Mbin Blog Updates @kbin.melroy.org melroy @kbin.melroy.org 3w ago

Mbin v1.8.0 released

Today we released Mbin v1.8.0! It has been already 1 month since we released v1.7.4.

This is the v1.8.0 release of Mbin and it is a feature packed one like always ;).

It brings an extensive bookmarking system, signup request support, signup notifications, extended markdown rendering, custom notification settings to set magazines, users, threads and microblogs to default, loud or muted, setting a default sort for the front page and comment lists, a new image delete command for admins and documentation changes.

You also still might want to double check if you are using the latest Nginx configs (v1.8.0 has now additional regex improvements).

I want to thank all the contributors! We can't do it without you all!

Mbin takes a lot of time to develop, maintain and improve. Created as a successor of /kbin, but still going strong ever since. If you would like to support this work or cover the server costs, please consider donating. Thank you.

Melroy

EDIT: There is a more detailed post here.

30 comments

Very impressed by the clean UI Mbin is bringing to the Fediverse. Really nice!
- Thank you for your kind words.
Thank you all for your work! Happy to use mbin pretty much everyday!
- You have no idea how motivating it is to hear, that people use your code ❤️
- Haha yes
- That is wonderful to hear!
Link to release: https://github.com/MbinOrg/mbin/releases/tag/v1.8.0
- @melroy@mastodon.melroy.org @melroy@kbin.melroy.org following up on the comment i left for you here... i realized i can see an mbin view of that user's profile via fedia.io, and their links are in fact broken there too.
  
  do you have any idea how/why this is happening? maybe they're using some broken client?
  
  i also noticed that my first comment in this thread has (so far at least) not appeared in fedia.io's view of it; maybe it won't make it to your mbin instance either?
  
  so, i am posting this comment in a reply to a comment from your mastodon account instead, in hopes that it might reach you there.
  
  Thanks for bringing this to my attention.
  
  @cypherpunks@lemmy.ml @melroy@kbin.melroy.org @badwetter@kbin.melroy.org I don't see broken links? Which links are broken, sorry?
Thank you for the bookmarks!!!!
- Thank you for using Fedia/Mbin.
So just curious, kbin.melroy.org requires logging in now? Why, was it being DDOSed in some way?
- Correct, I did enable this login option for now, to reduce the impact on application level. Sorry about that.
  
  The attack has been ongoing from Feb 8 2025, until today still. It comes in waves, I dunno who is attacking me or why. I use my firewall to block some of the origin countries where the attacks are coming from. However, the Botnet is located in basically very country on the planet. I migrated to OpenResty and will implement additional anti-DDos measures as well as optimizing Mbin further to reduce CPU overhead.
  
  TLDR;
  
  Attack started at Feb 8 2025, and still continues
  
  Attacker is using a botnet from across the globe
  
  Attacker is using valid GET requests with legit user-agent strings
  
  Attacker is using both mobile and fixed line ISP types, so these are devices behind various ISPs across the globe. No cloud infrastructure is used.
  
  Reason of the attack: Unknown
  
  Thanks for the detailed answer. I imagined it was due to something like that. Sounds like a "homebuilt" DDOS platform if its coming from any compromised device, so it could be any number of BS reasons, just simply testing out their botnet, or stressing the server to probe for specific vulnerabilities.
Am i the only one seeing duplicated profile pics next to the usernames? Or did I miss something in the update?
- he! You are right! I also now see it, thanks for noticing. I'm actually not running main branch, but this PR: https://github.com/MbinOrg/mbin/pull/1472
  
  I think I exactly set showAvatar on true within the comment section or something? My bad, I will try to solve this asap again. Obviously this is not wanted :)
  
  Thanks again for reporting.
  
  @SharkAttak@kbin.melroy.org I fixed it already :)
Hi Melroy,

First, thank you for writing free software!

Unfortunately your software came to my attention because I observed what I think might be a bug in it: 100% of the posts by https://lemmy.ml/u/badwetter@kbin.melroy.org have broken links (at least over here on the lemmy side).

Interestingly I see that the links in this post i'm commenting on (which was made a week ago) are not broken, and I also see that one of that other user's posts (also with a broken link) is from 3 months ago, so, apparently this is not happening to everyone all the time - but somehow that user at least is having an ongoing problem.

Btw, it is also unfortunate that the permalink (accessible from lemmy's view with the fediverse icon) for each post and comment from your mbin instance takes me to a login page, so I would need to make an account there to see if their links are also broken on the mbin side.
@melroy@kbin.melroy.org I tuned out of the Kbin drama for bit. Only coming back to actively using Mbin again recently. IMPRESSIVE improvements!
... custom notification settings to set magazines, users, threads and microblogs to default, loud or muted, ...

Is there any information on how this works, what it's actually doing?
- From this post: https://gehirneimer.de/m/mbinReleases/t/486586
  
  The settings are (from left to right): muted, default and loud.
  
  Default respects your global notification settings, while the other two modify it. They are processed hierarchically, meaning a muted user commenting on a loud thread which belongs to a muted magazine will not trigger a notification, while a loud or default user would. Another example: a muted thread in a loud magazine will not trigger a notification for new comments unless the commenting user is set to loud.
  
  Hope this helps :)

30 comments