E-Mail verification on, captcha on, hunker down
E-Mail verification on, captcha on, hunker down
Just deleted over 800 users from my database that joined in the last few hours from obviously fake emails and botted usernames. Make sure to either close registration or have some sort of safety check in place because things are getting hairy out here.
Holy shit
Luckily caught it relatively early and only had to remove 120 fake users. The registrations stopped immediately after I turned on "require registration application".
this happened overnight for me. I turned on captcha and email verification. captcha is important. I was watching the logs and all activity stopped after captcha got enabled.
Bad news: the capture functionality is going to be removed. https://github.com/LemmyNet/lemmy/issues/2922
Hey! I've been caught up in this. Have closed registration for now but what do I do with the created accounts? Unless I'm missing something I can't find the admin tools to deal with users except through their posts (and they haven't posted anything).
What worked for me is manually deleting those entries from the database through the console. Gotta delete it from the postgresql database if you don't have any real user sign ups during the spam sign ups, you can just delete all entries after a certain point. That's how I did it.
Did you actually delete them or set the deleted column? I'm anxious of leaving dangling references which might cause errors to pop up elsewhere but I'd rather get rid of them completely if that doesn't seem to cause problems.
I also found it wasn't reflected in the user count until I manually manipulated the
site_aggregatestable. I don't know if that would have caught up eventually.