cross-posted from: https://lemmy.ml/post/1895271
FYI!!! In case you start getting re-directed to porn sites.
Maybe the admin got hacked?
edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.
Post discussing the point of vulnerability: https://lemmy.ml/post/1896249
It’s worse than that. Until Lemmy is more mature, I would reccomend using the lite version of Lemmy, the JS-free version, for sake of client side security. Alternatively, or as an added point of security, the front-ends themselves should implement more sanitazion themselves. I’m willing to spend some free time vulnerability testing, but I would need a dedicated sand-box for that.
The ansible method of setting up a lemmy instance generally “just works”. I set one up for federation tests with kbin recently.