Recent content by smallwheels

If you care for security instead for security theater password change is counterproductive, good passwords are not. Threfore I'd rather recommend the usage of this add on: https://xenforo.com/community/resources/password-tools.6704/

Maybe the situation regarding filtering will somewhat improve with XF 2.4 https://xenforo.com/community/threads/custom-field-improvements-filtering-and-more.235686/ Until now there exist add ons for filtering using custom fields but frankly said in my eyes Resource Manager is pretty horrible...

We now have a living example what happens when even just a single person starts posting useless AI slop into a forum and does not stop doing so but seems even proud of it, no matter of the reactions. Could someone please stop it? This is pathetic.

Advice given in complete ignorance of the problem and what is requested as well as in ignorance that what you recommend has already been ruled out makes pretty bad advice overall.... This seems understandable: As it seems to be rather about keeping the thing online cheaply than performance...

Maybe you should have read more than just the start posting of the thread but rather the 11 pages followig it until now. Then you'd have realized that your ill-led "advice" does not work at all.

IP Tread Monitor does that and it is indeed very helpful: https://xenforo.com/community/resources/xtr-ip-threat-monitor.10134/ While from architectural point of view it is not optimal to have the protection layer run within the application that shall be protected itself and (also expectably)...

It is already there if you use this much recommended add on as part of it: https://xenforo.com/community/resources/andrew-moderator-panel.8131/ Not sure that all staff member have / should have the permission for IP-search.

/admin.php?users/search -> tab "search by IP-address" Not, that's incorrect. Discouraging an IP means that users coming from that IP will suffer from artificially created issues as if the had connection problems. Given you question and assumption it would probably be a good idea to read through...

Basically this would be user profiling. I'd assume the data is already there and with an add on it would be usable as well. With an Ai it would probably relatively easy to detect anomalies. However: I am not keen on spying on my users and would prefer to avoid it.

That would be the most positive outcome one could think of. However: I do not think this is realistic and if so clearly not longterm. These bots never sleep, they don't get stopped by captchas, 2-factor or any currently known mechanism. They write like humans and behave like humans, so it is...

Bad news: We should be prepared for a huge wave of a new category of AI powered scraping bots and spambots in possibly very near future. Background: Two weeks ago an open source project named Open Claw started to get a lot of hype within the AI nerd scene. It was first released in Nov. last...

Read the docs and you'll find out. It is literally explained directly on the homepage of the service: https://www.usercheck.com/. Should not be too hard and recommended anyway if you are interested in an add on that deals with user data. "Work email" is anything that is neither a free mailer...

Fully agreed that the bot identification built into XF leaves a lot to be desired to say it politely. As far as I understand it is solely based on the submitted user agent plus if this user agent is marked as bot in the database. So it dates back to way friendlier and more honest times a couple...

I am wondering how you do that, given that at the moment most of the bot traffic comes from resident proxies and until now no solution on the market is able to identify them reliably and to full extend (inc. massive corps like Couldflare taht do this for a living)? Could explain this?

I would not buy that. The IPs belong to AS209372 (WS Telecom) which is well known for all kinds of malicious activity coming from there. An ASN well worth blocking - you won't miss anything but have less trouble. Their Website looks legit on first sight and creates the impression of an American...