I see garudalinux using vaultwarden, there's an issue that when you create new send with file option and when you click save it shows an error session expired and logs you out while on my instance of vaultwarden latest it works fine so it's something from your side, so please take a look once.
just bringing this up?
We are taking care of it, I informed the supervisor two days ago.
He is probably the only one in the team who still has a private life.
Sorry, after that I forgot to share it here.
I had one more question that, Can I trust this server enough, that will it be always up?
Just because I also have a vaultwarden instance on my server but problem is downtimes, my server isn't for serious purposes and I literally do anything on that, So I started looking for other instances I trust garudalinux that's why chosen this one can you consider sharing some information like this:
- Server is hosted behind cf tunnels or you are using cf directly on server ip to have ssl?
- is the feature called crawler hints enabled?
uh because it literally sends every url to search engines that a user is visiting so it might be a privacy concern.
- Yesterday there was a down time and you guys are using always up that uses archive.org to show up but trust me that's not needed on vaultwarden instance we might end up having some serious security issues, so please turn that off too.
Trust is a powerful word?
Can you trust anything on the internet
nah, but my motive of asking was like see the official bitwarden server a normie can trust it yea it isn't going down! I just meant to ask that it is serious instance right? also from how many years it's running?
In fact I updated Vaultwarden to the latest version the same day this post happened but to answer the thread please try again and report back
Currently it's mostly work life keeping me busy
We do have a dedicated server with opnsense (firewall) in front of everything, behind that it's an nginx reverse proxy. SSL also happens there (of course), cloudflare is used to cache static content and as WAF.
Gotta check up on it, if it's enabled I'll look into disabling it for specific Subdomains. The same for always on
Well nobody can answer whether YOU can it's online since roughly the end 2020, no intentions of taking it down. After all it also provides me with passwords
Thanks for your kind replies.
Yea, please do this thing affected my bitwarden instance too, yandex and bing bots continuously hitting urls my browser hits and then I realized oh I have crawler hints enabled.
Cool, it's something that I can rely on then.
sadly yea it's still there
I guess it's something to do with cache, have you tried clearing cf cache?
I'll have a look, thanks for the feedback
No sign of errors here, what is the procedure you are following?
On a side note: caching is disabled now - although I don't know whether this also disables crawler hints. I do not want to disable it globally since indexing the website or start page is actually beneficial.
Ahh not this
see the word "file" text sends are working fine tho! Sorry I should've explained properly in first post.
Yea no need to disable globally, you can disable it only for bitwarden.garudalinux.org by setting a page rule:
- Go to page rules section
- Create new page rule by clicking on that button
- set cache level to bypass I guess which disables crawler hints as well as caching.
That's what I did already, thanks
The issue looks like a bug to me, I opened an issue. Let's see.
@dr460nf1r3 Either you have
DOMAIN value wrong in admin check it out, and second thing I can think of this your nginx conf just because I can't access favicon https://bitwarden.garudalinux.org/favicon.ico
Just bringing this up again?
I finally found the culprit after having a look at it again. Have a guess.. it was Cloudflare's managed ruleset throwing a 403 on that particular request. I whitelisted the concerning rule for this subdomain, which results in a working file send option
This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.