|
|
|
|
|
|
by anarcat
2062 days ago
|
|
|
We (at torproject.org) also adopted GitLab CE recently and we had to close down registrations because of abuse. Tens (hundreds?) of seemingly fake accounts were created in the two weeks we had registrations opened and we had to go through each one of those to make sure they were legitimate. In our case, snippets were not directly the problem: user profiles were used as spam directly. We can't use ReCAPTCHA or Akismet for obvious privacy reasons. The new "admin approval" process in 13.5 is interesting, but doesn't work so well for us, because it's hard to judge if an account should be allowed or not. As a workaround, we implemented a "lobby": a simple Django app that sits in front of gitlab to moderate admissions. https://gitlab.torproject.org/tpo/tpa/gitlab-lobby/ The idea is people have to provide a reason (free form text field) to justify their account. We'd also like people to be able to file bugs from there directly, in one shot. We're also thinking of enabling the service desk to have that lower bar for entry, but we're worried about abuse there as well. Having alternatives to ReCAPTCHA would be quite useful for us as well. |
|
|