Alter Ego Detector 1.7.8

[Xon]

Alter Ego Detector 1.5.6 does.

What do we need to tell the creator of that Add-on in order to have them fix this serious bug?

Alter Ego Detector 1.5.6 has the following options:

• Create a report - Report centre doesn't log IPs, threads created by it do not.
• Create a thread - Prevent IP's being set.
• Create a Conversation - Fails to prevent IP's being set (fix done).

Our Alter Ego reports as "Create Thread". We recently also switched our XenForo to create Reports as Threads instead of using the Report Center.

This really isn't a desirable scenario. Just using the add-on's native thread creation option.

 

[Xon]

@XFuser please try disabling all other add-ons and reporting something on your forum

 

[XFuser]

@XFuser please try disabling all other add-ons and reporting something on your forum

We can't do that as some of our Add-ons are critical to our site.

The XF Developers said the problem was with an Add-on that creates threads. The only Add-on that does that is yours.

How can we fix this?

 

[Xon]

We can't do that as some of our Add-ons are critical to our site.

The XF Developers said the problem was with an Add-on that creates threads. The only Add-on that does that is yours.

How can we fix this?

I'm unable to replicate this with just AED 1.5.6 enabled on my testing forum, you will need to-do the typical disable add-ons one-by-one until the problem goes away.

Just reporting a some content should be enough to see if it has an IP. If it does, it isn't AED as it only uses the standard XenForo code to create a thread and doesn't hook that process.

You must do some sort of isolation testing by disabling an add-on at a time to see what is causing this!

The thread's created by reports sent to a folder do not contain an IP address, and it is simple to check any threads this add-on creates.

Conversations where missed as it isn't a standard user visible option.

 

[Xon]

Xon updated Alter Ego Detector with a new update entry:

Bugfix update

• If the conversation reporting option is used, ensure IP address isn't logged as part of the message.

Read the rest of this update entry...

 

[Xon]

How can we fix this?

You need to post (or PM me) more configuration information. Are you using shared IP detection, and if so what timeframe do you have on it? Have you done any queries to see what content shares the IP?

Even then, there is a limit on how much time I have available for supporting this add-on.

 

[iorGian]

thank you very much. greate update and also good to know that it works greate with https://xenforo.com/community/resources/sonnb-stop-spam-here.1086/
Cheers m8, keep doing the greate job!

 

[XFuser]

Xon updated Alter Ego Detector with a new update entry:

Bugfix update



Read the rest of this update entry...

What bug did you fix? We're not using conversation reporting in your add-on, we're using create thread. You seemed to have fixed a different bug.

You need to post (or PM me) more configuration information. Are you using shared IP detection, and if so what timeframe do you have on it? Have you done any queries to see what content shares the IP?

Even then, there is a limit on how much time I have available for supporting this add-on.

Here are all the settings that are ENABLED with the criteria in [] brackets:

• Redeploy Cookie
• Check Banned Users
• Check IP's [Set to 9999 minutes old]
• Show Detection Methods
• Create thread?
• Start report
• Registration Mode (general) [None]
• Notify front-end on alter-ego registration
• Registration Mode (for banned or specific groups) [None]
  

Please advise how to fix. Thank you.

 

[Xon]

@XFuser Check IP's can potentially match very old content and can cause false positives if not carefuly used. I'ld recommend <5 minutes or even turning it off.

As for why the user's shared an IP in the first place, you will need to run some SQL queries. Someone like @MattW can assist in locating the content linked to the IP records resulting in the users being defined as sharing an IP.

 

[Joeychgo]

Is there a way to exclude specific users?

I have a member who's son is also a member. Different names, but they login from the same computer

 

[teletubbi]

Either you set this in permission to bypass for each of them on a per user base or like i did create a usergroup alter ego where only this permission is set.
With user groups makes more sence if you have more of them.

 

[Xon]

Is there a way to exclude specific users?

I have a member who's son is also a member. Different names, but they login from the same computer

If you are using "report" notification method, resolve the report (rather than reject it). otherwise set the bypass permission which disables all alter-ego checking for the relevent account.

 

[Joeychgo]

set the bypass permission which disables all alter-ego checking for the relevent account.

How?

 

[CTXMedia]

How?

• Create a usergroup called: Alter Ego Bypass
• Leave all permissions as Not Set (No) with the exception of Bypass Alter Ego Checking - set this to Allow
• Save the usergroup

Simply add anyone to this usergroup that you want to exclude from the alter ego checks.

Cheers,
Shaun

Note: For users sharing the same house / workplace / device / connection you'll need to put all of their respective user accounts into the bypass usergroup otherwise you'll continue to get reports.

 

[Joeychgo]

• Create a usergroup called: Alter Ego Bypass
• Leave all permissions as Not Set (No) with the exception of Bypass Alter Ego Checking - set this to Allow
• Save the usergroup

Simply add anyone to this usergroup that you want to exclude from the alter ego checks.

Cheers,
Shaun

Note: For users sharing the same house / workplace / device / connection you'll need to put all of their respective user accounts into the bypass usergroup otherwise you'll continue to get reports.

Seems unnecessarily sloppy and complicated way of achieving this. Perhaps this could be improved in a future version.

 

[Case]

Seems unnecessarily sloppy and complicated way of achieving this. Perhaps this could be improved in a future version.

Seems a fairly standard way of implementing such an exclusion through the powerful xenForo permissions system to me... but each to their own.

 

[Joeychgo]

Seems a fairly standard way of implementing such an exclusion through the powerful xenForo permissions system to me... but each to their own.

Creating an entire usergroup just to exclude a small number of members from this mod is sloppy IMO. A simple "exclude" button on the members user page would seem to be much simpler and cleaner.

 

[teletubbi]

simple "exclude" button on the members user page would seem to be much simpler and cleaner.

Where is the different?
With the button you have to hit it.
Same like you add the user to a usergroup.

Both are 1 click.

 

[XFuser]

More details related to the serious IP Address bug:

https://xenforo.com/community/threa...ears-as-admin-ip-address.118884/#post-1085044

Please advise urgently.

 

[XFuser]

@Mike has confirmed that this bug is in the Alter Ego Detector Add-on:

If the listed post was generated by AE, it would be something that has to be resolved there (with @Xon).

Please confirm urgently once this serious bug has been fixed. Thank you.