this post was submitted on 15 Apr 2024
39 points (85.5% liked)

Lemmy.world Support

3248 readers
1 users here now

Lemmy.world Support

Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.

This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.

This community is subject to the rules defined here for lemmy.world.

To open a support ticket Static Badge


You can also DM https://lemmy.world/u/lwreport or email [email protected] (PGP Supported) if you need to reach our directly to the admin team.


Follow us for server news ๐Ÿ˜

Outages ๐Ÿ”ฅ

https://status.lemmy.world



founded 2 years ago
MODERATORS
 

I often use a commercial VPN service, which I suspect is not rare among Lemmy users. Most of the time, I'm able to post to lemmy.world, but on occasion I am not. The default web UI provides zero feedback, just a spinning submit button forever, but if I look in the browser dev tools, I can see it's being blocked.

I understand that some limitations are necessary to prevent spam and other abuse, however this is a very blunt instrument. The fact that I have a 10 month old account with consistent activity should outweigh any IP address reputation issues.

Perhaps the VPN limitations could be narrowed in scope to cover only account creation and posts from young accounts.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 5 points 8 months ago (1 children)

There's some very good reasons:

  • VPN traffic could be masking an attack on the account
  • By using a VPN, they lose a degree of certainty that it's you, they can't use the IP address as a factor to establish the probability it's actually you
  • Differentiating you as a person, from other people with the same source address, perhaps who are behaving poorly, or who've implemented robots to do things Google doesn't like.

I fully believe VPNs should be a fundamental right on the internet, nobody should have to identify themselves by IP address to use the internet. But from an account security perspective alone there's a good reason to be extra super duper sure of somebody before allowing them to log in

[โ€“] 5h17h34d 4 points 8 months ago (2 children)

But, I'm LOGGED IN. To Google. Bad actors on the same VPN ip address are not logged in as me (I hope).

[โ€“] [email protected] 3 points 8 months ago

Say that to the victim of cookie stealing attack

[โ€“] [email protected] 2 points 8 months ago

Somebody might have stolen your login cookies, and is impersonating you. If the IP that your traffic originates from changes rapidly that could be an indicator.