Config NGINX to irreversably obfuscate the source IP address and make your logs MORE useful!
  last edited: Mon, 24 Sep 2018 19:11:06 +0200  
!Hubzilla Development !Hubzilla Support Forum

A little tip to make tracing what's going on with users perhaps just a little easier - or, if you're like me and have several browser windows open, it becomes difficult to trace what each one's doing and can be quite confusing. This also irreversably obfuscates potential identity information and may be handy for GDPR compliance.

1) Change your MAIN logging string to use a custom MD5 hash (this usually resides in nginx.conf:


log_format main '$remote_digest - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';


2) Set the $remote_digest variable in your server configuration


set $mkdigest '{SomeCustomSalt} $remote_addr $cookie_PHPSESSID';
set_md5 $remote_digest '$mkdigest';


3) Apply the main logging string to your logs


access_log /var/log/host-access.log main;


You can create a similar string for the error logging.

You will not be able to identify IP addresses anymore, but this will actually be MORE HELPFUL in looking at your logs. Imagine a family all sitting behind a NAT router in their home. There would be no way in the log to identify which is which! But with this, each device even on a NAT network has it's own tag - allowing you to track them independently of one another.
  
So... before you do this, you have gotten explicit permission to track them and have stored the exact date and time, I hope?
As the cookie is set by your machine and you use it to track them through your log, it's a tracking cookie, no longer just a session cookie.
All the suggestions regarding the GDPR about not tracking IPs is not about IPs. It's about tracking.
The GDPR requires you to provide proof that they have given you permission to track them. Unless you get permission to track them and can provide proof in a log for that, this will very likely violate GDPR.
  
Let's be clear - almost ANY logging on the Internet violates the GDPR - especially the default logging enabled by most web servers. Yet, logging is a necessary part of operations and security.

But take careful note that the raw cookie is not used in this implementation. You cannot "track" identifiable individuals with this method. The method described fits the definition of pseudonymization contained within the GDPR: "“the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” Additional information would be required and that information is not available in the same place as the logs.

The "identifier" in the log is a one-way hash of the cookie, the IP address and a salt. None of these appears in the log file itself. There is no mechanism to attach the log data with a particular actor or to track an identifiable individual. Therefore, this method does NOT provide for tracking of individuals. The Session ID will change by browser and even vary within the same browser in certain circumstances - so it does not attach to an individual.

It WOULD be wise, to implement some of the current best practices to change the sessionid more often than the PHP default of daily. Changing the sessionid hourly or every couple of hours is not a bad idea anyway.
  
I will grant you that there is a way to POTENTIALLY infer personally identifiable information based on the specific log string in the example above. That also can be mitigated by a couple of tweaks to the log string without any significant detriment to usefulness of the log data (though there would be some).
Feature request: "forced to tag a post"
  last edited: Mon, 24 Sep 2018 16:34:27 +0200  
!Hubzilla Support Forum!Hubzilla Development!Hubzilla Support Forum
!Hubzilla Support Forum!Hubzilla Development

I find that the structure of the hubzilla support form is not very efficient. Many questions are asked over and over again and quit a lot of time is lost by answering this question over and over again.
If questions and answers were tagged and if there would be also a given poll of tags to choose from - the search for answers would be much better.

If someone wants to post in a forum he/she should be forced to tag the post. This could be a setting which the admin could activate  - or could a new plugin do this?
THANKS
  
forces to categories a post would work as well ;-)
Need help with WebDAV

  last edited: Mon, 24 Sep 2018 07:23:04 +0200  
hello !Hubzilla Support Forum

WebDAV access is not working for me :-(

1) OUTSIDE HUBZILLA: I enabled WebDAV on my Synology NAS just to confirm that WebDAV acces is working on my Windows 10 PC if I supply a valid connection

2) HUBZILLA: I tried both, against my "public" (shared web hoster) https://hub.ax9.eu/ and my local (on NAS) playground https://hubdev.ax9.eu/ - I cannot get a connection going from Windows 10.

What I used:
URL: https://hub.ax9.eu/dav/jens-privat (one of my channel nicknames)
USER: the actual user name that the channel belongs to
PASSWORD: the password I use to log onto hubzilla website with the given user

Where is my mistake?

The apache log on the server remains empty, the hubzilla log also has nothing that seems related to webdav. How to troubleshoot?

Thanks!
 webdav
  
Works for me. You may need a logger() line in Zotlabs/Module/Dav.php::init() ...

logger('accessed: ' . print_r($_SERVER,true));

This will let you know if your credentials are being passed correctly. This is different when running php in cgi/fcgi mode vs apache module.

