425
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 13 Jul 2023
425 points (94.7% liked)
Lemmy.world Support
3212 readers
12 users here now
Lemmy.world Support
Welcome to the official Lemmy.world Support community! Post your issues or questions about Lemmy.world here.
This community is for issues related to the Lemmy World instance only. For Lemmy software requests or bug reports, please go to the Lemmy github page.
This community is subject to the rules defined here for lemmy.world.
You can also DM https://lemmy.world/u/lwreport or email report@lemmy.world (PGP Supported) if you need to reach our directly to the admin team.
Follow us for server news 🐘
Outages 🔥
https://status.lemmy.world
founded 2 years ago
MODERATORS
do you also ban the IP or is it too much?
Lemmy doesn't have an option for that but we're looking into it
I guess it's achievable with hosting you're using (with nginx ip block list for example if you're using it)
What you're looking for is functionality like fail2ban, but probably with a filter set to the HTTP endpoint for creating communities. Not sure if it will work, I haven't really looked into the Lemmy code/architecture yet.
If they’re using Cloudflare it can do this too. Even the free tier, you can have one monstrously long WAF rule to ban a bunch of IPs
Spammers with a little bit of sanity in them will use VPN providers. The consequence is that IP banning effectively results in blocking VPN servers. For people like me, using VPN connections for genuine reasons (like a provider/government that cannot be trusted), this is problematic
I used to use stuff that had IP banning and it would just mean when I was on mobile data I would just randomly not be able to use it because some dick was wanding around getting IP banned using mobile data.
People warrant IP banning userly are sad enough to find way of circumventing it and it'll probably just makes issues for other users instead.
It's so easy to change your IP address. All you'll end up doing is banning a dynamic IP that someone else will get at some point