Well then anyone can just make a new account and remix their previous bot. The most important rule for security reasons should be that a user must be a paying user. The time stuff doesn’t really help.
Let’s say we use these rules here to make it really really hard for a user to change their host:
- User must be a registered user.
- User must be older than 1 month.
- User must not have changed a project’s host in the last hour.
- User must not have changed a project’s host 3 times during the current week.
- User must not have changed a project’s host 6 times during the current month.
- User must pass captcha.
- User must own the project they’re trying to change the host for.
- The project must be on a banned host.
You would think that these are some hard rules to break right? Not really, anyone can just make lots of account, and the next month abuse those accounts by getting more hosts banned and switching to a non-banned host.
Even if glitch ratelimits the amount of accounts that can be created the user could always use some free vpn, even if Glitch decided to add phone number verification they could just use some receive free sms service.
In the end, Glitch looses, the only real solution is to require a user to be paying to be able to switch host, that way even if a user manges to get glitch’s host banned they still get earnings from it, and the paying thing will scare away most of the abusive users.