How to Block Server Domains in Mastodon
28 November 2022 Edited December 29 2022
Problem: Organized troll brigades are harassing outspoken people on Mastodon. If you ever express support for marginalized communities, you are likely to attract annoying DMs and replies — at best, a nuisance you don’t need.
Don’t be fooled by the false sense of security there: there is a lot more harassment than meets the eye. Many newer and established instances in Mastodon social network do not have extensive block lists. Also, there are new instances cropping up all the time. Admins are very, very busy as it is - they cannot be expected to necessarily stay on top of the moderation requirements of every user.
Solution: Mastodon software permits individual users to block domains. This is relatively easy when one has received annoying DMs or replies from one of the many rogue servers in the #fediverse.
However, it is not so straightforward to block a domain if one has not received any DMs or replies. This issue may arise if someone is followed by a suspect character and, upon examination of their home server, it is determined that it is a server full of people that a user does not wish to hear from.
Alternatively, via word of mouth one may hear that there is a particular unwanted server (or instance, which is the same thing). In this example, a server which is apparently catering to fans of truth social is used as an example. The method demonstrated here can be used however by anyone with any political preference and this article remains politically agnostic. In other words, if someone was a fan of the politics at truth social, they could just as well use this method to block a server full of democrats. And so forth
Here is how to block an entire domain from your individual user account on Mastodon.
Start Here: Copy the URL you wish to block. Paste it into a text document and save that document as blocked_domains.csv.
In my tests, saving the file as blocked_domains.csv did work and it appears to be necessary to use that exact name. The url has to be in the form of @creepazoid.whatever and do not include http:// and make sure to include the dot at the ampersand!
For this step I used Mousepad, which is a text editor on Linux which performs the same function as notepad on Windows. Any simple text editor will work.
Save (I tried out a variation on the name.)
Find one of the two methods to enter “Edit profile”
Scroll all the way down to “Import and Export”
Go to “Import” section. You are not ready yet — where it says “Following list” there is actually a drop down menu. Scroll the drop down until it re-populates…
Make sure to go to the part where it says “Domain blocking list”. Browse to the file and hit “upload”.
Browse to your .csv file and click “Upload”.
Wait a moment and if successful you will see a green tinted field and “successful” messaging.
This picture (below) shows the successful completion of an upload of multiple domains. I believe the lock icon is there so that by clicking on it you can unlock the file although I have not tested it as of press time. I will update at such time as I am able to complete testing. I hope you find this useful and that we develop the capacity to block horrific troll sites at the user level as well as at the administrative level.
This concludes the tutorial. I write on Mastodon itself about where to find good blocked_domain.csv lists already formatted and vetted. Please share this article widely! I am not requesting donations but I do appreciate followers on this site and also on Mastodon where I am found at @theghostoftomjoad/infosec.exchange or see https://infosec.exchange@theghostoftomjoad The article is free with attribution, unmodified and linked back but the important thing is that the technology is made available and used wisely.
