Benjamin_Loison/Gitea_instance
1
0
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Wiki Activity

Make life harder for spammers #3

New Issue
Open
opened 2023-04-21 23:05:47 +02:00 by Benjamin_Loison · 9 comments
Benjamin_Loison commented 2023-04-21 23:05:47 +02:00
Owner
Copy Link

Have captcha and email enabled before the creation of this account (email: kanaloa.javeon@findours.com).

Already had before without captcha a similar surrogacy ad.

Should send me a notification on new gitea user. Done.

Can view to quickly see such new users: https://gitea.lemnoslife.com/admin/users

Have captcha and email enabled before the creation of this account (email: `kanaloa.javeon@findours.com`). Already had before without captcha a similar surrogacy ad. ~~Should send me a notification on new gitea user.~~ Done. Can view to quickly see such new users: https://gitea.lemnoslife.com/admin/users
Screenshot from 2023-04-21 23-03-44.png
272 KiB
Screenshot from 2023-04-21 23-03-41.png
354 KiB
Screenshot from 2023-04-21 23-03-48.png
278 KiB
Screenshot from 2023-04-21 23-03-44.png Screenshot from 2023-04-21 23-03-41.png Screenshot from 2023-04-21 23-03-48.png
Benjamin_Loison commented 2023-04-27 10:03:07 +02:00
Author
Owner
Copy Link

Can we get their IPs? To potentially drop their traffic if they always use the same IP, as it seems to be done by a single entity.

Can we get their IPs? To potentially drop their traffic if they always use the same IP, as it seems to be done by a single entity.
Benjamin_Loison commented 2023-05-12 00:50:49 +02:00
Author
Owner
Copy Link

Another case with email josephpaul@yopmail.com.

Another case with email `josephpaul@yopmail.com`.
Screenshot from 2023-05-12 00-50-17.png
240 KiB
Screenshot from 2023-05-12 00-50-11.png
335 KiB
Screenshot from 2023-05-12 00-50-17.png Screenshot from 2023-05-12 00-50-11.png
Benjamin_Loison commented 2023-05-12 00:52:21 +02:00
Author
Owner
Copy Link

Can we also use a inter-instances connected captcha? For instance hCaptcha backend might detect a spammer sending one message per instance.

Can we also use a inter-instances connected captcha? For instance hCaptcha backend might detect a spammer sending one message per instance.
Benjamin_Loison commented 2023-05-12 00:57:34 +02:00
Author
Owner
Copy Link

Thanks to:

grep -r 'Webscraping_tests/issues/3'

in /var/log/nginx/ it brought up the IP 209.95.53.223 at the same moment the post was created.

So thanks to:

grep -r '209.95.53.223' | grep -vE 'assets|avatar' | cut -c32-

find these logs in access.log.1:

[11/May/2023:08:58:53 +0200] "GET /autismbehaviorservices/autismbehaviorservices/issues/1 HTTP/2.0" 404 3982 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:32:48 +0200] "GET /user/sign_up HTTP/2.0" 200 4465 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:32:49 +0200] "GET /captcha/O2HiKPqMYle0mDI.png HTTP/2.0" 200 1368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:12 +0200] "POST /user/sign_up HTTP/2.0" 200 4100 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:20 +0200] "GET /user/activate?code=202305110933000180fa4307a6225d80af20a4480196d6dd9318f3aa15686172706f6f6e HTTP/2.0" 200 4187 "https://yopmail.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:25 +0200] "POST /user/activate HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:26 +0200] "GET / HTTP/2.0" 200 10837 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:27 +0200] "GET /repo/search?count_only=1&uid=14&team_id=0&q=&page=1&mode= HTTP/2.0" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:27 +0200] "GET /repo/search?sort=updated&order=desc&uid=14&team_id=0&q=&page=1&limit=15&mode=&archived=false HTTP/2.0" 200 22 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:33 +0200] "GET /explore/repos HTTP/2.0" 200 9863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:39 +0200] "GET /Benjamin_Loison/Webscraping_tests HTTP/2.0" 200 17215 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:46 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues HTTP/2.0" 200 13075 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:33:48 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/new HTTP/2.0" 200 12933 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:34:22 +0200] "POST /Benjamin_Loison/Webscraping_tests/issues/attachments HTTP/2.0" 200 48 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:34:24 +0200] "POST /Benjamin_Loison/Webscraping_tests/issues/new HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:34:25 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/3 HTTP/2.0" 200 17951 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:34:26 +0200] "GET /attachments/d9063889-dbf9-4323-9fcf-59916bdad831 HTTP/2.0" 200 30042 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
[11/May/2023:09:34:26 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/3/content-history/overview?_csrf=-5xmz7FzSVVvHemtqLjmZpsxt_06MTY4Mzc5MDQwNjEyNDM0NTkwOQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"