If you were asked for login credentials that's a good sign.

You should have one of REDIRECT_REMOTE_USER or HTTP_AUTHORIZATION set,  or PHP_USER_AUTH and PHP_USER_PW

If you see some other login stuff that looks something like 'Basic abc123:abc123'  in the $_SERVER variables  but none of the above you may need to figure out how to get that information into one of the places where we're looking for it.


Don't let Windows remember the login details. If you ever change your password you'll spend a week trying to figure out how to make Windows forget your credentials.

If using Windows how exactly did you try to connect? Through 'Map Network Drive' or some other interface?
  
Also check your Apache configs for AllowMethods

If there is a restrictive set you may need

AllowMethods GET PUT POST DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK
  
thank you, I enabled the logging.

On the remote hub.ax9.eu I don't see any of the mentioned variables!
MKCOL is missing from the allowed methods and trying to set that via .htaccess makes the server go 500
I guess the hosting provider has some lockdown in place?

On the local installation hubdev.ax9.eu I could see through the log that I have to give 'account@email' instead of just 'account'. This way I get past the login.

But then I'm stuck with an infamous Error 0x80070043

That's too much of a hassle right now. I would need the webdav for the remote server anyways and there it does not seem work at all.
Delivery Report help

  
!Hubzilla Support Forum
What is this report telling me?

I made a post on afterpod.com w/image on 20th.

On 22nd, edited the text in the message... but "update ignored".   And it tried to update itself, too? Yet can see the edited version from TLSN account, so the edit worked.

I'd like to distinguish normal vs. unusual behavior.

Image/photo
  
all 3 reticu.li are off-line ;-)
so it is normal that they are in the queue. I would say that your delivery report is perfect :)
  
I was wondering about this too. Thanks for asking, and thanks to Mike and Giac for the responses.
Serverload

 
Last days I had some problems with the server load and I suspect Hubzilla. Also there is a Moodle instance on the same server it stopped after turning off Hubzilla. Several times the server load increased  up to a complete crash. Afterwards several Hubzilla tables (e.g. item) where crashed, too. I had that problem also some month ago. I couldn't find something in the logs.
Is there something know about such a problem?
Screenshot of the processes was the best I could do ...

Image/photo
  
same problem in vilarejo...
but we are in DEV
 
We use latest MASTER.
Delivery issues?

 Halle (Saale) 
Hello !Hubzilla Support Forum
anyone else noticed delivery issues with dev branch today? Since approx. 24 hours my messege queue is growing (1090 at the moment). Delivery of outgoing comments is postponed several hours. I see that issue mostly with Diaspora protocol (Diaspora, Friendica).
Incoming post and comments are ok. They're showing up in my network stream within seconds.
I have no high load and there are no obvious errors in the log files.

Regards,
Steffen
 from Friendica
Those three are in the queue because they're not responding correctly. The high priority shows that this is no new issue with these hubs. They will soon marked as dead and the queue entries will vanish.

https://osada.reticu.li503 service unavailable

https://hub.xensen.netCertificate has expired

https://albigro.comNetwork timeout
  
those are priority numbers of dead sites, so they will soon disappear. ;-) swimming in the ocean?
  
the problem is those with low numbers (priority 10) that instead of changing or disappearing they remain there.
clone or import export unsucessfull

  
!Hubzilla Support Forum

Hello I try to move a chanel by creating by import. It did not work. Then I created export file of the empty channel then of the content year by year

I could create a channel but when I import a content I have nothing. I check the item table is still empty.

I don't now what do you need for imformation.
  
take a look at the size of the json files.
  
No the problem is other. even a very little json and nothing. This hub is install on ngnix with yunohost and I suspect something is missing

On apache with a manual installation all works fine.
  
!Hubzilla Support Forum

Is it possible as an admin to automaticaly by default pinned few apps.
I would like to pin Activity , contacts and channel home. by default for all channel.
  
!Hubzilla Support Forum

I think it is maybe too early to ask that kind of question but you can clone a channel from a hub to an other one.

Is it possible to clone or transfer a full hub from a domaine to an other domain

Is it possible to transfer or migrate hubzilla to osada.. Maybe just one command line and it's done. or one parameter somewhere.
About hubzilla commenting on diaspora

 Summer Island 
  
updated. @swimming in the ocean🏊 can you confrim its fixed?
  
