Banned abuser
amasad (2065)

You all may have seen that someone has been going around posting unsavory content (to say the least) to various apps and challenge entries.

With the help of @TheDrone7, we've been able to locate the abuser and ban them from the site for life. We also have all his information and IP address and if the person in question were to return we'll be escalating to the authorities.

I wanted to share this publicly so that:

1- you know that we don't tolerate behavior like this
2- you secure your apps and websites preferably with Repl.it auth (which allowed us to catch the attacker)

Read more about Auth here: https://repl.it/talk/learn/Authenticating-users-with-Replit-Auth/23460

You are viewing a single comment. View All
AdCharity (1110)

Hopefully we got him... but literally 20 minutes ago a similar person just defaced the meme.me project with a bunch of nsfw and ours just got spammed with troll/hacker faces...

Zavexeon (976)

@AdCharity That's odd. Ours was never hit, at least not yet. Our rate limiting should stop botting, though.

AdCharity (1110)

@Zavexeon yeah I shut down green scale permanently. We're moving it to node.js now

rediar (239)

@AdCharity It may be a copycat attack.

MatthewDoan1 (312)

@AdCharity What was GreenScale using originally?

amasad (2065)

@MatthewDoan1 it was all static and html and no backend so hard to secure.

Eventually we want to repl auth work on frontend too but that's gonna be sometime.

AdCharity (1110)

@MatthewDoan1 well it used html, css, and js (which was bad because it exposed the firebase key and relied too much on the client) and built on top of brain.js (for text classification for the environment) and firebase (for the database). I guess you could read the essay we wrote, but that's pretty much it.

MatthewDoan1 (312)

@AdCharity You wrote an essay? Where is it?

Also, why not use a .env file for your database key?

AdCharity (1110)

@MatthewDoan1 well the original post (its actually pretty long). btw i don't think you can access environment variables if it isn't node.js (which is where our project is transitioning right now)