As the first line shows, it seems to be the same person every time.

Thanks to: ```sh grep -r 'Webscraping_tests/issues/3' ``` in `/var/log/nginx/` it brought up the IP `209.95.53.223` at the same moment the post was created. So thanks to: ```sh grep -r '209.95.53.223' | grep -vE 'assets|avatar' | cut -c32- ``` find these logs in `access.log.1`: ``` [11/May/2023:08:58:53 +0200] "GET /autismbehaviorservices/autismbehaviorservices/issues/1 HTTP/2.0" 404 3982 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:32:48 +0200] "GET /user/sign_up HTTP/2.0" 200 4465 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:32:49 +0200] "GET /captcha/O2HiKPqMYle0mDI.png HTTP/2.0" 200 1368 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:12 +0200] "POST /user/sign_up HTTP/2.0" 200 4100 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:20 +0200] "GET /user/activate?code=202305110933000180fa4307a6225d80af20a4480196d6dd9318f3aa15686172706f6f6e HTTP/2.0" 200 4187 "https://yopmail.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:25 +0200] "POST /user/activate HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:26 +0200] "GET / HTTP/2.0" 200 10837 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:27 +0200] "GET /repo/search?count_only=1&uid=14&team_id=0&q=&page=1&mode= HTTP/2.0" 200 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:27 +0200] "GET /repo/search?sort=updated&order=desc&uid=14&team_id=0&q=&page=1&limit=15&mode=&archived=false HTTP/2.0" 200 22 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:33 +0200] "GET /explore/repos HTTP/2.0" 200 9863 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:39 +0200] "GET /Benjamin_Loison/Webscraping_tests HTTP/2.0" 200 17215 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:46 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues HTTP/2.0" 200 13075 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:33:48 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/new HTTP/2.0" 200 12933 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:34:22 +0200] "POST /Benjamin_Loison/Webscraping_tests/issues/attachments HTTP/2.0" 200 48 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:34:24 +0200] "POST /Benjamin_Loison/Webscraping_tests/issues/new HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:34:25 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/3 HTTP/2.0" 200 17951 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:34:26 +0200] "GET /attachments/d9063889-dbf9-4323-9fcf-59916bdad831 HTTP/2.0" 200 30042 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" [11/May/2023:09:34:26 +0200] "GET /Benjamin_Loison/Webscraping_tests/issues/3/content-history/overview?_csrf=-5xmz7FzSVVvHemtqLjmZpsxt_06MTY4Mzc5MDQwNjEyNDM0NTkwOQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" ``` As the first line shows, it seems to be the same *person* every time.
Benjamin_Loison commented 2023-05-20 04:28:10 +02:00
Author
Owner
Copy Link
access.log.1:209.95.53.225 - - [19/May/2023:08:14:26 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4 HTTP/2.0" 200 17924 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:209.95.53.225 - - [19/May/2023:08:14:27 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4/content-history/overview?_csrf=ImDuacwhp4vuv0Ik6tgJq9q1Qxw6MTY4NDQ3NjgwMjM3NTU2MDQwMA HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:103.31.100.99 - - [19/May/2023:08:14:42 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4 HTTP/2.0" 200 13087 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:103.31.100.99 - - [19/May/2023:08:14:43 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4/content-history/overview?_csrf=Ijdi40vyr_WlojATGkdjsIlpJWo6MTY4NDQ3Njg4MjAyMDEwNzgzOQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"

