Sounds pretty suspicious to me.

  • MemphisFM@waveform.social
    link
    fedilink
    English
    arrow-up
    6
    ·
    1 year ago

    I just joined yesterday because I saw a post that I can’t find. But it reminded me to ditch Reddit and find some Lemmy instances. I’m glad I found this one and was able to sign up. Just my 2 cents.

  • ChappIO@waveform.socialM
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I was able to delete most of the fake users, but the user count on the homepage does not update 🤷 I can’t find that number saved in the database anywhere.

    • ChappIO@waveform.socialM
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Good question, I wasn’t aware of the explorer but in the logs of the instance I can see that the did query the instance from time to time. I will get in touch with them to see why this instance isn’t on there.

      • ChappIO@waveform.socialM
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        Thanks for letting me know, I have blocked the bot in our firewall for now and will delete the fake account shortly

          • ChappIO@waveform.socialM
            link
            fedilink
            English
            arrow-up
            2
            ·
            1 year ago

            Yeah, idk what it is. It seems like a weak attack 🤷🏼‍♂️ one account every few seconds. Nothing that would topple any server except a raspberry pi.

            I can see it’s an amateurishly written script, making it easy to pick out in the firewall. Oh well

              • ChappIO@waveform.socialM
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                Yeah that’s unrelated. I moved the server to a new ip address to isolate it from my personal projects. It took a while for these changes to propagate.

                • daguito81@waveform.social
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Good to hear, saw the cloudflare error most of the day today and was worried because several small instances were being hit. Would it make sense to enable captcha and email verification to the signup process so you don’t get hit by more bots?

                  Seems like some actors would like to slowly cultivate bot accounts on smaller instances that fly under the radard of bigger ones

                • Ebauche@waveform.social
                  link
                  fedilink
                  English
                  arrow-up
                  1
                  ·
                  1 year ago

                  Let me know if you ever need help with server admin stuff. I’m not an expert, but did web dev for 15 years and still comfortable enough on the old Linux CLI.