18 Fediverse
Namhyeon, Go edited this page 2024-10-18 23:35:29 +09:00

Fediverse

This document covers how to block spam using Caterpillar Proxy in web applications using the federation based on the ActivityPub protocol (referred to as Fediverse), such as Mastodon, Misskey, Pleroma. #

Spam filtering strategies

  • K-Anonymity test - Estimating whether the characters has been arranged by humans. (use Have I Been Pwned)
  • Not CAPTCHA - Image spam containing characters that look very similar to CAPTCHA. (use TrueCaptcha)
  • VowelRatio10 - In characters arranged by humans, there is a high frequency of vowels (aeiou) and semivowels (wy) and vowel-ending patterns included in strings that are 10 characters.
  • Palindrome4 - Detect palindromes composed of 4 or more characters
  • KnownWords4 - Detect well-known words composed of 4 or more characters
  • SearchEngine3 - In public search engine, the given string yields more than 2 results. (use LibreY)
  • RepeatedNumber3 - Detect a repeated numbers 3 times or more.
  • SSL decryption (MITM) when relaying to federated servers.

The strategies were implemented to respond to the Fediverse Spam Attacks which started on the 15th of February. # #

Example of settings.ini (or .env)

[settings]
PORT=5555
SERVER_URL=localhost
SERVER_CONNECTION_TYPE=proxy
CA_KEY=ca.key
CA_CERT=ca.crt
CERT_KEY=cert.key
CERT_DIR=certs/
OPENSSL_BINPATH=openssl
CLIENT_ENCODING=utf-8
LOCAL_DOMAIN=example.org,www.example.org,social.example.org,private.example.org
PROXY_PASS=http://127.0.0.1:3000
MASTODON_SERVER=
MASTODON_USER_TOKEN=
TRUECAPTCHA_USERID=
TRUECAPTCHA_APIKEY=
LIBREY_APIURL=https://serp.catswords.net
DICTIONARY_FILE=/usr/local/src/english-words/words_alpha.txt
BAD_DOMAIN=krsw-wiki.org,midokuriserver.github.io
USE_EXTENSIONS=fediverse.Fediverse

For Mastodon users

In [Caterpillar installed directory]/settings.ini or .env

  1. set SERVER_URL variable to localhost in .env (e.g. SERVER_URL=localhost)
  2. set PROXY_PASS variable to Mastodon backend URI (e.g. http://127.0.0.1:3000)
  3. if you want use notification, set MASTODON_SERVER(server domain) and MASTODON_USER_TOKEN(access token) variables

In [Mastodon installed directory]/env.production

  1. set http_proxy variable to http://localhost:5555 (e.g. http_proxy=http://localhost:5555)

In NGINX configuration

  1. Check your port number of Caterpillar (default: 5555)
  2. In NGINX configuration (e.g. /etc/nginx/conf.d/mastodon.conf), edit the proxy_pass like a proxy_pass http://localhost:5555