Today, a bunch of new instances appeared in the top of the user count list. It appears that these instances are all being bombarded by bot sign-ups.
For now, it seems that the bots are especially targeting instances that have:
- Open sign-ups
- No captcha
- No e-mail verification
I have put together a spreadsheet of some of the most suspicious cases here.
If this is affecting you, I would highly recommend considering one of the following options:
- Close sign-ups entirely
- Only allow sign-ups with applications
- Enable e-mail verification + captcha for sign-ups
Additionally, I would recommend pre-emptively banning as many bot accounts as possible, before they start posting spam!
Please comment below if you have any questions or anything useful to add.
I think the easiest option is to just iterate through the list of suspicious instances, and then check
{instance_url}/api/v3/sitefor each of them. Relevant keys of the response json aresite_view.local_site.captcha_enabled,site_view.local_site.registration_mode, andsite_view.local_site.require_email_verification.Since it’s a bunch of separate requests, probably it makes sense to do these in parallel and probably also to cache the results at least for a while.
It occurs to me that this kind of thing is better left to observer, as it’s set up to poll instances and gather data. I would suggest you ask them to ingest and expose this data as well