And common people still cant get a break financially, while these guys make billion dollar mistakes and come out just fine.

Please make sure your posts are fitting the community. I'm getting tons of reports of posts that doesn't, so make sure they fit me_irl@lemmy.world.

I will experiment more with this tomorrow or the coming days then. I was trying to get it to work previously but failed (not using your fork but the original mlmym).

Yeah, I have a custom setup currently just to try and get the source ip, but it doesn't work properly in all cases. And most of the bots use old.lemmy.today since they know mlmym doesn't forward the source ip address, and therefore it's hard to rate limit them.

So it would be amazing if you could forward those 4 headers. Then I will setup nginx to forward those headers to mlmym, and mlmym will forward them when making a request to Lemmy.

I actually thought it was making a https connection to Lemmy but perhaps it doesn't, and nginx just forwards http to https. Not sure. Will have to look into this more.

But yeah, whenever you have time to add the headers, i will investigate more. Not super urgent but will be interesting to play with that later. And it will protect all Lemmy instances that use your fork, so thats good.

I wanted to ask you also if you could forward certain http headers to lemmy when it makes a request? Currently it doesnt forward them so lemmy thinks all the requests from mlmym to lemmy are from the docker ip its running on. And that makes it much harder to rate limit or ban bots since all requests are from the docker ip.

So basically, mlmym should preserve and forward X-Real-IP, X-Forwarded-For, X-Forwarded-Proto, and X-Forwarded-Host when proxying API/backend requests to Lemmy, because Lemmy uses these headers for correct client IP detection and rate limiting.

Something like this in the code where the incoming request is handled:

const forwardedFor = request.headers.get("x-forwarded-for");
const realIp =
  request.headers.get("x-real-ip") ??
  forwardedFor?.split(",")[0]?.trim();

const headers = new Headers(request.headers);

if (forwardedFor) {
  headers.set("x-forwarded-for", forwardedFor);
}

if (realIp) {
  headers.set("x-real-ip", realIp);
}

headers.set("x-forwarded-proto", request.headers.get("x-forwarded-proto") ?? "https");
headers.set("x-forwarded-host", request.headers.get("host") ?? "");

That would really help a lot and allow me and others to remove a lot of complicated workarounds for trying to get the source ip.

I enabled all of them. :)

Perhaps it works now for you. I made some changes to the networking that was causing it to run slow, perhaps that also created your issues. If you hold shift and click reload in the browser to skip the browser cache, perhaps that will also work.

Is it the top bar in this picture you dont see?

There could have been another issue with traffic being blocked.

Will try again.

Ok see if you can report it to the author who posted in this thread. Once its fixed we can make another attempt. :)

Hmm, that's not good... Could be a bug in this version perhaps... Will have to roll back if I can't fix it somehow.