@muppeth

After observation, I found that the clone channel is also the same.
Not just dishub
  
@muppeth

Thank you, the dishub is back to normal
Star Posts

  
!Hubzilla Support Forum
From the doc:
"Ability to mark special posts with a star indicator"

Yet it now appears a Star can ONLY be placed on the main post of a THREAD and not any single POST within that conversation (which is what I want to do).

Is this intended? Or is there a config option I've overlooked?
  
Yes, I like Save To Folders yet use that more as a permanent, organized collection of bookmarks.  

Star, to me, is a signal to do something later (like read, respond, tell a friend...) and I'll toggle it off when done.  A ToDo list related to posts (and/or comments).

I've also seen where star is used to signal approval (emoticons, too), much like the Thumbs Up LIKE.
  
As far as I know stars are not seen by others, so not suitable to signal approval.
  
Indeed.  And I also see a Ratings addon better for that purpose.
favicon switching

  
!Hubzilla Support Forum
I'm one of those people with TOO MANY TABS open in my browser all the time... so I rely on the icon a lot to find my way around.

Most of the time, MY favicon shows on my site... but when I click a Network Activity post entry (in the sidebar), it retrieves that thread, scrolls to the entry, and changes the icon to a default logo (hubzilla?) even though I am still on my site (have not clicked away to original post domain).

It does the same thing when click (self-hosted) documentation link.

Is there reasoning behind this behavior or is it just an oversight?
  
Okay, I'll have to look closer at that difference.

It SEEMS like viewing my full Network stream (my icon) should be the same as when I click a network Notification and am taken to the specific new post or comment within my stream (hubzilla logo).
  
Hubzilla Settings Restructuring

  last edited: Fri, 21 Sep 2018 12:37:44 +0200  
Here is the deal:

Every app (a.k.a. module) with settings will have its own settings page accessible either from the app store and from the module UI itself (settings icon beside the app name in the panel).

This will deprecate the additional features and addon settings.

I think this will ease most of the usability issues with settings we have.

If you have any objections, speak now or be quiet forever.

!Hubzilla Development !Hubzilla Support Forum
 from Friendica
No. From yesterday.
  
Pulled again. Ah! Much better. :-)
  
I agree : exemple the question Start calendar week on Monday could be on the calendar not on channel setting. That will be one less paramater. This is only my last example but you can find a lot like this.
Andhub

  
Is anyone maintaining an up to date installable version for andhub anywhere? Did a quick search and couldn't find one. I know there was one somewhere because I have it installed! Lol.

!Hubzilla Development !Hubzilla Support Forum
  
Oh, i almost forgot. I created a Nomad channel
https://hub.disroot.org/channel/nomad
  
Thanks a lot for the link, following now!
  
@sunjam
I already did share a nextcloud folder.
Jou can find it joining

https://hub.disroot.org/channel/nomad

Or by nextclod directly

https://cloud.disroot.org/s/p26pCqo7gwMjxMs


Will add files directly on hubzilla as soon as i have spare time. ;-)
 my house near the sea 
in recent times, the vilarejo hub was going well.
Some time ago we had a sort of spring cleaning ;-) , and it was fine.
starting from these days it went really well until the last week.

We have always been in DEV version.

Now, in the last week, after updating (it was a few weeks since we were not updating) it's an hell again.
But we do not have an explanation, because no new members have arrived, with new connections, etc. ... Nothing new in that sense.
So something happened in the code probably.
The error that  is giving is something  as: too many connections, number of simultaneous connections to the database.
Someone (with DEV)  is experiencing something like that in the last week ?
!Hubzilla Support Forum
  
so..it seems the problem is  in /network.
you enter and everything works, but new notifications of new messages arrive, as it is normal that it happens, but it is there that everything stops.
Just one notification is enough and hell begins....
  
As I see your hub cats.pm use outdated Hubzilla version 3.4.
Try to update it to latest release first. I believe it will resolve most part of your issues.
  
No,  i talk about vilarejo ;)
bookmarks

  
!Hubzilla Support Forum
I tried the bookmark addon but it appears to save ALL LINKS within a post to a (sub)menu/list.  Useful, but I'm really looking to bookmark a POST ITSELF... trying to organize details on certain aspects of Hubzilla where I've found some answers (and to help  update the doc at some point, I hope).

Is there a way to mark a post?

In the gear dropdown, I found Save To Folder but it doesn't seem to do anything... maybe it's for saving any attachments?  

