search

misskey-dev / misskey

🌎 An interplanetary microblogging platform 🚀
https://misskey-hub.net/
GNU Affero General Public License v3.0
9.66k stars 1.28k forks source link

Force open registration instances enable captcha #13323

Open Natsuki-Kaede opened 4 months ago

Natsuki-Kaede commented 4 months ago

Summary

Force open registration instances enable captcha.

Purpose

Instances compromised by spam bots pose a threat to the entire community.

Do you want to implement this feature yourself?

kakkokari-gtyih commented 4 months ago

Could you explain more details of the feature you propose?

temtemy commented 4 months ago

@kakkokari-gtyih I think @Natsuki-Kaede is suggesting that it should never be possible for an instance that has open registrations to just disable CAPTCHA. If an instance opens up its registrations, a CAPTCHA service should be forcefully enabled too (and if a CAPTCHA can't be enabled while opening up registrations, return an error)

Natsuki-Kaede commented 4 months ago

Could you explain more details of the feature you propose?

@kakkokari-gtyih I think @Natsuki-Kaede is suggesting that it should never be possible for an instance that has open registrations to just disable CAPTCHA. If an instance opens up its registrations, a CAPTCHA service should be forcefully enabled too (and if a CAPTCHA can't be enabled while opening up registrations, return an error)

Thank you for your explanation. Due to the recent large number of spam posts, it is necessary to force CAPTCHA to be enabled. The first instances that were attacked were all open registered and did not have any verification methods enabled.