What do I do about the growing number of spam accounts on my pod lately? 🤔 Seems like I’m getting one per day, and I keep shadow banning them because they only post total spam crap that risks littering up the Pod’s Timeline (Discover) with useless junk 🤦‍♂️

Disable Registrations for a few days? 🤔

@prologic Do you see any regularity in the origins of the registrations? You might be able to ban a few IP ranges at the server level for awhile until it calms down. I’ve done that on the VPS I manage.

@prologic Yeah, they hit my pod too; not really sure what to do about it, tbh. :/

@prologic You may already do all this stuff, but here’s my 2 cents.

One thing you can do is a use a site like https://myip.ms/browse/blacklist/Blacklist_IP_Blacklist_IP_Addresses_Live_Database_Real-time to download a list of blacllisted IP address in a format suitable for whichever firewall you’re using. Then you can hard ban those IPs.

Another thing you can use is install fail2ban and set up rules appropriate to yarnd. I’m not familiar enough to say what those should be, but blocking http POST floods is a good idea. You can also manually add IP addresses to fail2ban jails, or semi-automate that where you read the IPs you want to ban from a list that you update regularly.

Finally, you could use something like akismet to automatically detect spam posts and block ones that fail their test. I’m not sure if you’re able to self host if you’re dependent on a call to their servers. Maybe there’s something similar that you could host locally if nto.

Not sure if this helps in any way, but I had problems with this when I ran gnusocial, i then disabled http 1.0 or 1.1 in apache, that stopped 99.9% of them.