Signup abuse detection and blocking 1.20.5

• Fix cloudflare ip geolocation failing for content anti-spam checks
• Fix new multi-account reports where created with the wrong user

• Fix error logs would be spammed with missing maxmind database key
• Improve validation of the "Multi-account report user" option on upgrade to detect if the linked user is missing or the option missconfigured

• Fix entity not found error on allowed-email-domains page for XF2.3
• Fix logins by ip list included non-existent .less
• Fix logins by ip pagination from user edit page dropped the user filter, and had inconsistant number of items for the full list

• php 8.4+ compatibility
• XF2.3 compatibility
• Rename permission "View reportings" to "View multiple account reports"
• Fix csv import/export of allowed email domains didn't work
• Fix viewing anti-spam options page did not highlight the anti-spam options sidebar as active
• Fix shared email link detection did not also check for shared IP usage between the affected users
• Fix multi-account detection would fail to log events if "Multi-account report user" was invalid
• Fix missing return value for XF\Spam\ContentChecker::logSpamTrigger
• Fix error when viewing multi-accounts referencing deleted users
• Fix url canonization for connected account registration would result in broken redirect
• Ensure "Multi-account report user" has a valid user set if non is set by selecting the 1st valid user on the forum on install/upgrade/rebuild
• Remove "accept & report" feature as it is completely broken
• Remove "Notify front-end on multiple account registration" option
• Remove The "Detection method matching mode" option (ip/ip&cookie/cookie) as it was a foot-gun
  • IP matches are a low quality signal that needs a strong signal before multi-account detection triggers
  • IP only multi-account matches which can be removed with the CLI command xf-rebuild:sv-prune-ip-only-multi-account-matches
• On login, the ASN (aka ISP) and country are captured and preserved into a more durable log than XF's IP table
• Reduce number of queries hitting the ASN/Country geolocation providers by querying the local login/registration records with the minimum viable IP routing subnet
  • This is effectively a /24 for IPv4 and /48 for IPv6.
• Add CLI xf-rebuild:sv-enrich-login-records command to trigger binding ASN/Country to login records.
  Strongly recommend setting up MaxMind over using paid API calls as this will generate a significant number of queries for ASN/Country values
• Add MaxMind integration for geoip and asn resolving. This requires an API key.
  • Signup page: https://www.maxmind.com/en/geolite2/signup
  • Key processioning page: https://www.maxmind.com/en/accounts/current/license-key/
  • Copy the key to the "MaxMind GeoIP License Key" option
• MaxMind auto-update can be opt'ed out via disabling the "Update MaxMind databases" option, which describes which MaxMind databases are used
• Add signup throttling - rate limit signups
  • Configurable window to apply throttling limits (ie X seconds/minutes/hours/etc)
  • Throttle by IP/ASN/Country, and if XenCentral/MultiSite is installed by site
  • Signup limits automatically based on daily registrations with min/max values, or a fixed value
• New multiple account display page, under Users => Multiple accounts
  • Paginated list of recent users which have triggered multiple accounts
  • Displays users which have been linked together, and first/last time these have been detected

• Fix "Banned emails must be unique. The specified banned email is already in use" occurring when banning the same email domain multiple times in the same approval run
• Adjust various "ASN related phrases to be more consistent

• Update link to team-cymru's ip to ASN mapping service
• Fix spam-check for account details page would check non-editable custom fields and custom fields not on that page

• Fix error blocking a user editing their account details when spam checking was required, and a custom field had been set on their profile and then the custom field was deleted.

• Fix some options where not fully phrased
• Fix detection method "ip and cookie" would not work correctly when email link/api switch was detected
• Spam-check custom fields, website and location when editing account details
  • This was done at signup but not when editing account details

• Fix setting up tor detection configuration on new install
  • It was adding a "1" to the server field, which was causing a redundant DNS lookup which should fail
• Update Tor scoring to support non-numeric scoring (ie explicit reject/moderate/add-to-group/none)
• For new installs, enable "Show Detection Methods" option by default.
  • This option will likely be removed in future releases and always enabled

• On install, only enable getipintel if the "Contact email address" option is a valid email address
• Better handle when getipintel rate-limit is being applied to avoid server IP bans