I ran into the issue on my instance as well, but checking the Captcha option in admin settings, stopped the signups for me.
Lemmy.World Announcements
This Community is intended for posts about the Lemmy.world server by the admins.
Follow us for server news π
Outages π₯
https://status.lemmy.world/
For support with issues at Lemmy.world, go to the Lemmy.world Support community.
Support e-mail
Any support requests are best sent to info@lemmy.world e-mail.
Report contact
- DM https://lemmy.world/u/lwreport
- Email report@lemmy.world (PGP Supported)
Donations π
If you would like to make a donation to support the cost of running this platform, please do so at the following donation URLs.
If you can, please use / switch to Ko-Fi, it has the lowest fees for us
Join the team
Thanks for the tip- Iβm having the same issue. How do I ban those accounts? I canβt even tell who my users are
I did it in the database, so if you can access your database I can assist.
My instance also experienced this. I'm the only active user (I made it a day ago), but the user count is up to 2K now. It stopped after I enabled captchas, but I want to remove these spam accounts so they don't cause issues elsewhere.
I don't even have a slight clue as to what I should look for in my database.
Contact me via Matrix if possible @ruud:h-y-p-e-r.space
If you haven't figured it out yet or got a response yet, hop onto the instance admin group on matrix for Lemmy (details are on the GitHub or join Lemmy page somewhere I believe) and one of the many other folks running instances can probably walk you through it
How about adding a captcha? I was surprised there was none when I signed up.
Yes the devs should do that. We're currently discussing the the Lemmy matrix chat.
Captchas are laughably easy to get around but they do work against dumb script kiddies which seems this attack is originating from.
I'm down as long as its privacy friendly and doesn't use non-free javascript
I love how transparent you are with the management of this instance. Kudos!
This, Refreshing ππ
can't have anything nice nowadays
Sounds frustrating. Thanks for doing what you do and letting us join your server! Hope the captcha works out.
Those usernames are so unimaginative. Who would pick a name like that?
I know, right? That's the kind of thing an idiot would have on their luggage!
12345 is the code to my luggage
Now, can you tell me where your luggage is?
Last time a website I was managing was bombarded with spam signups, I set up a regular expression to check for the incredibly distinctive format the spammers were using... then it reports success but doesn't actually create the account or send an email. Spam problem over.
Very clever, only problem is it's not a general solution.
Becareful with this. There's a clear trend of massive amount of bot accounts flooding lemmy as a whole
Thanks for staying on top of things! Really appreciate your efforts!
I solved this problem once. What you do is have a custom captcha that you code yourself. It can be as simple as "What is 2+3?" and have 10-20 questions that you rotate between. Most spammers will be too lazy to update their spambot.
Don't just include it as text though. Rather, present the question as text in a picture.
I made one that phrased it as "The sum of 2 and 3". Weeds out bots and less sophisticated people.
User on kbin here, just tried to sign up to lemmy.world.. looks like everything crashed and burned when tried to sign up there.
It was you all along!
Lucky me, I guess, since I use a masked email address that looks fake too (anon addy). I really dislike to give my email address when testing Reddit alternatives.
Just buy a cheap domain to point to anonaddy or simplelogin so you dont need to use one of their domains
I was trying to open my account just when lemmy.world was closed earlier. When I pressed the button to create it I only got and enless "charging" animation. But when it reopened, I just started the process again, and was as easy as a breeze and extremely fast. Glad to be here! (and this is my first post)
I've run into this issue with some of my servers in the past and it's a real PITA to deal with because not only do you have to mitigate the issue, but then you have to make requests to get de-blacklisted, etc. I finally got sick of it all and installed a Barracuda spam firewall in front of the mail server. I have MUCH easier control over IMAP/SMTP now.
FYI looks like registration still doesn't work - send button spinning, no request in ff network monitor. Tried ff & chrome, gmail and proton. I went with a different server eventually, but you might wanna do something in case this is not intentional
The spam battles are heating up!
Thank you for working to get signups working once more!
Wow that was quick, amazing job as always!
Same on Geddit.social
Also fixed now!
Wanna recruit a helper who promises nothing but benevolent assistance?
Damn bots, hope the Lemmy community can figure out a good way to deal with that.
People are setting up instances to serve as bot farms. I think they should add instances to Lemmy through some kind of vetting process, or maybe publish an official blacklist.
A lot of sign-ups are coming from bots on established instances, but the application method of screening is somewhat off-putting. I hope the community can devise a better one to replace it with at some point. I mean it's no skin off my nose since I have three good login instances now, but better to make sign-ups as attractive as possible for actual human beings.
OK that makes sense, I was trying to sign up and couldn't figure out why everything was timing out. Sorry if my attempts looked like spam.
edit: it still doesn't work for me btw