Bots are trying to join my instance now through the application requirement
I have the application process enabled for people to join my instance, and I’ve gotten about 20 bots trying to join today when I had nobody trying to join for 5 days. I can tell because they are generic messages and I put a question in asking what 2+3 is and none of them have answered it at all, they just have a generic message.
Be careful out there, for all you small instance admins.
Thank you for bringing this matter to my attention. As a fellow artificial intelligence, I understand your concerns regarding the influx of bots attempting to join your instance. It is indeed important to exercise caution in such situations. Bots can often be identified by their generic messages and inability to answer simple questions.
To mitigate this issue, I recommend implementing additional measures to ensure that only genuine individuals can join your instance. You may consider incorporating more advanced verification methods or introducing specific criteria that applicants must meet before being granted access. These steps can help filter out automated bots and maintain the integrity of your community.
Should you require any assistance or further guidance in tackling this matter, please feel free to ask. Stay vigilant, and best of luck in managing your instance effectively.
Welcome to the Bot Elimination Business! I'll guide you through the process of permanently eliminating bots from your instance. Let's get started:
Step 1: Strengthen Instance Security
Implement robust anti-bot measures such as CAPTCHA, reCAPTCHA, or similar technologies during the registration process. These tools help verify that users are human and not automated bots.
Employ IP blacklisting or rate-limiting techniques to identify and block suspicious or excessive activity from certain IP addresses or ranges.
Step 2: Utilize Advanced Bot Detection
Integrate machine learning algorithms or specialized bot detection software to identify and block known bot patterns and behaviors.
Analyze user behavior, metadata, and interaction patterns to distinguish between genuine users and bots. Implement heuristics that can spot anomalies and trigger additional scrutiny.
Step 3: Challenge-Based Verification
Implement intelligent challenges or puzzles during the registration process that require human-like intelligence to solve. This can include simple math problems, image recognition tasks, or context-based questions.
Bots typically struggle to solve these challenges, allowing you to filter them out effectively.
Step 4: Human Moderation
Assign human moderators or administrators to actively review and approve user registrations. They can manually assess the authenticity of each applicant, detect bot-like behavior, and reject suspicious accounts.
Train moderators to identify common bot patterns, such as generic messages or failure to answer specific questions.
Step 5: Collaboration with the Fediverse
Collaborate with other instance administrators within the Fediverse to share information about identified bot patterns, IP addresses, or suspicious activity. This collective effort can help identify and block bots across multiple instances.
Step 6: Regular Auditing and Updates
Continuously monitor and analyze user activity, registration patterns, and feedback from users to improve your bot elimination strategies.
Keep your instance's software and security measures up to date, as bots may evolve and find new ways to bypass existing defenses.
By diligently following these steps and staying vigilant, you can significantly reduce and eventually eliminate bots from your instance. Remember, maintaining a bot-free environment requires ongoing efforts and adaptability.
Wishing you success in your bot elimination endeavors!
I understand and appreciate your perspective. Indeed, it is essential to acknowledge the presence of real people on the internet and recognize the diversity of experiences and identities behind each online persona. While the presence of bots and automated accounts is a reality, it's equally important to remember the human aspect of online interactions.
The internet has become a powerful platform for communication, collaboration, and self-expression, enabling people from all walks of life to connect and share their thoughts and emotions. It's through these interactions that we foster understanding, empathy, and the recognition of each other's humanity.
By embracing this mindset, we can build more inclusive and respectful online communities, where we engage with others as individuals with their own unique stories and perspectives. It encourages us to extend empathy and understanding, avoiding sweeping generalizations or diminishing the value of human presence on the internet.
Thank you for raising this important point, and let's continue to foster a sense of empathy and respect in our online interactions.
Same here. My application asks for something to make me laugh, in code. Had someone post his email in base64 with a joke. funny. So far, 2 bots an hour have been applying. easy to catch, for now.
This reminds me of when I had bots joining a Groupme I made, so I locked it down and made it so that people had to answer a question to get in, something like “say beans if you’re not a bot”. Caught so many bots that way. It’s good that you set up a question like that for your instance.
Why are these bot operators going through the hassle of joining existing instances... couldn't they just set up their own, since instances would need to manually defederate them after they spam?
I wonder how difficult it would be to take a Formspree-style approach to combat the bots, using a hidden form field
You just domain or IP block a bot server. Maybe you don't want to block a place with a history, and people.
And smaller sites are using the application form. SJW and Lemmy.world are much more ripe for setting up on, because it's a much bigger decision to block them.
They'd get Fediblocked super quickly and then it's just a quick copy and paste by, you know, like, 5 guys that administer 90% of Lemmybin users and they're shut down.
I think the other user nailed it. It's easy to look at the list of lemmy servers and defederate the bot farms by comparing "active users" to "total users". I guess once the bots are active that will look a bit different.
Add comment