So, lemmy seems to be flooded with spam bot accounts at the moment. Look through the table of servers on fedidb (https://fedidb.org/software/lemmy) and notice how there are these huge instances without any active users (MAU).

Also notice how startrek.website has 9000 users for 276 active users this month.

From memory, when I signed up, there was no email requirement or captcha or anything.

Admins … maybe you want to tighten things up?

  • SysAdmin@startrek.website
    link
    fedilink
    arrow-up
    11
    ·
    2 years ago

    Just a quick update for everyone, yes OP is right and a bunch of bots signed up. We’ve purged them from our user count and enabled CAPTCHA. Email verification is coming soon as a secondary deterrent.

    For the record nobody told us that it’s not safe out here. We were aware that self-hosting was wondrous, with treasures to satiate desires both subtle and gross; but has NO IDEA that it wasn’t for the timid. 😉

    • maegul@startrek.websiteOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Ooh … how did you purge them from your user numbers? Many other admins might not know how to do that … maybe worth sharing?

      • williams_482@startrek.website
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        We deleted them from the local_user database table outright based on some sketchy shared attributes, and then manually updated the user count in site_aggregates to the correct figure so our stats wouldn’t look so sketchy.

        Pretty simple for anyone comfortable in SQL who knows where to look (a helpful user DM’d and gave us a hand here), but not something anybody should try willy nilly if they don’t know what they are doing. Editing production data on the fly is not to be done casually.

        • maegul@startrek.websiteOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          There are pricy probably admins who might appreciate this, as dangerous as it is.

          Care if I post it into the lemmy community or even made the support community?

          • williams_482@startrek.website
            link
            fedilink
            arrow-up
            2
            ·
            1 year ago

            Sure, go for it.

            Include a mention that even running queries against the database won’t necessarily be easy if you don’t know what you’re doing. where it is located and (separately) how best to access it will depend on how it was installed.