I can help. Message me on matrix if you can @ruud:h-y-p-e-r.space
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
I have some experience with SQL queries, so I'll try and wrangle with the DB to get things ironed out.
Yes, there is a spambot attack ongoing that targets instances with open registration and no email verification, captcha or admin approval.
Does Lemmy have any tools to mass-delete new accounts within a time-frame?
AFAIK no and I hate to state the obvious, but it is a really bad idea to open a service to the public with no registration checks in place what so ever. Especially in a federated network, where is also effects other servers.
Right now I think you will have to delete them manually from the database.
Yeah, I've already made a few blunders that I'm learning from. I'll see what I can do.
I had the same issue with spam accounts being created and ended up logging into postgres and deleting user accounts that didn't have a verified email. My instance is very fresh though and doesn't have a ton of non-me users so I could safely delete them. Once I enabled captcha and deleted those accounts I don't have issues with user counts.
I also don't know if this is related or expected behavior, but this instance seems to be automatically banning user accounts on other instances. They do seem to be NSFW or related to inappropriate topics, but I had no idea that this was something Lemmy automatically did.
That is unrelated and currently expected behaviour. Could be improved though, I agree.
Feddit.uk is also experiencing massive gains in users, I hope it’s real users, I’m not an admin but been keeping an eye on the stats.
Looping @[email protected] in case he see’s similar spam users
Do you guys have captchas enabled? That did the trick for me for now. I would be careful about enabling email verification, as that is something that the account spambots are also apparently targeting. If you're on a free tier of an SMTP relay service, it could quickly burn through your quota.
Could this be a DDOS attempt on Lemmy instances, the times you stated match what I see and the instance has started to slow.
We don’t have captchas right now and our admin is out of office this week😬
You said that you're an admin, right? Captchas are something you can easily turn on in the admin panel.
Nope not an admin, thinking about setting one up tomorrow though.
Are you the operator of the server? There is an option in the .hjson file to configure a default admin log-in. It's pretty easy to edit that and push up changes if you used the Ansible install.