Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spam user registrations #761

Open
dismantl opened this issue Jul 19, 2020 · 3 comments
Open

Spam user registrations #761

dismantl opened this issue Jul 19, 2020 · 3 comments

Comments

@dismantl
Copy link
Member

Both bpdwatch.com and openoversight.com have gotten spam user registrations. PR #749 aims to help mitigate that, but even with reCAPTCHA turned on bpdwatch.com is still getting spam registrations.
@dismantl
Copy link
Member Author

One approach could be to switch from reCAPTCHA v2 to v3, which assigns scores to user interactions: https://developers.google.com/recaptcha/docs/v3. That way we can monitor spam registrations and set an appropriate threshold based on the observed scores.

@dismantl
Copy link
Member Author

Ok i've updated #749 to use reCAPTCHA v3. I'll deploy to bpdwatch.com and report back.

@dismantl
Copy link
Member Author

After a couple days, reCAPTCHA v3 has stopped all the spam registration attempts, which I confirmed in my logs. PR #749 should solve this issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@dismantl