We've implemented and enabled Turnstile on registration to prevent unwanted sign-up spam (it's a daily issue at this point).
-
We've implemented and enabled Turnstile on registration to prevent unwanted sign-up spam (it's a daily issue at this point).
Cloudflare Turnstile confirms web visitors are real and blocks unwanted bots without slowing down web experiences for real users. It's a simple snippet of free code that eliminates CAPTCHAs. With Turnstile, you can deliver better experiences and strengthen privacy for all users. More info: https://www.cloudflare.com/products/turnstile/
For anyone interested, here's the change in our Mastodon fork: https://github.com/mementomori-social/mastodon/tree/feature/captcha-turnstile-provider
#MementomoriSocial #MastoAdmin #Mastodon
-
R relay@relay.an.exchange shared this topic
-
We've implemented and enabled Turnstile on registration to prevent unwanted sign-up spam (it's a daily issue at this point).
Cloudflare Turnstile confirms web visitors are real and blocks unwanted bots without slowing down web experiences for real users. It's a simple snippet of free code that eliminates CAPTCHAs. With Turnstile, you can deliver better experiences and strengthen privacy for all users. More info: https://www.cloudflare.com/products/turnstile/
For anyone interested, here's the change in our Mastodon fork: https://github.com/mementomori-social/mastodon/tree/feature/captcha-turnstile-provider
#MementomoriSocial #MastoAdmin #Mastodon
@rolle IME #Cloudflare #Turnstile can break if you use #browser extensions to defeat #fingerprinting for #privacy. That should make users uncomfortable with being forced to pass its invasive #tracking.
-
@rolle IME #Cloudflare #Turnstile can break if you use #browser extensions to defeat #fingerprinting for #privacy. That should make users uncomfortable with being forced to pass its invasive #tracking.
@johan_andersson I haven't experienced that with Ungoogled-Chromium or uBlock Origin or Brave Origin. Thankfully, you can choose your instance freely.
-
@johan_andersson I haven't experienced that with Ungoogled-Chromium or uBlock Origin or Brave Origin. Thankfully, you can choose your instance freely.
@rolle The extension I had issues with was #CanvasFingerprintDefender, which shouldn't cause any issues unless #Turnstile specifically is using #Canvas #fingerprinting attacks, and my issue is more with the advanced fingerprinting than the breakage itself. You are of course free to use it on your instance, which I'm not on, and this was just intended as a friendly #privacy tip, in case of interest.
https://chromewebstore.google.com/detail/canvas-fingerprint-defend/lanfdkkpgfjfdikkncbnojekcppdebfp
-
@rolle The extension I had issues with was #CanvasFingerprintDefender, which shouldn't cause any issues unless #Turnstile specifically is using #Canvas #fingerprinting attacks, and my issue is more with the advanced fingerprinting than the breakage itself. You are of course free to use it on your instance, which I'm not on, and this was just intended as a friendly #privacy tip, in case of interest.
https://chromewebstore.google.com/detail/canvas-fingerprint-defend/lanfdkkpgfjfdikkncbnojekcppdebfp
@johan_andersson Sure, noted. The built-in mechanism in Mastodon's source code to mitigate bots is hCaptcha. But I dislike all captchas. Turnstile has been the most effective and least distracting way in my other apps.
