EchoJS used to be a great platform when it was barely popular, now that more people know this community, it still relies on ethics to prevent spamming.

Though all communities can be spammed with some effort, what makes EchoJS worse is lack of proper moderation, and due to that, it is highly prone to spam.

Apart from moderation, There are many factors which make spamming very easy on EchoJS.

• No Email Authentication is a terrible idea, it makes account creation very easy.
• No option to delete your posts and accounts.
• No CAPTCHA, atleast for account creation.
• No "Report Spam" option (downvote is not same as Report spam)

Only Spam protection mechanism is rate limiting account creation by IP Address, That would have been effective if accompanied by a CAPTCHA, but, without that, it's useless.

This is the code snippet for creating a new account and upvoting a post,

var axios = require("axios");

var data = await axios({
  url: 'https://www.echojs.com/api/create_account',
  method: 'POST',
  data: 'username='+username+'&password='+password,
  withCredentials: true
});

console.log(data.data);

await axios({
  url: 'https://www.echojs.com/api/votenews',
  method: 'POST',
  data: 'vote_type=up&apisecret='+data.data.apisecret+'&news_id='+post_id,
  headers: {
    cookie: 'auth='+data.data.auth
  }
});

Though limited by IP address, all you have to do is run this code on devices with different IP addresses.

There are lots of online code compilers which run the code on server, new IP address everytime, making the limit useless.

Had this been an Email Authentication and CAPTCHA, it would not be possible to do this through a script.

The decision is up to you, whether you want to run such a community, or, shut it down, atleast temporarily, fix these problems and run it again.

Saying that it's the duty of users to not spam is just transferring the burden. If you refuse to take action now, it's just bad for all users, People can manipulate votes to favour bad posts without ever getting caught.

Thank You For Reading.