Sorry, idk how to cross post yet but I saw this? There's an exploit allowing mass registrations.
Captchas have been enabled on this instance.
this post was submitted on 19 Jun 2023
54 points (95.0% liked)
sh.itjust.works Main Community
7671 readers
3 users here now
Home of the sh.itjust.works instance.
founded 1 year ago
MODERATORS
Good to know, thank you. I wanted to tag you but wasn't sure if that was possible. Was the change made in relation to this or had you already previouslly decided to implement one?
Also, if this was addressed somewhere else already and I missed I'm sorry for reosting.
Something I probably missed when I first spun up this instance to be honest. Should have been enabled from day 1.
Ehh, first few days I can see the benefit of having the lowest barrier to entry as possible. No one knew there was an API exploit then.
Sweet, this comment should be pinned
comments cannot be pinned 😌
Captcha. I don't like the idea of email verification...they provide little safeguard.
Definitely captcha. Email anonymity is nice, and I don't want to sign up with my email to everything.
If there is going to be a captcha tho, use hCaptcha or one of the cloudflare ones. Google captcha is just free labor for developing AI and I don't think anyone wants to keep contributing to that.
Man they got me with this. Had 20 bot signups B4 I realized and added captcha anyone now how to ban users without them posting something.
I’d like an answer for that too
Fuck captcha
lol
edit: I don't think most people saw that I caught you in my screenshot
Ikr?
then again if i captcha you, you would have to drink a beer and dance around an island called Mariana on the third night of every month.
In fact, I think I know this, but the feeling I get from the air is that you'd be better off following a trail of serendipitous stones. That path will surely find a friend for you in these dark times, to lead you through the island's waters and find some beers for you to surpass the captcha.
Yes.