Experimenting with the GitLab honeypot


There is a hidden feature in GitLab that would help fight the spam accounts created (about one every week). It caught my attention when I read a blog post mentioning it has a positive effect.

I’ll activate it on https://lab.enough.community using:

root@gitlab-host:/srv# docker exec --user git -it gitlab bundle exec rails console
 GitLab:       13.5.4 (7f5f940041c) FOSS
 GitLab Shell: 13.11.0
 PostgreSQL:   11.8

Loading production environment (Rails
irb(main):002:0> Feature.enable(:invisible_captcha)
=> true
irb(main):002:0> Feature.enabled?(:invisible_captcha)
=> true

And let it rest for a few weeks. There does not seem to be a convenient way to figure out if it is effective though. Fingers crossed :crossed_fingers: