- Reduce false positives from country/language matching.
- Remove various
0|countryCode-language-countryCode
entires from the "Country language" option as these are no longer required.- Update options "Country timezone - Unknown" and "Country language - Unknown"
- Update defaults to more sensible values
- Change options "Country timezone - Unknown" and "Country language - Unknown" from "moderate" to "none" scoring due to v1.11.1 having bad defaults.
- Explicitly report unknown language/timezone rather than giving it a score (or not)
- Fix php 8.1 compatibility bug on user registration when multi-account detection triggers
- Fix php 8.1 compatibility bug in non-cloudflare TOR detection
- Fix a too long reject reason from the approval queue would be truncated instead of allowing to error
- Fix GeoIP country from the ASN lookup when no other GeoIP provider is configured
- Fix error viewing multi-account logs for a user which had a linked account that was fully-deleted instead of disabled
- Add rules trigger scoring based on browser language, with initial defaults based on official langauges per country
- Add rules trigger scoring based on browser timezone, with initial defaults based on XF supported timezones per country
- Add defaults for permissions;
- [SignupAbuse] Banning ASN
- [SignupAbuse] Approving email domains
- [SignupAbuse] Banning email domains
- Add content spam checker to verify various signup details match the what is used for the content:
- "Asn content spam check action" (Default: Allowed)
- "GeoIp content spam check action" (Default: Moderated)
- "Language content spam check action" (Default: Allowed)
- "Timezone content spam check action" (Default: Allowed)
- On signup, log required on signup fields (website/location/date-of-birth) into user change log
- Add option "Show date of birth in approval queue" option, default false. If true, the date of birth fields are rendered as a single field instead of 3 fields.
- Detect cases where User B uses User A's email/password reset links as a multi-account.
- When multi-account report creator validation fails, log an error to help diagnose why
- Fix handling DuplicateKeyException when detecting multiple accounts
- When preventing internal errors in this add-on from blocking login:
- Catch
Throwable
(php7+) which is broader thanException
- Rethrow exceptions when development is enabled, not when debug mode is enabled.
- Fix caching not occurring for external API calls if a caching provider is not setup
- Fix "Undefined offset: 2" from ASN resolver attempting to extract a country when using non-Team Cymru/Ripe ASN providers.
- Guard against add-ons which incorrectly implement XenForo Entities or content types when generating a list of content-types for the options;
This is known to affect add-ons by the Vault Wiki author who refuse to implement core XenForo functionality correctly
- Approval queue - skip click-to-shrink
- Link Spam checker: Default action (by content type)
- Fix migrating add-on multi-accounts records from XF 1.x 'alter ego detector' records
- Fix ipregistery asn lookup support
- Report GeoIP/ASN API errors to the XF error log and do not swallow them
- Fix bad links to known email providers in the approval queue
- Fix "Ban ASN" option not appearing in approval queue
- Use ipStack/ipApi/ipregistry geo/asn providers if configured over cloudflare/Cymru
- Fix ASN lookup for ipApi/ipregistry
- Fix "Ban ASN" feature (ErrorException: Job XF:ApprovalQueueProcess: [E_WARNING] preg_match_all(): Unknown modifier '/')
- On display of registration logs, correctly encode URLs.
- Compatibility fix with New Registration Email add-on
We use essential cookies to make this site work, and optional cookies to enhance your experience.