1. For all the mentioned cases, if your firewall blocks incoming packets by default, no one can access it, no matter what is the source of the port being open.

2. You don’t configure it on the docker level, at least if you care about outside connections. If you mean from your local computer to a docker container, by default you cannot connect, unless you expose the port to the system. If you mean from other docker containers, just create your own separate network to run the container in and even docker containers cannot access the ports.

3. I usually use netstat -tulpn, it lists all ports, not only docker, but docker is included. docker ps should also show all exposed ports and their mappings.

In general, all docker containers run on some internal docker network. Either the default or a custom one. The network’s ports don’t interfere with your own, that’s why you can have 20 nginx servers running in a docker container on the same port. When you bind a port in docker, you basically create a bridge from the docker network to your PC’s local network. So now anything that can connect to your PC can also connect to the service. And if you allow connection to the port from outside the network, it will work as well. Note that port forwarding on your router must be set up.

So in conclusion, to actually make a service running in docker visible to the public internet, you need to do quite a few steps!

• bind a port to your local host
• have your local firewall allow connection to the port
• have your router set up to forward connections on the port to your machine

On Linux, local firewall is usually disabled by default, but the other two steps require you to actively change the default config. And you mention that all incoming traffic is dropped using UFW, so all three parts should be covered.

@[email protected] Does the previous message sound like from an AI or someone imitating an AI?

Yes. But at least with the admin group I’m part of, it’s dealt with fairly quickly, because we employ automated tools to help fight the spam.

We also have auto moderators. The recent spam wave didn’t occur on my instance at all. But my Matrix notification channel sure did explode with messages of bots being banned.

That just won’t work. First and foremost, I won’t be hosting illegal stuff, just so you can have your freedom. Think child porn and stuff. Happened multiple times on Lemmy and probably will happen again. If you haven’t seen it, your admin most likely has and dealt with it.

And with stuff like Hexbear and other troll instances, I just don’t want to deal with tens of reports a day, I simply block them because they’re trolls.

If you want that kind of freedom, you have to create your own. I’m not gonna spend a significant amount of time on reports that can be avoided. And definitely not going to prison.

Well, at least I review the user profile in question when banning people. And take the whole context into account. Makes it harder, but I can usually ban people with clear conscience.

It started happening to me as well. And only on Lemmy.

It goes to the mods and to the admins of either the reporting user’s instance or the instance of the user being reported.

So whenever a lemmings.world user reports something, I know about it and whenever something by a lemmings.world user is reported, I know about it as well.

I personally don’t moderate content that breaks community rules, I think that’s the mods responsibility/privilege, but if it breaks instance rules, I deal with the comment/post/pm myself. Some of the other admins I know moderate the same way.

Damn, just recently I started working on something similar.

Just implemented it for fun on my instance (lemmings.world). Sadly you need to be a user of that instance for it to work. When logged in you go to https://lemmings.world/rss/init, afterwards a link is shown (among other information) that looks something like https://lemmings.world/rss/4e6490fe0613f6e2e03cd420f71df14476e769b57604652921c1a7b2150f0888 - that is your personal RSS feed of stuff you saved with a URL that cannot be guessed automatically (the hash is entirely random).

It could be made to work for all instances, but that would take me a while. You can also ask the admins to install the app on their website (it’s open source and can be found at https://github.com/RikudouSage/LemmyPersonalRss).

I mean, Lemmy devs are tankies, who participate in misinformation sharing.

If you see some, report it. Some of us admins of other Lemmy instances take disinformation seriously.

I’m using Proton mail, I like their focus on privacy and e2e (only with other Proton users, though).

Obviously we all should go back to the place we were before colonising any land. So back to single cell organisms of the sea. Hexbear and .ml people already have a head start.

I mean, what do you expect? Those two unwashed apes created Lemmy because no one wanted to listen to them on Reddit. Just try staying away from .ml, your online experience will be vastly improved.

All five of them.

Doesn’t it break a lot of things? Half the stuff refuses to work when some specific files have too permissive chmod.

I was talking about Nintendo, they constantly sue people (and other companies) for obscure amounts of money just because they’re rich and can afford it.

Well, Fedora 40 here as well and it just doesn’t work on my computer. Sure, Nvidia, blah blah blah. X does work flawlessly on my machine, though.

Like trying to destroy people’s lives so they can make a few dollars.

Stop projecting, maybe? No, I’m not forced. But I want to, because I refuse to pay any more money to such a shitty company. I paid for the product, now I’m gonna use it the way I want to.

Price is not my reason for pirating. Seriously, people are different from you, stop assuming that everyone has the same motivation as you do.