- Fix "Banned emails must be unique. The specified banned email is already in use" occurring when banning the same email domain multiple times in the same approval run
- Adjust various "ASN related phrases to be more consistent
- Update link to team-cymru's ip to ASN mapping service
- Fix spam-check for account details page would check non-editable custom fields and custom fields not on that page
- Fix some options where not fully phrased
- Fix detection method "ip and cookie" would not work correctly when email link/api switch was detected
- Spam-check custom fields, website and location when editing account details
- This was done at signup but not when editing account details
- Fix setting up tor detection configuration on new install
- It was adding a "1" to the server field, which was causing a redundant DNS lookup which should fail
- Update Tor scoring to support non-numeric scoring (ie explicit reject/moderate/add-to-group/none)
- For new installs, enable "Show Detection Methods" option by default.
- This option will likely be removed in future releases and always enabled
- On install, only enable getipintel if the "Contact email address" option is a valid email address
- Better handle when getipintel rate-limit is being applied to avoid server IP bans
The getipintel feature has a 500 queries per day limit on the free plan.
When using shared hosting, this include XenForo Cloud, you may receive the following error:
[SignupAbuseBlocking] Server appears banned from https://getipintel.net/, disabling getipintel option
If this happens, you can contact getipintel for information about a paid plan. Re-enabling the integration using the free plan may result in further (and longer lasting) IP bans from this service.
- Require Standard Library by Xon v1.18.0+.
- Fix "Allowed email domains" admincp page didn't assert a specific admin permission
- Fix warning being logged when viewing Signup Abuse blocking options & Content Title history add-on is enabled
- Detect multi-account usage for api-token logins (exposed via Frictionless Login 3rd party add-on)
- Update default ASN block lists, this does not affect existing sites.
- Ensure https://getipintel.com API integration is configured by default.
- For existing installs; If this feature has been explicitly turned off, it will not be enabled.
- Ensure various permissions are assigned to the stock admin group:
- [SignupAbuse] Banning email domains
- [SignupAbuse] Banning ASN
- [SignupAbuse] Approving email domains
- Add "Anti-Spam" navigation group under the user block in the admincp, with an updatable list of anti-spam related options.
- Add new "Manage anti-spam" admin permission, automatically assigned to users with "options", which controls managing the above anti-spam options.
- Add
expiry
&ban reason
when banning users via batch user update- Add "Enable open port scan feature" option. This is default disabled, for sites using this feature it must be explicitly enabled
- Fix detection of per-user email links being touched by the wrong user did not generate multi-account reports
- Fix user approval queue entry was always had the last activity added even if the user couldn't view it
We use essential cookies to make this site work, and optional cookies to enhance your experience.