In case that it is useful to you:
- Enable "Autosandbox" plugin, so new accounts are sandboxed by
default (they don't appear in public timelines) until an admin
un-sandboxes them.
- Enable "RequireValidatedEmail" plugin, so only accounts with verified
email can post.
- Enable "RegisterThottle" plugin, so spam accounts registration is
mitigated.
I don't know any mitigation against "Password reset e-mail bomb", but
those plugins really help against the other two.
Besides that, there's something else about moderating large servers (I
don't know the number of accounts as your nodeinfo does not say it, but
fedidb.org says you have 154): you need more people, besides you, to
moderate, even if we are talking only about mitigating spam accounts,
and that need will increase with the number of accounts you host. This
is not a technical issue, but a social one.
About the harsh words about the developers: Diogo has said before that
he is busy right now, and that efforts are being put into version 3 of
Gnusocial, as you can see in https://codeberg.org/GNUsocial/gnu-social
I don't really get the complaint against Spookie, so I won't comment on
that. Anyway, I think it is quite unfair to say what you are saying.
El Wed, 28 Dec 2022 23:31:03 +0900
"SENOO, Ken" <develop@senooken.jp> escribió:
I stopped open registration for gnusocial.jp by DoS attack.
I posted about this in [告知:
gnusocial.jpへのDoS攻撃とweb.gnusocial.jpの分散SNS参加 | GNU social
JP](https://web.gnusocial.jp/post/2022/12/28/341/).
My server gnusocial.jp is damaged by DoS attack following contents.
- Password reset e-mail bomb.
- A lot of regstration from bot.
- A lot of post by bots.
I am not familiar with security. So I stopped open registration for
gnusocial.jp.
gnu social has weak security functions. General registration
reception is dangerous if targeted by attackers.
By the way, recently, I posted these articles.
- [告知: gnusocial.jpのGNU socialでの最大一般公開サーバー化 | GNU
social JP](https://web.gnusocial.jp/post/2022/12/19/306/)
- [Qvitter著者のGNU socialへの復帰 | GNU social
JP](https://web.gnusocial.jp/post/2022/12/26/320/)
I started gnusocial.jp on 2022-07. gnusocial.jp became largest open
registration GNU social server (surely have many sleeping and spam
accounts). Server cost is only 1.5 USD (220 JPY) per month! This is
power of GNU social.
gnusocial.jp also is only server for using Qvitter/Pleroma FE on GNU
socialv2. And Qvitter author Hannes Mannerheim back on GNU social
(<https://gnusocial.jp/hannes>)!
This is my result of activity.
If you are developers, you should use GNU social firstly. Apparently,
spookie <https://outerheaven.club/users/spookie> uses mainly
Pleroma/Akkoma (not GNU social!). I think if you do not use GNU
social, you are not developers.
Diogo, you do not merge, and ignored my PR
<https://notabug.org/diogo/gnu-social/pulls/293>. I am very sad and
disappointment for you.
In first my article, new GNU social server started (social.076.moe,
gnusocial-v2.cyberrex.jp). They are my acquaintance. I think these
are my result of activity. And they would have same issue for my PR.
If you merge my PR, they had no same problem. I think developers
should stand as user firstly.
Why did you ignore me? I think if you have no passion, you have
better to step down development leader same as evan prodoromou and
matt lee.
I think money is the center pin (top priority) for continuing
development. PeerTube also have same money trouble ([報道: PeerTube
v5の公開 | GNU social
JP](https://web.gnusocial.jp/post/2022/12/15/298/)).
If we have enough money, we can employ by my self. Mastodon=Eugen
Rochko succeeded earning money his patreon.
Do you have business/strategy/idea? If you have no them, you cannot
continue GNU social. I think donation is not enough. No activity, no
life. People assume GNU social as dead if you have no activity.
I started my business on web.gnusocial.jp. I keep updating my site
everyday at least 2 months. This year 2022 is starting year. Surely I
have no money now. I will start making money on 2023. I have some
business ideas.
I appreciated supporting ActivityPub on GSv2 on you. It is OK for
ignoring/refusing me.
If my business succeed (success of employing myself), I will start
new GNU social site and continuing development GNU social alone, and
gathering new developers. If it is success, you cannot catch up with
me. I am an associate FSF member
(https://www.gnu.org/thankgnus/2022supporters.html) also. I am
serious.
Hannes was gave up because western country was not interested in
DSNS. Globally, Japan is the most active and important country for
decentlized SNS (https://fedidb.org/network, pawoo.net/mstdn.jp are
Japan). And I am only Japanese for current GNUsocial relating. If we
have success in Japan, we have success in the world.