And a star, to me, is a signal to Read Later and then I toggle it off.  I want a more permanent collection of bookmarks and would prefer to use an native tool (dog food), if possible.

I just want to collect and organize posts and/or threads.  Is there!Hubzilla Support Forum
  
Just to confirm: Once created, saved folders are not currently editable by end-users?


Depends on what you're asking for. A folder is basically a tag which only you can see. You can't change an existing folder name easily, but open a saved folder and you can delete the referenced folder name (tag) from any of the posts/comments in that (virtual) container. If there are no more posts saved to that folder it vanishes.
  
Yes. I meant there's no UI to change a "folder'" name or delete it. But that'll do nicely. Perfect. Thanks.
Friends not seeing photos in limited-visibility posts

 
Using the mobile interface, I've twice now created limited-visibility posts with photos in them, and friends on other platforms report that they can see the text but not the photo. One person mentioned that it appears to be a permissions issue.

One post was to "Friends" and another was to "Acquaintances" (a custom privacy group that I created). I checked the photos in the photo album and they have the correct privacy group used for the visibility setting. (That is, it matches the visibility I set in the original post to which I uploaded the photo.) Two friends who noted issues are on Diaspora, one is on Friendica.

I checked my own Diaspora and Friendica accounts.
* My Hubzilla account has connected to my D* account and put it in the "Friends" and the "Acquaintances" privacy groups. My Diaspora account is also connected back to my Hubzilla account and has it in the "Friends" and "Acquaintances" aspects. It successfully sees the posts *and* the photos.
* My Hubzilla account is connected to my Friendica account and has it in the "Acquaintances" privacy group. My Friendica account is connected to my Hubzilla account and notes that it is a "Mutual Friendship". However, the Friendica account sees only text in the Hubzilla's account post.
* All connected accounts see both text and photos in public posts from the Hubzilla account.

Two things are puzzling me:
1. Why my D* account can see photos in my limited-visibility posts but my Diaspora friends cannot.
2. Why my Friendica account cannot see uploaded photos in my limited-visibility posts but can see the text.

Am I perhaps not using Hubzilla's fiddlybits correctly? Or do my friends have to do something on their end to allow my photos to come through in posts?

#n00bie
  
@alysonsee

maybe?

Image/photo
  
The issue is with non-hubzilla users on federated sites. There is no authentication mechanism for them. So they aren't able to see the image. The above would work if those attempting to view the image were logged into their Hubzilla instance. But wouldn't work for Diaspora* users or Mastodon users if the image has a privacy group or individual privacy permissions applied.
  
@M. Dent


Very complicated, thank you for your explanation.
Contacts shared folder?

 
What is this supposed to do: "Show in your contacts shared folder"? I've searched the internet but found only a couple of references in Git and those don't explain what I'm seeing.

I go to "Files", navigate to a folder, click on the pencil next to a file (in this case, a photo), and click the slider for "Show in your contacts shared folder" to "Yes", then "Submit". When the page refreshes, I click on "Shared" along the top bar. (According to the Git references, this is where the file should show up.) It takes me to https://hub.disroot.org/sharedwithme and yet there is nothing listed there.

I go back to the file, click on the pencil again, and the slider has gone back to "No".

#n00bie
  
So, i guess there should be a missing apostrophe after "contacts" there?
"Show in your contacts' shared folder"
English isn't my native language, so I'm unsure about that.
 
It may be more clear to say, "Show in the 'Shared' folder of your contact(s)."

As for the grammar of adding an apostrophe, you are correct.  That would be an alternate solution.
  
I think your version would be a clear improvement.
Autocomplete for mentions in photo comments

 
Two days ago, I navigated to "Photos", found a friends-only photo, and, in a comment, did an @ mention of a friend. Autocomplete popped up and I selected my friend's account.

Today, I did the same thing on the same photo, no autocomplete. Doesn't come up on comments in public photos either.

But if I go back to my feed and, in a new post, @ mention a friend, autocomplete jumps to the task.

Any idea why autocomplete would work in posts but not photo comments? And why it worked in photo comments one day but not another?

I'm having other troubles with photos. But I'll post about that separately because it's not clear to me that the issues are related.

#n00bie
  
  
Thank you, @elmussol
  
De nada.
Fediverse Podcast

 
Not support but...
...there's a new podcast about the Fediverse hosted by @kevinflo@mastodon.social
https://podDVR.com/?n=95eecc9d-e53b-cdf9-4350-e840b7cb8d91

A knowledgeable person might do a little PR for Hubzilla... could probably get booked for a future episode.