Signup abuse detection and blocking

Signup abuse detection and blocking 1.5.0

No permission to buy ($45.00)
  • Require XF2.1+, drop XF2.0 support
  • Harden Content Link Checker to hopefully not cause regex errors with some versions of php
  • Support using a proxy service for port scans (bundled script/port_scanner.php provided. Host port_scanner.php on a webserver somewhere, and then enter the URL into the relevant add-on option)
  • Like
Reactions: NixFifty
  • Fix that a user could be reported as multi-accounting themselves (ie token being upgraded/replaced)
  • Fix possible "Please enter a value for the required field 'username'." when a user hits rate limiting on a login attempt
  • When merging a user, do not damage the record indicating that source user was detected as a multi-account for target user
  • Improve handling of deleted(or merged) users when rendering multi-account detection events
  • Reduce some redundant queries when viewing reports
  • Fix "Please enter a value for the required field 'username'." when handing a legacy alter-ego login. Note; this did not block logging in
  • Fix that legacy token upgrades would unexpectedly cause multi-account reporting to trigger
  • Fix "LogicException: Attempted to set 'active' while a save was pending without forceSet " (Tapatalk workaround)
  • Fix Missing phrase in user change log
  • Option to full delete all user multi-account records for GDPR compliance
  • Display user state in multiple-account report
  • Fix SQL error during user merge completion
  • Fix spam-trigger logs not being saved for rejected users which are not saved
  • Fix performance regression when doing user merging