getting reports that tor users are no longer allowed to register. What gives?
getting reports that tor users are no longer allowed to register. What gives?
tor users blocked #119
Closed
opened 2020年01月15日 19:58:37 +01:00 by themusicgod1
·
13 comments
themusicgod1
commented 2020年01月15日 19:58:37 +01:00
pcsv
commented 2020年01月15日 20:14:40 +01:00
Please see and join the discussion on
https://mastodon.technology/@codeberg/103480576712180186
and
https://mastodon.technology/@codeberg/103486719874749650
hw
commented 2020年01月15日 20:32:19 +01:00
Due to the ongoing spam flood attacks via Tor described in the threads mentioned above we have disallowed disposable email providers.
Tor exit nodes are still allowed but unless we find a way to stop these attackers we see currently little choice for the next steps but to block these exit nodes for API or possibly even for all access attempts.
Maybe you have a more elegant idea that is implementable short-term?
Due to the ongoing spam flood attacks via Tor described in the threads mentioned above we have disallowed disposable email providers.
Tor exit nodes are still allowed but unless we find a way to stop these attackers we see currently little choice for the next steps but to block these exit nodes for API or possibly even for all access attempts.
Maybe you have a more elegant idea that is implementable short-term?
hugot
commented 2020年01月17日 00:33:47 +01:00
Hi, I made a thing that could help solve this issue: https://codeberg.org/hugot/gitea-api-protector
Also posted on the fediverse at https://amsterdon.nl/@hugot/103490154227247581
Hi, I made a thing that could help solve this issue: https://codeberg.org/hugot/gitea-api-protector
Also posted on the fediverse at https://amsterdon.nl/@hugot/103490154227247581
6543
commented 2020年01月17日 21:51:36 +01:00
to: https://mastodon.technology/@codeberg/103480576712180186
Gitea Issues:
to: <https://mastodon.technology/@codeberg/103480576712180186>
Gitea Issues:
* [Rate-limit comments/issues opens #9785](https://github.com/go-gitea/gitea/issues/9785)
* [[Feature] API Rate Limiting #9559](https://github.com/go-gitea/gitea/issues/9559)
* [[Feature] [Extend] API Rate Limiting by User Creation Age #9847](https://github.com/go-gitea/gitea/issues/9847)
hw
commented 2020年01月17日 22:04:50 +01:00
@hugot wrote:
Hi, I made a thing that could help solve this issue: https://codeberg.org/hugot/gitea-api-protector
Also posted on the fediverse at https://amsterdon.nl/@hugot/103490154227247581
cool! We will deploy on codeberg-test and have a closer look next days! (currently very busy due to annual member assembly preparations)
Do you think it is worth joining your ideas with the issues listed above to synchronize all changes upstream?
@hugot wrote:
> Hi, I made a thing that could help solve this issue: https://codeberg.org/hugot/gitea-api-protector
>
> Also posted on the fediverse at https://amsterdon.nl/@hugot/103490154227247581
cool! We will deploy on codeberg-test and have a closer look next days! (currently very busy due to annual member assembly preparations)
Do you think it is worth joining your ideas with the issues listed above to synchronize all changes upstream?
hw
commented 2020年01月17日 22:22:36 +01:00
@6543 wrote:
to: https://mastodon.technology/@codeberg/103480576712180186
Gitea Issues:
Rate-limit comments/issues opens #9785
[Feature] API Rate Limiting #9559
[Feature] [Extend] API Rate Limiting by User Creation Age #9847
Great, thank you! This seems all moving into the right direction.
@6543 wrote:
> to: https://mastodon.technology/@codeberg/103480576712180186
>
> Gitea Issues:
>
> Rate-limit comments/issues opens #9785
> [Feature] API Rate Limiting #9559
> [Feature] [Extend] API Rate Limiting by User Creation Age #9847
>
Great, thank you! This seems all moving into the right direction.
themusicgod1
commented 2020年01月21日 06:59:19 +01:00
all those are 404s
all those are 404s
pcsv
commented 2020年01月21日 07:02:30 +01:00
Seems the issue formatter makes issue links local when quoting. In the original comment by @6543 links point to proper remote issue.
Seems the issue formatter makes issue links local when quoting. In the original comment by @6543 links point to proper remote issue.
hugot
commented 2020年01月22日 13:26:15 +01:00
@hw:
Do you think it is worth joining your ideas with the issues listed above to synchronize all changes upstream?
I think there's some great ideas mentioned in those issues. I like the idea of having a more sophisticated reputation system in particular. How about implementing that in a separate program while it's not in gitea yet?
To keep things simple, I could add a new HTTP endpoint to the api-protector to add verified users without a pull request.
It shouldn't be too hard to write a program that periodically calls the gitea API to calculate user reputations using values like amounts of stars received etc. That program could then use the new endpoint in the api-protector to automatically make users verified, without them needing to create a pull request first.
Curious to hear what you think of this solution!
@hw:
> Do you think it is worth joining your ideas with the issues listed above to synchronize all changes upstream?
I think there's some great ideas mentioned in those issues. I like the idea of having a more sophisticated reputation system in particular. How about implementing that in a separate program while it's not in gitea yet?
To keep things simple, I could add a new HTTP endpoint to the api-protector to add verified users without a pull request.
It shouldn't be too hard to write a program that periodically calls the gitea API to calculate user reputations using values like amounts of stars received etc. That program could then use the new endpoint in the api-protector to automatically make users verified, without them needing to create a pull request first.
Curious to hear what you think of this solution!
hw
commented 2020年01月23日 08:51:00 +01:00
Long-term it feels that the feature would be beneficial to all users, so incorporating it in Gitea itself seems more future-proof? Aside from an active long-term maintainer community all information is also accessible locally there.
