If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

[Spam throttle] Prevent users with less than 200 edits to make more than 1 edition/minute

RESOLVED WONTFIX

Status

Mozilla Developer Network
User management
RESOLVED WONTFIX
3 years ago
3 years ago

People

(Reporter: teoli, Unassigned)

Tracking

(Blocks: 1 bug)

Details

(Reporter)

Description

3 years ago
In order to prevent spam bots (that could do more harm than empty editions), we should prevent new users to do more than 1 edition/minute.

I propose less than 200 edits (which gives us at least 3h 20' to detect them before they can be unleashed).

Justin, Luke, what do you think?
+1, I like this plan.

Any user who does comes along and immediately starts to make a lot of positive changes could always talk to us on dev-mdc about having the restriction lifted form their account. It is easy to tell if they are legit or not.

Plus any account that tries to make multiple edits per minute could be immediately flagged as suspicious activity, and we could be given a choice of ban user, ban IP, or remove restriction (genuine contributor).
It's a decent feature, but also a bit complicated to enforce. IMO blocking the bots at the registration step (bug 1119532) would be more effective and efficient use of time right now. I'm currently working on the ban-by-IP (bug 1113260)
The django-banish library I'm using for bug 1113260 has a default 75 requests-per-minute throttle, which includes all requests: GETs and POSTs. Does that sound right?
Flags: needinfo?(jypenator)
Flags: needinfo?(cmills)
I'm not sure exactly what you mean. This doesn't sound like the same thing to me.
Flags: needinfo?(cmills)
Yeah, sorry it's not the same thing. I'll ask in the other bug.
Flags: needinfo?(jypenator)
(Reporter)

Comment 6

3 years ago
We have decided to wontfix this during the triage meeting; other spam throttling will reach similar goals.
Status: NEW → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.