[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"sanity-Uv64q4dyufiTl9NEeoDJS3HgTGXD0HkXUX9WbZlbsWY":3,"sanity-3CNTelQwd8oC9D8C6hkYcqA-ZVVviv_EdI-fKinx8Bc":355},{"data":4,"sourceMap":-1},{"latestPodcast":5,"latestReleases":14,"post":39,"recent":330},[6],{"_id":7,"publishedAt":8,"slug":9,"sponsored":12,"title":13},"f83eb5f0-1237-487f-84d8-f7abf2318c39","2026-06-25T07:40:00.000Z",{"_type":10,"current":11},"slug","code-isnt-causing-your-production-failures",null,"Code isn’t the only thing causing your production failures",[15,21,27,33],{"_id":16,"publishedAt":17,"slug":18,"title":20},"eb5b66eb-9410-4329-83bb-22bbff39402a","2026-04-28T13:00:00.000Z",{"_type":10,"current":19},"turn-scattered-knowledge-into-trusted-intelligence","Turning scattered knowledge into trusted intelligence: Stack Internal 2026.3",{"_id":22,"publishedAt":23,"slug":24,"title":26},"369c2401-b62e-4a37-8ff8-bf603023ecad","2026-03-02T15:03:00.988Z",{"_type":10,"current":25},"what-s-new-at-stack-overflow-march-2026","What’s new at Stack Overflow: March 2026",{"_id":28,"publishedAt":29,"slug":30,"title":32},"5e9053a4-07ea-447c-91ea-29e0b6228537","2026-02-02T15:00:00.000Z",{"_type":10,"current":31},"what-s-new-at-stack-overflow-february-2026","What’s new at Stack Overflow: February 2026",{"_id":34,"publishedAt":35,"slug":36,"title":38},"a1b538eb-a8a6-46d0-80a1-ac70ec9bb935","2026-01-05T10:00:00.000-05:00",{"_type":10,"current":37},"what-s-new-at-stack-overflow-january-2026","What’s new at Stack Overflow: January 2026",{"_createdAt":40,"_id":41,"_rev":42,"_type":43,"_updatedAt":44,"author":45,"body":59,"comments":302,"dateUrl":303,"excerpt":111,"legacyBody":304,"product":12,"publishedAt":307,"slug":308,"sponsored":12,"tags":310,"title":329,"visible":302},"2023-05-25T09:36:57Z","wp-post-3370","07ZbrKPSUrjrV4wQ6fI9rD","blogPost","2023-07-13T14:54:20Z",[46],{"_createdAt":47,"_id":48,"_rev":49,"_type":50,"_updatedAt":51,"avatar":52,"employee":54,"name":55,"role":56,"slug":57},"2023-05-23T16:27:18Z","wp-author-114","07ZbrKPSUrjrV4wQ6fam8u","blogAuthor","2023-08-29T11:49:01Z",{"_type":53},"image","former","Jeff Atwood","Co-founder",{"current":58},"jeffatwood",[60,80,89,97,105,112,120,125,162,186,202,207,223,242,250,257,267,274,282,290],{"_key":61,"_type":62,"children":63,"markDefs":78,"style":79},"da13cd652a5b","block",[64,69,74],{"_key":65,"_type":66,"marks":67,"text":68},"da13cd652a5b0","span",[],"Stack Overflow is somewhat unique in that we encourage participation of essentially anonymous, random programmers. Our idea is to ",{"_key":70,"_type":66,"marks":71,"text":73},"da13cd652a5b1",[72],"strong","radically reduce the bar for participation",{"_key":75,"_type":66,"marks":76,"text":77},"da13cd652a5b2",[],", and take one giant leap of faith:",[],"normal",{"_key":81,"_type":62,"children":82,"markDefs":87,"style":88},"a9f7104d94e4",[83],{"_key":84,"_type":66,"marks":85,"text":86},"a9f7104d94e40",[],"Trusting our users.",[],"h2",{"_key":90,"_type":62,"children":91,"markDefs":96,"style":79},"752fe427aea5",[92],{"_key":93,"_type":66,"marks":94,"text":95},"752fe427aea50",[],"Well, most of them, anyway. We have the typical hurdles in place to prevent bots from gaming our system: JavaScript and \"too fast to be human\" triggered CAPTCHA. This works in conjunction with community use of the offensive flag, which auto-deletes any post after 5 users tag it \"offensive\", and traditional downvoting. This system has been fairly effective to date. We've only had a handful of spam and trolling, and it's all been handled with a minimum of fuss or impact to the typical Stack Overflow user.",[],{"_key":98,"_type":62,"children":99,"markDefs":104,"style":79},"f4adae6dfe72",[100],{"_key":101,"_type":66,"marks":102,"text":103},"f4adae6dfe720",[],"That is, until