cross-posted from: https://lemm.ee/post/177673

Today, a bunch of new instances appeared in the top of the user count list. It appears that these instances are all being bombarded by bot sign-ups.

For now, it seems that the bots are especially targeting instances that have:

  • Open sign-ups
  • No captcha
  • No e-mail verification

I have put together a spreadsheet of some of the most suspicious cases here.

If this is affecting you, I would highly recommend considering one of the following options:

  1. Close sign-ups entirely
  2. Only allow sign-ups with applications
  3. Enable e-mail verification + captcha for sign-ups

Additionally, I would recommend pre-emptively banning as many bot accounts as possible, before they start posting spam!

Please comment below if you have any questions or anything useful to add.

  • Master
    link
    fedilink
    English
    arrow-up
    7
    ·
    1 year ago

    https://beehaw.org/post/662481

    https://lemmy.world/post/296344

    https://lemm.ee/post/177673

    Some cross posts. The bot army is going to be an issue in the next few weeks. .18 drops captcha all together so any server that upgrades is going to be a target. Though a lot of servers dont run captcha, question or email verification anyways so they are already targets. Pretty sure sh.itjust.works didnt either when I signed up.

    Not sure how much damage bots can do at this point other than skew the narrative and try to make these places unwelcoming but I am sure we will see first hand how bad it gets.