image
image

Email: danielgary@yopmail.com

``` access.log.1:209.95.53.225 - - [19/May/2023:08:14:26 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4 HTTP/2.0" 200 17924 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:209.95.53.225 - - [19/May/2023:08:14:27 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4/content-history/overview?_csrf=ImDuacwhp4vuv0Ik6tgJq9q1Qxw6MTY4NDQ3NjgwMjM3NTU2MDQwMA HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:103.31.100.99 - - [19/May/2023:08:14:42 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4 HTTP/2.0" 200 13087 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:103.31.100.99 - - [19/May/2023:08:14:43 +0200] "GET /Benjamin_Loison/Gitea_instance/issues/4/content-history/overview?_csrf=Ijdi40vyr_WlojATGkdjsIlpJWo6MTY4NDQ3Njg4MjAyMDEwNzgzOQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" ``` ![image](/attachments/102021a0-2a99-4445-bf1c-efee65c4c43c) ![image](/attachments/561e2091-0400-46e9-8617-b4db72b00612) Email: `danielgary@yopmail.com`
image.png
389 KiB
image.png
316 KiB
Benjamin_Loison commented 2023-05-20 04:30:13 +02:00
Author
Owner
Copy Link
access.log.1:144.202.37.168 - - [19/May/2023:14:44:13 +0200] "GET /maxxon/maxxon HTTP/2.0" 200 11004 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:21 +0200] "GET /maxxon/maxxon/issues HTTP/2.0" 200 11776 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:25 +0200] "GET /maxxon/maxxon/issues/new HTTP/2.0" 200 13898 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:44 +0200] "POST /maxxon/maxxon/issues/new HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:44 +0200] "GET /maxxon/maxxon/issues/1 HTTP/2.0" 200 19903 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:45 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:48 +0200] "POST /maxxon/maxxon/issues/1/comments HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:48 +0200] "GET /maxxon/maxxon/issues/1 HTTP/2.0" 200 19907 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:44:49 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:45:23 +0200] "GET /maxxon/maxxon/issues/new HTTP/2.0" 200 13915 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log.1:144.202.37.168 - - [19/May/2023:14:45:25 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"

maxxon.cayse@fullangle.org
image
image
image

``` access.log.1:144.202.37.168 - - [19/May/2023:14:44:13 +0200] "GET /maxxon/maxxon HTTP/2.0" 200 11004 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:21 +0200] "GET /maxxon/maxxon/issues HTTP/2.0" 200 11776 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:25 +0200] "GET /maxxon/maxxon/issues/new HTTP/2.0" 200 13898 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:44 +0200] "POST /maxxon/maxxon/issues/new HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:44 +0200] "GET /maxxon/maxxon/issues/1 HTTP/2.0" 200 19903 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:45 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:48 +0200] "POST /maxxon/maxxon/issues/1/comments HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:48 +0200] "GET /maxxon/maxxon/issues/1 HTTP/2.0" 200 19907 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:44:49 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:45:23 +0200] "GET /maxxon/maxxon/issues/new HTTP/2.0" 200 13915 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log.1:144.202.37.168 - - [19/May/2023:14:45:25 +0200] "GET /maxxon/maxxon/issues/1/content-history/overview?_csrf=2l-pTjo2m6jEMIpvdjfY7kVZyoM6MTY4NDUwMDIyNDA0OTUyODE0NQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" ``` maxxon.cayse@fullangle.org ![image](/attachments/c8dcc4b1-9845-4dfe-a19e-dfd91ffb8ce1) ![image](/attachments/7fa3c284-6a1c-44b0-8f86-00a3b7031e68) ![image](/attachments/374dab64-788b-4a45-8f56-0f0c6f5e5400)
image.png
321 KiB
image.png
299 KiB
image.png
322 KiB
Benjamin_Loison commented 2023-05-20 04:35:35 +02:00
Author
Owner
Copy Link

https://github.com/go-gitea/gitea/issues/6350

Let say image captcha is too easy, let's move to hcaptcha and could set Passing Threshold to Difficult if spam continues.

