Until I implement a better system to screen out spammers, I will be closing registrations on Fedia.io. That’s not what I want - I’d like for it to be available for legitimate accounts, but the spam is off the hook.
Anyone seeing this can send me an email (jerry@infosec.exchange) and I’ll get an account created for you in the mean time.
I know it’s not ideal, but I fully understand the whole situation. Let’s focus on making Mbin better for the existing users who are now experiencing CSRF or log-out problems. Hopefully after that, we can focus on improving anti-spam (since hcaptcha is not preventing any spam accounts for some unknown reason).
The main thing I experience since the CDN update is that voting often ends up in an error page, similar to how adding comments sometimes directs you to a secondary page (luckily with the comment intact). Going back and trying to vote again may or may not work.
This issue is discussed here: https://fedia.io/m/fedia/t/1101127
I did not have that 3 weeks ago though, and they’re not 500s - at least they’re not displayed as that. I get pages like this one: https://fedia.io/ecv/7319083/-1
There were lots of changes around the same time. I removed fedia.io from the CDN a few days ago though didn’t announce it, yet the errors continue.
Maybe even considering additional an optional question? With only 1 correct answer. Or maybe even enforce 2FA… I dunno… But spam is getting out of control. Coincidence due to the rise of LLMs? Who knows. But anti-spam like hCaptcha, even set to “difficult” doesn’t seem to cut it anymore…
What works for me on both mastodon and Lemmy is a free text question: why do you want to join?
The user enters whatever they like and it goes into a moderation queue. Both lemmy and mastodon send me an email when a new account is ready to review.
I read the response and choose to whether to approve their account. At the moment, spammers are really bad at answering the “why do you want to join” questions.
Makes sense as well.