259 likely-spam user accounts

After getting a ‘request to join Snowdrift group’ from a spam user on, I decided to check out what other users we have. Turns out there are 259 users with no projects (so they haven’t even forked Snowdrift), and at first glance they seem to all be spam.

This makes me wish even more that the project was just hosted on Thoughts?

1 Appreciation

Quick inspection found two useful things:

  1. Send confirmation email on signup (obvious win, maybe the only change needed)
  2. Restricted visibility levels: “If the public level is restricted, user profiles are only visible to logged in users.”

The first is obvious, I’ve already turned it on. I’m not sure what the ramifications of the second are, but I’m going to turn it on, as well. We can adjust if necessary.

For admins, you can find these controls at

1 Appreciation

Thanks, I so thought that I had that first setting on already!

I actually already manually had deleted several users with names focused on “SEO” as obvious spam. I agree it’s near-certain that all the users with zero activity and no forking are all spam.

On one hand, spam users who do nothing can just be ignored, doesn’t really cost us anything. But I vote we just delete them all.

What does the first part of that sentence mean?

1 Appreciation

It means that only administrators can set anything (including their own stuff) to public visibility. It may prove onerous.

Ah okay. Well, I guess it means that anyone who makes forks in order to contribute there will only be visible to logged-in users unless we mark their forks public. Probably no big deal since likely all changes in forks will just turn into merge-requests to the public repos…

[Incidentally, if we find there are reasons to have a range of fully-public forks and various repos outside the main group, that might lean toward the suggestion… but I don’t predict this will happen]

Not urgent at all, I’d like to decide on that. Then we can close this topic

1 Appreciation