Let's try to avoid banning a single IP, as it's quite easy to circumvent that.

https://github.com/go-gitea/gitea/issues/6350 Let say `image` captcha is too easy, let's move to hcaptcha and could set `Passing Threshold` to `Difficult` if spam continues. Let's try to avoid banning a single IP, as it's quite easy to circumvent that.
Benjamin_Loison commented 2023-05-23 14:49:49 +02:00
Author
Owner
Copy Link
access.log:45.77.165.103 - - [23/May/2023:14:44:52 +0200] "GET /Benjamin_Loison/Synchronous_reactive_systems/issues/9 HTTP/2.0" 200 17912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"
access.log:45.77.165.103 - - [23/May/2023:14:44:52 +0200] "GET /Benjamin_Loison/Synchronous_reactive_systems/issues/9/content-history/overview?_csrf=gG0trb3QdzNiIO-UuzXHJ2tuTcg6MTY4NDg0NTgzNjQzNzYxMjk3MQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36"

samuelmegan@yopmail.com

I increased hCatpcha difficulty to difficult.

Could then try reCaptcha.

https://docs.gitea.com/next/help/faq#adjusting-your-server-for-publicprivate-use

Could consider EMAIL_DOMAIN_BLACKLIST.

Could also consider disabling registration (DISABLE_REGISTRATION) but instead put a message to contact me to get an account, or could use REGISTER_MANUAL_CONFIRM but then may be spammed with account requests.

Should deepen DEFAULT_USER_IS_RESTRICTED.

``` access.log:45.77.165.103 - - [23/May/2023:14:44:52 +0200] "GET /Benjamin_Loison/Synchronous_reactive_systems/issues/9 HTTP/2.0" 200 17912 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" access.log:45.77.165.103 - - [23/May/2023:14:44:52 +0200] "GET /Benjamin_Loison/Synchronous_reactive_systems/issues/9/content-history/overview?_csrf=gG0trb3QdzNiIO-UuzXHJ2tuTcg6MTY4NDg0NTgzNjQzNzYxMjk3MQ HTTP/2.0" 200 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.0.0 Safari/537.36" ``` `samuelmegan@yopmail.com` I increased hCatpcha difficulty to difficult. Could then try reCaptcha. https://docs.gitea.com/next/help/faq#adjusting-your-server-for-publicprivate-use Could consider `EMAIL_DOMAIN_BLACKLIST`. Could also consider disabling registration (`DISABLE_REGISTRATION`) but instead put a message to contact me to get an account, or could use `REGISTER_MANUAL_CONFIRM` but then may be spammed with account requests. Should deepen `DEFAULT_USER_IS_RESTRICTED`.
Screenshot from 2023-05-23 14-47-00.png
341 KiB
Screenshot from 2023-05-23 14-47-08.png
281 KiB
Screenshot from 2023-05-23 14-47-00.png Screenshot from 2023-05-23 14-47-08.png
Benjamin_Loison commented 2023-06-14 13:19:26 +02:00
Author
Owner
Copy Link

Got spammed again, so disabled registrations.

As a result I added communication means to my profile for people really interested in having an account, would be nice to change the registration message error, but it doesn't seem possible currently.

Got spammed again, so disabled registrations. As a result I added communication means to [my profile](https://gitea.lemnoslife.com/Benjamin_Loison) for people really interested in having an account, would be nice to change the registration message error, but [it doesn't seem possible currently](https://github.com/go-gitea/gitea/blob/a43ea22479334ef3ac05fb8784223d45846b71a3/templates/user/auth/signup_inner.tmpl#L15-L17).
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
Benjamin_Loison
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Benjamin_Loison/Gitea_instance#3
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?