Today we released Mbin v1.8.0! It has been already 1 month since we released v1.7.4.
This is the v1.8.0 release of Mbin and it is a feature packed one like always ;).
It brings an extensive bookmarking system, signup request support, signup notifications, extended markdown rendering, custom notification settings to set magazines, users, threads and microblogs to default, loud or muted, setting a default sort for the front page and comment lists, a new image delete command for admins and documentation changes.
You also still might want to double check if you are using the latest Nginx configs (v1.8.0 has now additional regex improvements).
I want to thank all the contributors! We can’t do it without you all!
Mbin takes a lot of time to develop, maintain and improve. Created as a successor of /kbin, but still going strong ever since. If you would like to support this work or cover the server costs, please consider donating. Thank you.
Melroy
EDIT: There is a more detailed post here.
Am i the only one seeing duplicated profile pics next to the usernames? Or did I miss something in the update?
he! You are right! I also now see it, thanks for noticing. I’m actually not running main branch, but this PR: https://github.com/MbinOrg/mbin/pull/1472
I think I exactly set
showAvataron true within the comment section or something? My bad, I will try to solve this asap again. Obviously this is not wanted :)Thanks again for reporting.
@SharkAttak@kbin.melroy.org I fixed it already :)
So just curious, kbin.melroy.org requires logging in now? Why, was it being DDOSed in some way?
Correct, I did enable this login option for now, to reduce the impact on application level. Sorry about that.
The attack has been ongoing from Feb 8 2025, until today still. It comes in waves, I dunno who is attacking me or why. I use my firewall to block some of the origin countries where the attacks are coming from. However, the Botnet is located in basically very country on the planet. I migrated to OpenResty and will implement additional anti-DDos measures as well as optimizing Mbin further to reduce CPU overhead.
TLDR;
- Attack started at Feb 8 2025, and still continues
- Attacker is using a botnet from across the globe
- Attacker is using valid GET requests with legit user-agent strings
- Attacker is using both mobile and fixed line ISP types, so these are devices behind various ISPs across the globe. No cloud infrastructure is used.
- Reason of the attack: Unknown
Thanks for the detailed answer. I imagined it was due to something like that. Sounds like a “homebuilt” DDOS platform if its coming from any compromised device, so it could be any number of BS reasons, just simply testing out their botnet, or stressing the server to probe for specific vulnerabilities.
Hi Melroy,
First, thank you for writing free software!
Unfortunately your software came to my attention because I observed what I think might be a bug in it: 100% of the posts by https://lemmy.ml/u/badwetter@kbin.melroy.org have broken links (at least over here on the lemmy side).
Interestingly I see that the links in this post i’m commenting on (which was made a week ago) are not broken, and I also see that one of that other user’s posts (also with a broken link) is from 3 months ago, so, apparently this is not happening to everyone all the time - but somehow that user at least is having an ongoing problem.
Btw, it is also unfortunate that the permalink (accessible from lemmy’s view with the fediverse icon) for each post and comment from your mbin instance takes me to a login page, so I would need to make an account there to see if their links are also broken on the mbin side.
Very impressed by the clean UI Mbin is bringing to the Fediverse. Really nice!
Thank you for your kind words.
Thank you all for your work! Happy to use mbin pretty much everyday!
You have no idea how motivating it is to hear, that people use your code ❤️
Haha yes
That is wonderful to hear!
Thank you for the bookmarks!!!
Thank you for using Fedia/Mbin.
Link to release: https://github.com/MbinOrg/mbin/releases/tag/v1.8.0
@melroy@mastodon.melroy.org @melroy@kbin.melroy.org following up on the comment i left for you here… i realized i can see an mbin view of that user’s profile via fedia.io, and their links are in fact broken there too.
do you have any idea how/why this is happening? maybe they’re using some broken client?
i also noticed that my first comment in this thread has (so far at least) not appeared in fedia.io’s view of it; maybe it won’t make it to your mbin instance either?
so, i am posting this comment in a reply to a comment from your mastodon account instead, in hopes that it might reach you there.
Thanks for bringing this to my attention.
@cypherpunks@lemmy.ml @melroy@kbin.melroy.org @badwetter@kbin.melroy.org I don’t see broken links? Which links are broken, sorry?
It appears to be every single one of their posts and comments, as viewed from both lemmy.ml and fedia.io.
The links they’re posting all have a valid URL as the text, but the destination of the link is always the relative path “
url”.For example, if you click lemmy’s view source button (next to the fediverse icon) on this post you’ll see this is in the post body:
[https://grapheneos.org/](url)(so, if you click any of their links from the lemmy.ml view you’ll be taken to
https://lemmy.ml/urlwhich is 404.)Actually I think it’s not a bug in Mbin, I think it’s user error hehe. It seems that @badwetter@kbin.melroy.org was using the link insert button in the toolbar. But just pasted the link in the text section of the markdown.
I think the user doesn’t understand markdown format very well.
I’m simply pasting the URL where the cursor is put automatically. If one is supposed to something otherwise, then IMHO it’s something wrong with the app. Am I missing something? . Otherwise, I’ll paste the URI without using the URL insertion method from the toolbar in the Mbin editor.
Yes you can indeed paste the URL without using markdown, that will also work fine on both Lemmy, Mastodon and Mbin. However, if you wish to use markdown that is fine as well, but then use the following format:
[my text here](https://domain-here.com/)Allowing you to show a different text for the link, instead of only showing the URL.
OK, Thanks!
deleted by creator
@melroy@kbin.melroy.org I tuned out of the Kbin drama for bit. Only coming back to actively using Mbin again recently. IMPRESSIVE improvements!
… custom notification settings to set magazines, users, threads and microblogs to default, loud or muted, …
Is there any information on how this works, what it’s actually doing?
From this post: https://gehirneimer.de/m/mbinReleases/t/486586
The settings are (from left to right):
muted,defaultandloud.Default respects your global notification settings, while the other two modify it. They are processed hierarchically, meaning a muted user commenting on a loud thread which belongs to a muted magazine will not trigger a notification, while a loud or default user would. Another example: a muted thread in a loud magazine will not trigger a notification for new comments unless the commenting user is set to loud.
Hope this helps :)