tonight, when we were hit by a malicious user of a type we haven't seen before:",[],{"_key":106,"_type":53,"alt":107,"asset":108,"caption":111,"markDefs":12},"056f9909d9c6","stack-overflow-malicious-user",{"_ref":109,"_type":110},"image-3326137b31812398e01ad4b84c92690cbb11d16a-600x468-png","reference","",{"_key":113,"_type":62,"children":114,"markDefs":119,"style":79},"93df5fc07b7f",[115],{"_key":116,"_type":66,"marks":117,"text":118},"93df5fc07b7f0",[],"In a way, I suppose I should thank this user for doing this on a Friday night when traffic levels are pretty low. Here's my official response:",[],{"_key":121,"_type":53,"alt":122,"asset":123,"caption":111,"markDefs":12},"fc3b990447bd","vandalized-2pac",{"_ref":124,"_type":110},"image-b8eccd4367bb64136c51b2deb0a59ba08f62d82d-359x500-jpg",{"_key":126,"_type":62,"children":127,"markDefs":158,"style":79},"bc32f90e5688",[128,132,137,141,145,149,154],{"_key":129,"_type":66,"marks":130,"text":131},"bc32f90e56880",[],"How does it feel when ",{"_key":133,"_type":66,"marks":134,"text":136},"bc32f90e56881",[135],"em","we",{"_key":138,"_type":66,"marks":139,"text":140},"bc32f90e56882",[]," vandalize ",{"_key":142,"_type":66,"marks":143,"text":144},"bc32f90e56883",[135],"you",{"_key":146,"_type":66,"marks":147,"text":148},"bc32f90e56884",[],", Mr. ",{"_key":150,"_type":66,"marks":151,"text":153},"bc32f90e56885",[152],"202b9ed89cc1","Tupac Shakur",{"_key":155,"_type":66,"marks":156,"text":157},"bc32f90e56886",[],"? Eh? Not so good, I bet!",[159],{"_key":152,"_type":160,"href":161,"reference":12},"link","http://en.wikipedia.org/wiki/Tupac_Shakur",{"_key":163,"_type":62,"children":164,"markDefs":185,"style":79},"5f9da2a114c3",[165,169,173,177,181],{"_key":166,"_type":66,"marks":167,"text":168},"5f9da2a114c30",[],"But in all seriousness, the surprising thing here is that this user was ",{"_key":170,"_type":66,"marks":171,"text":172},"5f9da2a114c31",[135],"not",{"_key":174,"_type":66,"marks":175,"text":176},"5f9da2a114c32",[]," a bot. Our anti-bot stuff would be challenging to get around. ",{"_key":178,"_type":66,"marks":179,"text":180},"5f9da2a114c33",[72],"It was an actual human being, entering the CAPTCHAs, cutting and pasting text into every post.",{"_key":182,"_type":66,"marks":183,"text":184},"5f9da2a114c34",[]," We verified this by looking at the logs, and the timestamps on the entries. The times are slow and variable, not at all what you'd expect to see from a bot.",[],{"_key":187,"_type":62,"children":188,"markDefs":201,"style":79},"ab731606138b",[189,193,197],{"_key":190,"_type":66,"marks":191,"text":192},"ab731606138b0",[],"Wow. How bored is ",{"_key":194,"_type":66,"marks":195,"text":196},"ab731606138b1",[135],"this",{"_key":198,"_type":66,"marks":199,"text":200},"ab731606138b2",[]," guy? (And yeah, it's always a guy, who are we kidding.) I'm not going to name any names, here, but we tracked all the IPs that this activity came from and they were all geographically similar.",[],{"_key":203,"_type":53,"alt":204,"asset":205,"caption":111,"markDefs":12},"e44ec140fbed","the-country-which-shall-not-be-named",{"_ref":206,"_type":110},"image-46eda862277549d75dcc4a652558e4aaf49e955c-459x396-jpg",{"_key":208,"_type":62,"children":209,"markDefs":222,"style":79},"116ea703899c",[210,214,218],{"_key":211,"_type":66,"marks":212,"text":213},"116ea703899c0",[],"As if I needed ",{"_key":215,"_type":66,"marks":216,"text":217},"116ea703899c1",[135],"another",{"_key":219,"_type":66,"marks":220,"text":221},"116ea703899c2",[]," reason to hate Kangaroos and Koalas.",[],{"_key":224,"_type":62,"children":225,"markDefs":239,"style":79},"42bfa6979c3a",[226,230,235],{"_key":227,"_type":66,"marks":228,"text":229},"42bfa6979c3a0",[],"I've been thinking for a while that we should