strict (might break some apps). Secrets for tokens and salting passwords were changed on the backend. You shouldn't need to change your password, but it can't hurt at this point.

If you're unable to login on Firefox:

* Open Beehaw website, tools -> more tools -> web developer tools

* Delete EVERYTHING for cache, cookies, indexed db, local storage, session storage

* Ctrl+F5 the page and try to login again.

[–] [email protected] 8 points 1 year ago (2 children)

I'm a Liftoff user right now, I had to clear the app cache and relog in order to continue using the app. Maybe it will help someone

[–] [email protected] 4 points 1 year ago

I had to relog on Memmy as well. Both here and for .world

[–] [email protected] 3 points 1 year ago

Same but for Memmy. Cleared cache and a relog, back in business

[–] [email protected] 3 points 1 year ago

Good on y'all for being on top of things!

[–] [email protected] 1 points 1 year ago

If you’re unable to login on Firefox:

I also had trouble signing back in again on Edge.

To fix it I had to delete the Beehaw.org cookies using the following method:

Click the menu (three dots) button.
In the menu that then opens click "Settings".
Click "Cookies and site permissions" in the list on the left.
Click "Manage and delete cookies and site data" at the top of the list in the centre.
Click "See all cookies and site data". This is located fourth option from the top. The last option in the first block of options in the centre.
Type "beehaw.org" in the "Search cookies" box at the top right (or just scroll through the list until you find it.)
Click the chevron/down arrow on the right hand side of the beehaw.org entry. Then click all the little trashcan icons next to the beehaw.org cookies to delete them (I had two, but now only have one. Make sure they are only the ones marked beehaw or you may delete cookies from other sites if you chose to scroll rather than search.)
Can't remember if I used "ctrl + F5" on the log in page to cleanly refresh it but it probably wouldn't hurt.-

[–] [email protected] 10 points 1 year ago (1 children)

Ah I thought it was just me! Couldn't log in for a good couple of hours (which was good really as it made me do my work ha)

[–] [email protected] 12 points 1 year ago (1 children)

Usually when beehaw is down for maintenance they’ll post on mastodon (https://hachyderm.io/@beehaw) - they posted there about preemptively taking it down due to the lemmy world hack.

[–] [email protected] 3 points 1 year ago

Ah thanks for the headsup