💾 Archived View for bbs.geminispace.org › s › Bubble › 6558 captured on 2023-11-04 at 12:57:05. Gemini links have been rewritten to link to archived content

View Raw

More Information

➡️ Next capture (2023-11-14)

-=-=-=-=-=-=-

BBS updated to Bubble v6.12

The recent prankster/troll registrations have necessitated a few changes to the previously fully open registration policy. Rather than entirely disabling user account creation, new accounts are now created with limited access rights. New accounts can only set up their profile and make posts in their user feed, without the posts appearing in any other feed (All Posts, Gemini/Atom feeds).

@admin (i.e., me) will review all new accounts and then grant full access. New users are encouraged to make a brief introductory post in their feed. This review process is not meant to be a serious and in-depth analysis of one's intentions, but rather a simple automated stopgap to prevent floods of garbage from being submitted. If you feel the review is taking too long, just make a post mentioning @admin to ping me again. After the review, all posts you've made in your user feed will appear normally in All Posts.

If you want to make the review easier for me, adding a link to your existing Gemini capsule will help quite a bit. (Of course, don't forget to link back to your BBS profile from your capsule.)

The config parameter `user.role.limited` enables or disables this new account creation mode.

Summary of changes since v6.3 (the previous update post):

• Added Limited user role.
• Added admin notifications about new users, new subspaces, and updated subspace metadata.
• Added admin flag to omit any subspace from All Posts.
• Fixed handling of blank post segments.
• Fixed error due to follow/mute of a deleted user/subspace.
• Likes and reactions are filtered based on mutes.
• Fixed spurious link decorations in preformatted blocks.
• Strip null characters from segment text.
• Updated Help with new info.
• New avatars: Doughnut, Mountain, Angel.

Posted in: s/Bubble

🚀 skyjake

2023-10-26 · 9 days ago · 👍 drh3xx, stack, innerteapot, gemalaya, ian, Yretek

4 Comments ↓

🏕️ Yretek

Funnily enough, I discovered this place thanks to some notorious but shortlived troll

🚀 stack

Someone is spamming with a script...

🚀 clseibold

You should look into mitigating like and reaction spam as well, since it seems like that's what they've moved to now.

Also, while it probably won't help much, you can make sure to have rate-limiting if you don't already have it. You could even rate-limit just specific routes, like limit the number of likes one could do within a second or minute or whatever.

Oh, and make sure there's idle timeouts on connections. The library I'm using for my server doesn't implement this, so I don't think it's too far-fetched to assume many other gemini servers and libraries might not implement this.

I've actually been reading about how to prevent DDoS and SYN attacks for my Smallnet Information Services (SIS) project, so that would be a good think to look into as well.

2023-10-27 · 9 days ago

🚀 skyjake

@clseibold I agree, and rate limiting does seem necessary here as the next step.