DISCONTINUED: [8WR] XenUtiles (Tools)

DISCONTINUED: [8WR] XenUtiles (Tools) 1.2.2

No permission to download
So... I activated stopforumspam with an API key but I'm not sure it's working. I had a user register that had some email@bypasscaptcha.com, and a few other registered at a string of random letters/numbers@hotmail.com.
Check your Registration Logs:
ACP > Tools > Registration Logs

Does SFS prevent them from registering or what does it do exactly?

There have been no new "spam threads" since I enabled it but I would like to prevent spammers from even registering in the first place if possible.
It prevents them (if SFS match is found) from registering, as you say, in the first place. :)

Also, when I use a Q&A captcha
Stick with XenUtiles plus something like either:
a) KeyCAPTCHA: http://xenforo.com/community/threads/keycaptcha-interactive-captcha.35704 or
b) Solve Media: http://xenforo.com/community/threads/solve-media.36205
 
After having this installed for about a little over week, I have to say I am very impressed. I installed it mainly for the spam stopping capabilities. All I can say is, it hasn't disappointed me. What surprised me, was the extent to which I was being attacked by spammers. I guess my question/answer captcha was doing better than I thought. I thought it wasn't working because I had two or three spammers make it through per day. Little did I know, I was getting hundreds of spammers attempting to register per day. The registration log of XenUtiles showed me this.

The registration log feature is so handy, it lists every spammer that has been blocked by the system, along with some very nice information such as, the IP address, the email address and the username that the spam bot tried to use.

I was so Impressed, I had to click on the donate button and send Jaxel some $$$.

I would though like to make a couple very small suggestions about the registration log for one of the upcoming releases.

The headings; IP, Username, Email.... Make them clickable, so that you can sort based upon that heading. that way, you can identify the spammers/ip's/proxies that are hitting you the hardest and block them at the server level in your .htaccess. Also, make the IP addresses clickable, so that you can trace the IP, or check to see what other users, if any are using that IP.

Other than that, "Hat's off" to you Jaxel! This is by far the most useful add-on that I have found for Xenforo, IMO.
 
Pardon my ignorance, but... the directions say;

Installation:
  • upload the contents of the attached zip to your XF root
  • install from file on server: "library/EWRutiles/addon-EWRutiles.xml"
  • set options in administration control panel
My problem is with step three. I don't know where in the admincp to look. Nor do I know the name I am looking for.

Thanks.
 
AdminCP -> Tools-> XenUtiles (left pane)->Xenutils:Options

If you don't see that option, then you did not properly install the xml file.

For each of the API keys, you will need to apply for an API key from each site. Follow the links on that page to apply at each site.

You will also see a new entry under AdminCP -> Tools->Logs->Registration logs
 
AdminCP -> Tools-> XenUtiles (left pane)->Xenutils:Options

If you don't see that option, then you did not properly install the xml file.

For each of the API keys, you will need to apply for an API key from each site. Follow the links on that page to apply at each site.

You will also see a new entry under AdminCP -> Tools->Logs->Registration logs
Thanks! I got it working now.
 
Is there supposed to be a folder in the root dir for sitemaps ? The installation and execution of sitemaps is lacking.
 
I'd like to 2nd this question.

Someone by the name of "Alice" was denied, simply because her name is common.

IP address and e-mail address should be enough to check

That's one of the things that pissed me off on someone's forum just recently... I tried a few of my usual usernames, and I kept being denied... because my username was listed in StopForumSpam database, but only listed as partial to their database entry for the "username".

Like on here, I use "vVv"... attempted signup on that person's forum and was denied and found it was in their database for like... "vvv1234@hushmail.com" or "vvvJohn1333" or some such. Or like my username "spencerp" that I used before on forums, was listed in their database like "spencerpatrick@blahblah.com" or "spencerp12343@blahblah.com".. .And was being denied with every username I generally use.. >_<.

When I had the vBulletin 4.2.0 StopForumSpam plugin installed, it had option to uncheck username checks, or not to deny usernames as partials or whatever you call it..? lol So when user signs up as "John" .. they're not denied because username "JohnSpammer" is listed in their database.

I've NOT tested this yet. But it would seem it would be as simple as removing the following from

library/EWRutiles/Model/StopForumSpam.php

PHP:
            if (!empty($result['username']['appears']))
            {
                $count++;
                $matches['username'] = new XenForo_Phrase('user_name');
                $errors[] = new XenForo_Phrase('stopforumspam_username', array('username' => $data['username']));
            }

PHP:
            ($data['username'] ? 'username='.rawurlencode($data['username']).'&' : '').