have more stringent throttles on new users, ",{"_key":231,"_type":66,"marks":232,"text":234},"42bfa6979c3a1",[233],"f8e4658624c6","rate limits for asking and answering questions",{"_key":236,"_type":66,"marks":237,"text":238},"42bfa6979c3a2",[],". This human spam storm was my excuse to implement them. So, effective immediately...",[240],{"_key":233,"_type":160,"href":241,"reference":12},"http://stackoverflow.uservoice.com/pages/general/suggestions/126742-limit-the-rate-at-which-a-user-can-submit-questions",{"_key":243,"_type":62,"children":244,"markDefs":249,"style":88},"37f9b5894639",[245],{"_key":246,"_type":66,"marks":247,"text":248},"37f9b58946390",[],"If you're a new user, with reputation below 100:",[],{"_key":251,"_type":62,"children":252,"markDefs":256,"style":88},"18696532c5e8",[253],{"_key":254,"_type":66,"marks":255,"text":111},"18696532c5e80",[],[],{"_key":258,"_type":62,"children":259,"level":264,"listItem":265,"markDefs":266,"style":79},"9f4ac94d1335",[260],{"_key":261,"_type":66,"marks":262,"text":263},"9f4ac94d13350",[],"You may only post 1 question every 20 minutes",1,"number",[],{"_key":268,"_type":62,"children":269,"markDefs":273,"style":88},"fdb658980c98",[270],{"_key":271,"_type":66,"marks":272,"text":111},"fdb658980c980",[],[],{"_key":275,"_type":62,"children":276,"level":264,"listItem":265,"markDefs":281,"style":79},"7a0e821137c9",[277],{"_key":278,"_type":66,"marks":279,"text":280},"7a0e821137c90",[],"You may only post 1 answer every 3 minutes",[],{"_key":283,"_type":62,"children":284,"markDefs":289,"style":79},"0ebaff983d97",[285],{"_key":286,"_type":66,"marks":287,"text":288},"0ebaff983d970",[],"This is tracked at the IP address level, so multiple posts from the same IP, even as different \"users\", will still be blocked.",[],{"_key":291,"_type":62,"children":292,"markDefs":301,"style":79},"1d44bdf6db09",[293,297],{"_key":294,"_type":66,"marks":295,"text":296},"1d44bdf6db090",[],"So ",{"_key":298,"_type":66,"marks":299,"text":300},"1d44bdf6db091",[135],"take that, Australian wanna-be Tupac Shakur!",[],true,"2009/02/21",{"code":305,"language":306},"\u003Cp>Stack Overflow is somewhat unique in that we encourage participation of essentially anonymous, random programmers. Our idea is to \u003Cstrong>radically reduce the bar for participation\u003C/strong>, and take one giant leap of faith:\u003C/p>\n\u003Ch2>Trusting our users.\u003C/h2>\n\u003Cp>Well, most of them, anyway. We have the typical hurdles in place to prevent bots from gaming our system: JavaScript and \"too fast to be human\" triggered CAPTCHA. This works in conjunction with community use of the offensive flag, which auto-deletes any post after 5 users tag it \"offensive\", and traditional downvoting. This system has been fairly effective to date. We've only had a handful of spam and trolling, and it's all been handled with a minimum of fuss or impact to the typical Stack Overflow user.\u003C/p>\n\u003Cp>That is, until tonight, when we were hit by a malicious user of a type we haven't seen before:\u003C/p>\n\u003Cp>\u003Cimg src=\"http://stackoverflow.blog/wp-content/uploads/2017/02/stack-overflow-malicious-user.png\" alt=\"stack-overflow-malicious-user\">\u003C/p>\n\u003Cp>In a way, I suppose I should thank this user for doing this on a Friday night when traffic levels are pretty low. Here's my official response:\u003C/p>\n\u003Cp>\u003Cimg src=\"http://stackoverflow.blog/wp-content/uploads/2017/02/vandalized-2pac.jpg\" alt=\"vandalized-2pac\">\u003C/p>\n\u003Cp>How does it feel when \u003Cem>we\u003C/em> vandalize \u003Cem>you\u003C/em>, Mr. \u003Ca href=\"http://en.wikipedia.org/wiki/Tupac_Shakur\">Tupac Shakur\u003C/a>? Eh? Not so good, I bet!