2023-11-13, 05:52 AM
(This post was last modified: 2023-11-13, 06:11 AM by joshuaboniface. Edited 4 times in total.)
Hello everyone.
As you may have noticed, the Jellyfin forums are under a major spam attack for the past 2-3 weeks. The spam is consistent (Korean text) and appears, based on the response to our mitigations, to be by actual human operators who have so far been able to elude all mitigations we've put up. Even remote spam blocking services have only been marginally effective.
To combat this, we've been trying a variety of techniques, some of which may seem very inconvenient. For this we apologize, but we must continue to explore all avenues to stop this and reduce the massive burden on our (like everything, volunteer) moderation team.
So far, the following mitigations have been put into place. Not all are guaranteed to be permanent.
1. A new security question, asking a less obvious question. This may change further in the future so ensure you read it carefully.
2. hCaptcha instead of ReCaptcha, which will ask everyone to complete two challenges.
3. A "you must post in a controlled way first" system with autopromotion of users. Please see the banner message at the top of the forum index for instructions when you first register!
4. Two external anti-spam registries: StopForumSpam.com and, as of today, CleanTalk.org. The latter MAY block VPNs and other such services as suspicious.
We are also considering our nuclear hammer - which I am strongly considering at this point - which is banning the entire country involved, but we are hoping the other applied mitigations are effective.
While we recognize that this is harmful to some of our community, we must balance that against the ability of our volunteers to handle the situation and prevent this forum from being overrun by spam. We hope you understand, and if you do run into trouble please don't hesitate to reach out to us on Matrix or via email.
As you may have noticed, the Jellyfin forums are under a major spam attack for the past 2-3 weeks. The spam is consistent (Korean text) and appears, based on the response to our mitigations, to be by actual human operators who have so far been able to elude all mitigations we've put up. Even remote spam blocking services have only been marginally effective.
To combat this, we've been trying a variety of techniques, some of which may seem very inconvenient. For this we apologize, but we must continue to explore all avenues to stop this and reduce the massive burden on our (like everything, volunteer) moderation team.
So far, the following mitigations have been put into place. Not all are guaranteed to be permanent.
1. A new security question, asking a less obvious question. This may change further in the future so ensure you read it carefully.
2. hCaptcha instead of ReCaptcha, which will ask everyone to complete two challenges.
3. A "you must post in a controlled way first" system with autopromotion of users. Please see the banner message at the top of the forum index for instructions when you first register!
4. Two external anti-spam registries: StopForumSpam.com and, as of today, CleanTalk.org. The latter MAY block VPNs and other such services as suspicious.
We are also considering our nuclear hammer - which I am strongly considering at this point - which is banning the entire country involved, but we are hoping the other applied mitigations are effective.
While we recognize that this is harmful to some of our community, we must balance that against the ability of our volunteers to handle the situation and prevent this forum from being overrun by spam. We hope you understand, and if you do run into trouble please don't hesitate to reach out to us on Matrix or via email.
