Nohost domain recovery - Suppression de domaine en nohost.me, noho.st et ynh.fr

,

Bonsoir,

Merci de supprimer ppr.ynh.fr et ppr-cipc.ynh.fr.
Merci !

ppr

Fait !

Not found ? :woozy_face:

Merci @Aleks :slight_smile:

Comme j’ai bidouillé et lamentablement !#&*% pas de souci pour le not found :wink:

ppr

C’est fait !

Bonjour @Aleks ,

Peux-tu supprimer ppr.nohost.me ?

ppr

Bonjour,
quelqu’un peut supprimer homerc.nohost.me SVP?

Merci

Bonjour,
merci de supprimer les domaines :
more.ynh.fr
more-py.ynh.fr
more-maison.ynh.fr
Bonne soirée.
P-Y

Sorry pour le délai, c’est fait !

1 Like

:vulcan_salute::clap:

1 Like

skaldenhoven.nohost.me can be removed

allcomputersarebroken.noho.st is no longer needed. Can you please remove it?

1 Like

Bonjour,
est-il possible de désactiver kairos.nohost.me et ethos.nohost.me (en vu de faire une réinstallation)

Merci !

(ne sachant où poster, un message identique à été communiquer à Aleks)

!! Bonjour,
ce n’est plus la peine car après avoir crée un nouveau domaine, j’ai pu utiliser de nouveau kairos.nohost.me via l’interface admin …

Encore merci et désolé

Sorry if this has already been brought up but is this practice of removing any address anyone asks for really safe? Couldn’t someone impersonate me if they came here and asked for my domain address to be removed and then used it for their own malicious server? Or do you check that there’s actually not already anything on the address that someone asks to be removed? Some of the links on here appear to never have been clicked (justanothertrial.nohost.me for example). I really wish there would be a way to prove a subdomain is yours.

Of course I could just pay up and use a domain name of my own :grin: I just feel obliged to point out a potential security risk.

In fact, yes, it’s really not secure :confused: We trust our community for instance. And I don’t see any reason why a person would want to impersonate another person just to remove it’s domain.

However I agree totally with you. We normally will improve this system in a near future.

1 Like

The attacker would then create a new Yunohost installation and register that domain name. The server administrator themselves could smell something fishy but if there were other users, the attacker might make use of their trust in the domain name. The users could believe a message such as “I apologize but the server has just crashed. Please recreate your Nextcloud account and sync up your files once again”. Then the attacker will just see all kinds of sensitive data roll in.

I don’t think this attack is likely to succeed. First of all, the server administrator will probably notice it and stop it. Second, the users would have to be very gullible to fall for something like that. Third, as I understand it, Yunohost seems mostly targeted at those just hosting themselves. So I’m probably just being overly paranoid.

yes. I completely understand your fear as Yunohost is moreover more and more open to companies, hosting providers… and if we want to have dyndns as “official service” we must improve the way the user can delete the domain (encrypted key exchange for example). However, it’s still a lot of work.

The situation you provided is possible. But it’s the same if you have a mail server, a forum…

cf: @Aleks post : Nohost domain recovery - Suppression de domaine en nohost.me, noho.st et ynh.fr

Well that’s still a security risk anyway so you are right to have those concerns. Nevertheless, this is a free service and, as the GNU licence like to state, “provided ‘as is’ and without guarantee of any kind”. That doesn’t dispense us for thinking about security though, but as frju points out, most of issues boils down to “somebody needs to have the skill and time to sit down in front of a computer and design and implement this, considering that there are easily a thousand of other similar, small tasks related to UX, security and other important things” :stuck_out_tongue:

2 Likes

Hello,can you remove (yotapatate.noho.st / patate.ynh.fr) domain’s names please…

Thank you in advance. And thank you for all this work !

Nicolas

Hallo!
Thanks for your hard work
Is it a possibility to remove pono.noho.st and ponono.noho.st ?

Greeting !!

Done

Done too

1 Like