[aur-general] Spammers in AUR user comments
lfleischer at archlinux.org
Thu Apr 11 15:36:52 UTC 2019
On Thu, 11 Apr 2019 at 15:13:32, Daniel M. Capella via aur-general wrote:
> On April 5, 2019 7:54:44 AM EDT, NicoHood <archlinux at nicohood.de> wrote:
> >Should and how can we better protect ourselves from spam comments?
> Perhaps we should add CAPTCHA for account registrations.
IIRC, we had an issue with spam bots several years ago. We tried adding
a CAPTCHA back then and it did not help (which, of course, does not
imply that CAPTCHAs do not work in general).
The issue was eventually resolved by requiring users to confirm their
email address and set an initial password from the confirmation email
before using their accounts. If this no longer works and massive
spamming continues to be a problem, I am open to trying other techniques
That being said, I think we should first figure out whether spammer
account creation is automated or done manually this time.
More information about the aur-general