If you like, we could set up a simple playground with a local fork (for example from https://codeberg.org/Codeberg/gitea or embedded in https://codeberg.org/Codeberg/build-deploy-gitea), that then deploys to https://codeberg-test.org for testing.
Long-term it feels that the feature would be beneficial to all users, so incorporating it in Gitea itself seems more future-proof? Aside from an active long-term maintainer community all information is also accessible locally there.
If you like, we could set up a simple playground with a local fork (for example from https://codeberg.org/Codeberg/gitea or embedded in https://codeberg.org/Codeberg/build-deploy-gitea), that then deploys to https://codeberg-test.org for testing.
hugot
commented 2020年02月04日 14:16:52 +01:00
I don't think I'm the right person for that at this time. I have other projects that I want to work on and I can't fit in a big commitment like that atm.
I mainly created the api-protector and proposed the separate program because both are feasible to implement short-term.
Another pro is that this approach makes it trivial for people to experiment with custom reputuation systems written in whatever language they want.
The outcome of such experiments might help with the implementation of a robust reputation system in gitea when that time comes as well.
I don't think I'm the right person for that at this time. I have other projects that I want to work on and I can't fit in a big commitment like that atm.
I mainly created the api-protector and proposed the separate program because both are feasible to implement short-term.
Another pro is that this approach makes it trivial for people to experiment with custom reputuation systems written in whatever language they want.
The outcome of such experiments might help with the implementation of a robust reputation system in gitea when that time comes as well.
hw
commented 2020年02月04日 18:12:21 +01:00
Thank you! A great idea in any case.
Thank you! A great idea in any case.
fnetX
closed this issue 2021年04月08日 19:00:04 +02:00
fnetX
commented 2021年04月08日 19:00:17 +02:00
Tor users have never been actively blocked, other mentioned issues are tracked elsewhere. Thank you for this discussion :')
Tor users have never been actively blocked, other mentioned issues are tracked elsewhere. Thank you for this discussion :')
Sign in to join this conversation.
Labels
Clear labels
Reduces accessibility and is thus a "bug" for certain user groups on Codeberg.
Something is not working the way it should. Does not concern outages.
Errors evidently caused by infrastructure malfunctions or outages
This issue involves Codeberg's downstream modifications and settings and/or Codeberg's structures.
Please join the discussion and consider contributing a PR!
No bug, but an improvement to the docs or UI description will help
This issue or pull request already exists
New feature
Involves changes to the server setups, use `bug/infrastructure` for infrastructure-related user errors.
An issue directly involving legal compliance
involving questions about the ToS, especially licencing compliance
Please consider editing your posts and remember that there is a human on the other side. We get that you are frustrated, but it's harder for us to help you this way.
Things related to Codeberg's external communication
More information is needed
This issue contains a clearly stated problem. However, it is not clear whether we have to fix anything on Codeberg's end, but we're helping them fix it and/or find the cause.
Related to Forgejo. Please also check Forgejo's issue tracker.
Migration related issues in Forgejo
Issues related to the Codeberg Pages feature
Issue is related to the Weblate instance at https://translate.codeberg.org
Woodpecker CI related issue
involves improvements to the sites security
Add a new service to the Codeberg ecosystem (instead of implementing into Gitea)
An open issue or pull request to an upstream repository to fix this issue (partially or completely) exists (i.e. Gitea, Forgejo, etc.)
Codeberg's current set of contributors are not planning to spend time on delegating this issue.
accessibility
Reduces accessibility and is thus a "bug" for certain user groups on Codeberg.
bug
Something is not working the way it should. Does not concern outages.
bug
infrastructure
Errors evidently caused by infrastructure malfunctions or outages
Codeberg
This issue involves Codeberg's downstream modifications and settings and/or Codeberg's structures.
contributions welcome
Please join the discussion and consider contributing a PR!
docs
No bug, but an improvement to the docs or UI description will help
duplicate
This issue or pull request already exists
enhancement
New feature
infrastructure
Involves changes to the server setups, use `bug/infrastructure` for infrastructure-related user errors.
legal
An issue directly involving legal compliance
licence / ToS
involving questions about the ToS, especially licencing compliance
please chill
we are volunteers
Please consider editing your posts and remember that there is a human on the other side. We get that you are frustrated, but it's harder for us to help you this way.
public relations
Things related to Codeberg's external communication
question
More information is needed
question
user support
This issue contains a clearly stated problem. However, it is not clear whether we have to fix anything on Codeberg's end, but we're helping them fix it and/or find the cause.
s/Forgejo
Related to Forgejo. Please also check Forgejo's issue tracker.
s/Forgejo/migration
Migration related issues in Forgejo
s/Pages
Issues related to the Codeberg Pages feature
s/Weblate
Issue is related to the Weblate instance at https://translate.codeberg.org
s/Woodpecker
Woodpecker CI related issue
security
involves improvements to the sites security
service
Add a new service to the Codeberg ecosystem (instead of implementing into Gitea)
upstream
An open issue or pull request to an upstream repository to fix this issue (partially or completely) exists (i.e. Gitea, Forgejo, etc.)
wontfix
Codeberg's current set of contributors are not planning to spend time on delegating this issue.
No labels
accessibility
bug
bug
infrastructure
Codeberg
contributions welcome
docs
duplicate
enhancement
infrastructure
legal
licence / ToS
please chill
we are volunteers
public relations
question
question
user support
s/Forgejo
s/Forgejo/migration
s/Pages
s/Weblate
s/Woodpecker
security
service
upstream
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
6 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".
No due date set.
Dependencies
No dependencies set.
Reference
Codeberg/Community#119
Loading...
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?