Boba pop - a service that can reduce spam and bad users

The Gallery
1

boba pop

about

boba pop is a simple service that can reduce spam and bad users.

how it works

  1. Discourse lets boba pop know when a user signs up
  2. boba pop will check the IP address and see if it belongs to a datacentre or Tor node, and if it find a match, it will block it.
  3. boba pop will also check the email address and see if it belongs to a throwaway email servcie using 0shade (a fork of throwawayemails). If it finds a match, it will block it.

config

This should go in your .env file

WEBHOOK_PATH=webhook
DISCOURSE_API_KEY=(key from discourse dashboard)
DISCOURSE_API_USERNAME=user
INSTANCE_HOSTNAME=forum.com
ABUSEIPDB_KEY=(key from abuseipdb api)
CONTACT_EMAIL=staff@forum.com
LIMIT=1970-01-01T00:00:00.000Z

set it up

  1. Generate an API key and put it in the DISCOURSE_API_KEY section. Set the account username of who the key belongs to as DISCOURSE_API_USERNAME

  2. Set WEBHOOK_PATH to something random. The webhook URL is hidden in .env so random users don’t make fake user requests. When you’re done, make a new webhook entry in the dashboard

  3. Set INSTANCE_HOSTNAME to the hostname of your discourse instance, don’t include http(s):// in the name

  4. Set LIMIT to how far back you want to ban users. Remove it if you wish to ban users that signed up with a VPN or temporary email at any point in time. Great if you don’t want a retroactive policy.

  5. Set CONTACT_EMAIL to the email of what you want blocked users to contact you with.

  6. Make an account on AbuseIPDB and navigate to the API Section. Make a new key and put it in ABUSEIPDB_KEY

You’re done!

source code

9 Likes