The #HardenedBSD self-hosted instance receives a lot of spam account and repo creations. The spammers regularly bypass captcha.
Does anyone have any suggestions on how to combat this type of activity?
#GitLab #selfhosting
Conversation
wiki.archlinux.org/index.php?titl requires the output of running a command on an up-to-date installation of the OS. It wiped out the spammers.
There's a more universally usable one for the forums which uses week number and uname output to let people get the answer on any Linux-based OS.
IIRC, the spammers ended up figuring out how to bypass the original questions because they could get the answer on macOS. I think it's intentionally stricter for the wiki because spammers are much more annoying there and people don't need to be able to edit the wiki to get help.
1
1
The forum one is here:
bbs.archlinux.org/register.php?a
What is the output of "date -u +%V$(uname)|sha1sum|sed 's/\W//g'"?
Even without a Linux installation, people can get the answer. Wiki had a serious problem with human spammers though and "pacman -V|base32|head -1" defeats them.
1
Show replies
I signed up the other day for both the wiki and BBS. Thought it is pretty clever feature.