It seems like some FOSS websites started using a Proof of Work CAPTCHA called Anubis because they’ve been getting hit by crawlers to gather data for LLMs. It seems like it helps.
It does not stop them, but it does make it more expensive and slower for the attacker. At the moment, I haven’t seen any instance having this problem, but it most likely will be a problem someday and being praped for it is definitely not a bad thing.
Lemmy could benefit from this by maybe placing some invisible or auto PoW CAPTCHAs when doing some action like commenting, posting, etc.
Yes and so far only minor issues that are hard to replicate. Thanks again for helping us to find out the final issue with the setup a few weeks ago.
I agree that it would make more sense to only enable it for unauthenticated visitors, but that seems a bit hard to do with an external software like Anubis.
I didn’t mean only showing Anubis to unauthenticated users; this was in response to OP mentioning to add this before posting or commenting, which would be the opposite of removing it for authenticated users.
Ah, ok. Yes that kinda makes sense if you think of Anubis as a CAPTCHA equivalent, but it really isn’t as I tried to explain in my other post.