Restrict Activation of Projects

Let’s face it, we’re in trouble. If someone wants someone to have a hard time at glitch they can easily make it impossible for them to run new projects. The problem is that they can easily unleash a autopinger on projects which the user owns that aren’t important.
I’ve got quite a lot of projects and most of them are for testing. Just one person can make it impossible for my important projects to run.
I’m suggesting a new system to be put in place called “Start Permissons”. What this does is that when we receive a request to project someproject.glitch.me, we can redirect them to a page called glitch.com/project/start?name=someproject. If the user is a collaborator in the project he/she can start the project or there could be a setting to start the project immediatley and redirect back to the project url to get the standard glitch loading screen. If the user is not a collaboration they can be asked if they want to remix the project.

I don’t think an infrastructure change is necessary to mitigate this potential issue. If you’re worried about your projects being abused you can mark them as private so they’re not visible on your profile and then change their name to have a random hash at the beginning or end (ie my-project-32ad1f9ca1.glitch.me). Then the only way someone could sabotage your project would by brute force pinging every possible *.glitch.me subdomain which I imagine would get shutdown rather quickly because it would be detected as a DDoS.

Personally the appeal of Glitch to me is the public facing side of it. If I was running test projects that weren’t meant for public use I’d spin up an AWS instance or a VM on my desktop. I don’t want any hurdles to users accessing my projects, registered or otherwise.

1 Like

I want to create small projects to share with the community like templates for other projects so I can’t make the private.

1 Like

Has this been an issue for you or is this a hypothetical? I’ve found the entire Glitch community to be nothing but accepting and cooperative, and that includes Glitch itself. The service is very understanding and responsive, especially considering it’s free.

If someone were to be trying to inhibit a user’s projects that would be violating the ToS:

While accessing or using the Services, you may not: … Interfere with, or disrupt or attempt to interfere with or disrupt, the access of any User, host, or network, including, without limitation, by sending a virus to, spamming, or overloading the Services, or by scripted use of the Services in such a manner as to interfere with or create an undue burden on the Services.

I have no doubt that if some bad actor was doing this and Glitch Support was made aware the affected user would be taken care of.

perhaps you should create a permissions system, where the owner can modify wether that member of the project can read, write or do certain things.

1 Like

@17lwinn OP is referring to the notion of other users being able to burn through a particular project’s request quota simply by visiting the application.

1 Like

maybe you could disable the preview?