\u003C/p>\n\u003Cp>But in all seriousness, the surprising thing here is that this user was \u003Cem>not\u003C/em> a bot. Our anti-bot stuff would be challenging to get around. \u003Cstrong>It was an actual human being, entering the CAPTCHAs, cutting and pasting text into every post.\u003C/strong> We verified this by looking at the logs, and the timestamps on the entries. The times are slow and variable, not at all what you'd expect to see from a bot.\u003C/p>\n\u003Cp>Wow. How bored is \u003Cem>this\u003C/em> guy? (And yeah, it's always a guy, who are we kidding.) I'm not going to name any names, here, but we tracked all the IPs that this activity came from and they were all geographically similar.\u003C/p>\n\u003Cp>\u003Cimg src=\"http://stackoverflow.blog/wp-content/uploads/2017/02/the-country-which-shall-not-be-named.jpg\" alt=\"the-country-which-shall-not-be-named\">\u003C/p>\n\u003Cp>As if I needed \u003Cem>another\u003C/em> reason to hate Kangaroos and Koalas.\u003C/p>\n\u003Cp>I've been thinking for a while that we should have more stringent throttles on new users, \u003Ca href=\"http://stackoverflow.uservoice.com/pages/general/suggestions/126742-limit-the-rate-at-which-a-user-can-submit-questions\">rate limits for asking and answering questions\u003C/a>. This human spam storm was my excuse to implement them. So, effective immediately...\u003C/p>\n\u003Ch2>If you're a new user, with reputation below 100:\u003C/h2>\n\u003Ch2>\u003C/h2>\n\u003Col>\u003Cli>You may only post 1 question every 20 minutes\u003C/li>\n\u003C/ol>\u003Ch2>\u003C/h2>\n\u003Col start=\"2\">\u003Cli>You may only post 1 answer every 3 minutes\u003C/li>\n\u003C/ol>\u003Cp>This is tracked at the IP address level, so multiple posts from the same IP, even as different \"users\", will still be blocked.\u003C/p>\n\u003Cp>So \u003Cem>take that, Australian wanna-be Tupac Shakur!\u003C/em>\u003C/p>","html","2009-02-21T12:00:00.000Z",{"current":309},"new-question-answer-rate-limits",[311,319,324],{"_createdAt":312,"_id":313,"_rev":314,"_type":315,"_updatedAt":312,"slug":316,"title":318},"2023-05-23T16:43:21Z","wp-tagcat-community","9HpbCsT2tq0xwozQfkc4ih","blogTag",{"current":317},"community","Community",{"_createdAt":312,"_id":320,"_rev":314,"_type":315,"_updatedAt":312,"slug":321,"title":323},"wp-tagcat-company",{"current":322},"company","Company",{"_createdAt":312,"_id":325,"_rev":314,"_type":315,"_updatedAt":312,"slug":326,"title":328},"wp-tagcat-design",{"current":327},"design","Design","New Question / Answer Rate Limits",[331,337,343,349],{"_id":332,"publishedAt":333,"slug":334,"sponsored":12,"title":336},"28e560af-f0aa-4d46-bd90-f435ad604aa7","2026-06-26T14:00:27.102Z",{"_type":10,"current":335},"paging-charity-how-can-engineering-leaders-avoid-becoming-bond-villains","Paging Charity! How can engineering leaders avoid becoming Bond villains?",{"_id":338,"publishedAt":339,"slug":340,"sponsored":12,"title":342},"4b22c2a3-3779-4966-93eb-5230391dbdce","2026-06-23T14:08:58.595Z",{"_type":10,"current":341},"your-ai-shipped-a-backend-that-boots-that-is-the-whole-problem","Your AI shipped a backend that boots. That is the whole problem.",{"_id":344,"publishedAt":345,"slug":346,"sponsored":12,"title":348},"5cf362e1-fe7b-45af-b69c-914731c6a052","2026-06-23T14:00:00.000Z",{"_type":10,"current":347},"the-2026-developer-survey-is-now-open-for-human-developers-only","The 2026 Developer Survey is now open (for human developers only)!",{"_id":350,"publishedAt":351,"slug":352,"sponsored":12,"title":354},"30b995f7-7cb9-4dd8-bf71-d0685940a32b","2026-06-19T14:00:00.000Z",{"_type":10,"current":353},"dispatches-from-o-reilly-from-capabilities-to-responsibilities","Dispatches from O'Reilly: From capabilities to responsibilities",{"data":356,"sourceMap":-1},{"count":357,"lastTimestamp":358},2,"2023-08-29T09:00:22Z"]