Here's a slightly revised CIDR list that seems to cover all the IPs used by the spammers so far:

https://gist.github.com/patf/1ae99fdd15718483fc15b1e8c8f25fe2

(some CIDRs are redundant because they're from different sources)

Hopefully that'll do for now.

#mastoadmin

Here's a version of the block list you can dump in your nginx to get rid of the bots:

https://gist.github.com/patf/1ae99fdd15718483fc15b1e8c8f25fe2#file-naughty_list_nginx-conf

The advantage of using nginx here instead of your firewall/iptables is that you'll have an easier time checking for false-positives in logs (in case I fucked up); the bots follow a predictable pattern (GET / then GET /auth/sign_up) while real traffic would stand out.

#mastoadmin

cc @Gargron

@pfigel Is there an easy way to put that into iptables or maybe nginx?

@Gargron @pfigel ufw example :
https://hostux.social/@valere/100074476284834492

@Gargron @pfigel I'm using this script to read the CIDR list that Patrick provided and apply it to iptables

https://gist.github.com/DJSundog/76f6809cee41196366fe62b46d052643

@pfigel Sidenote but - I hope there is a nice list :3

@pfigel cc @ashfurrow

@pfigel Are they solving a CAPTCHA successfully? (not that you should use one; just curious)

@seanl nope

@pfigel @seanl

You can find here also another way of blocking the signup:

https://github.com/gled-rs/mastodo/commit/f6521ce6a41b95e95b21ea4d8e9e3c824a082c9a

Could be expanded if needed to add automatically the domain to the blocklist.

@pfigel @Technowix isn't OP the thing you noticed earlier?

@pfigel hey @mykola check this out. We just got hit with a bunch of spam accounts (I've stopped them all, but I've had to stop registrations right now to stem the flow)

@dzuk @pfigel Hmm. Is there an IP block we can just ban or anything?

@lawremipsum @pfigel We got a /bunch/ over on m.s too. It's been a whole thing.