Selfhosted

59973 readers

403 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
No spam.
Posts here are to be centered around self-hosting. Please ensure it is clear in your post how it relates to self-hosting.
Don't duplicate the full text of your blog or git here. Just post the link for folks to click.
Submission headline should match the article title.
No trolling.

Resources:

selfh.st Newsletter and index of selfhosted software and apps
awesome-selfhosted software
awesome-sysadmin resources
Self-Hosted Podcast from Jupiter Broadcasting

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 3 years ago

MODERATORS

curbstickle@anarchist.nexus

curbstickle_lw@lemmy.world

361

Google flags Immich sites as dangerous (immich.app)

submitted 7 months ago by rustyredox@lemmy.world to c/selfhosted@lemmy.world

79 comments fedilink hide all child comments

Has this impacted your self hosted instances of Immich? Are you hosting Immich via subdomain?

https://news.ycombinator.com/item?id=45675015

you are viewing a single comment's thread
view the rest of the comments

[–] FreedomAdvocate 15 points 7 months ago (11 children)

Why are the immich teams internal deployments available to anyone on the open web? If you go to one of their links, like they provide in the article, they have an invalid SSL certificate, which google rightly flags as being a security risk, warns you about it, and stops you from going there without manual intervention. This is standard behaviour and no-one should want google to stop doing this.

I was going to install linux on an old NUC to run immich some time soon, but think I might have to have a look to see if it has been audited by some legit security companies first. How do they not see this issue of their own doing?

[–] chaospatterns@lemmy.world 9 points 7 months ago* (last edited 7 months ago) (6 children)

It is for pull requests. A user makes a change to the documentation, they want to be able to see the changes on a web page.

If you don't have them on the open web, developers and pull request authors can't see the previews.

The issue they had was being marked as phishing, not the SSL certificate warning page.

[–] FreedomAdvocate 0 points 7 months ago (1 children)

The issue they had was being marked as phishing, not the SSL certificate warning page.

Have you seen what browsers say when you have a look at the SSL certificate warning page?

It is for pull requests. A user makes a change to the documentation, they want to be able to see the changes on a web page.

Why is a user made PR publishing a branch to Immich's domain for the user to see?

[–] BCsven@lemmy.ca 1 points 7 months ago (1 children)

I thought that was how pull requests worked, its a branch if you'veade a departure to edit code, you have the pull request and ask them to merge into the main branch. It should be visible to everyone so everyone can review the change.

[–] FreedomAdvocate 1 points 7 months ago

The branch for the PR shouldn't be hosted on the production site's domain, and that deployment that the company will be testing and reviewing shouldn't be accessible to the public. They even have internal in the URL, while being accessible by external people lol

load more comments (4 replies)

load more comments (8 replies)