PHP:
            '?username='.rawurlencode($data['username']).

That would remove the check for user names for StopForumSpam.com

NEXT
library/EWRutiles/Model/FSpamlist.php

PHP:
            if (!empty($result[0]['isspammer']) && $result[0]['isspammer'] == 'true')
            {
                $count++;
                $matches['username'] = new XenForo_Phrase('user_name');
                $errors[] = new XenForo_Phrase('fspamlist_username', array('username' => $data['username']));
            }

PHP:
            ($data['username'] ? rawurlencode($data['username']).',' : '').

That would take care of fspamlist.com

NEXT
library/EWRutiles/Model/BotScout.php

PHP:
            if ($result['username'])
            {
                $count++;
                $matches['username'] = new XenForo_Phrase('user_name');
                $errors[] = new XenForo_Phrase('botscout_username');
            }

PHP:
            ($data['username'] ? 'name='.rawurlencode($data['username']).'&' : '').

That would take care of boutscout.com

NEXT (?)
library/EWRutiles/Model/Registration.php
PHP:
            'reglog_username' => $data['username'],

If anyone can confirm this..... It would be helpful. The last one I'm not 100% sure on.

I'll try this once and see if it works.. xD
 
HELP-

I installed this last night (with branding free payment- thanks Jaxel for the great work!), but I just received an email that says a ton of my users have been deleted.

I realize that this is probably my oversight in not setting Unconfirmed Cutoff to 0. I fixed this already, but am wondering if I can re-instate/recover the lost users. Some are infrequent, but valued visitors.

Any ideas? I have automatic backup from my host....just wondering what file I would need to rollback.
.

This is main reason why I didn't install this resource sooner. I rather not have a resource installed and automatically wiping out legit users without my knowledge of it, or reason for it. Resources that just go delete happy, isn't good thing. Nor proper documentation, explaining things. Not saying this resource don't have documentation, just meant in general lol.
 
I've NOT tested this yet. But it would seem it would be as simple as removing the following from

library/EWRutiles/Model/StopForumSpam.php

PHP:
            if (!empty($result['username']['appears']))
            {
                $count++;
                $matches['username'] = new XenForo_Phrase('user_name');
                $errors[] = new XenForo_Phrase('stopforumspam_username', array('username' => $data['username']));
            }

PHP:
            ($data['username'] ? 'username='.rawurlencode($data['username']).'&' : '').

PHP:
            '?username='.rawurlencode($data['username']).

That would remove the check for user names for StopForumSpam.com

NEXT (?)
library/EWRutiles/Model/Registration.php
PHP:
            'reglog_username' => $data['username'],

If anyone can confirm this..... It would be helpful. The last one I'm not 100% sure on.


I had tried this, and also removing the username check in registration.php file together.. It worked. I also tried leaving registration.php file alone without removing anything, and then removing username checks from stopforumspam.php file.. it worked. However, leaving username checks in stopforumspam.php file, then removing username check in registration.php file... gave server error (obviously) lol. Leaving both files alone, without removing anything and signing up as "spencerp"... I got denied, because username was found in their database.

EDIT: Having both files, removal of "username checks", but signing up as known spam email address in their database... gave server error. Uploaded unedited/altered "registration.php" file, and only having stopforumspam.php file edited/removed username check.. worked. So it's best not to edit/remove username check in registration.php file.. Just leave that file alone, and only edit "stopforumspam.php" file. With registration.php file left alone, and stopforumspam.php edits, signing up with "spencerp" and known spam email "ungaizeb69@hotmail.com", I was denied only because of the spam email address. Which worked.

I done this check on JUST stopforumspam.php though, not the others "checked" in options. But I did have their files edited or removed "username checks", but no API code in options, so they're not technically being "called on". I figured I'd do this one at a time...
 
Spam submissions are coming back in the next version. However, to comply with StopForumSpam's new terms of service, submissions are MANUAL ONLY. They will no longer be automatically re-confirmed; this way there isn't an issue with guilt by association created by the mod.

submit.webp
 
Hi Jaxel,

I installed this modification! I really like knowing that I have added protection of spam with this, and the profile spam checker has worked well.

It is interesting how many spammers are attempting to join my site, but they get blocked.

spaminsight.webp

With the sitemap, once it is configured, will I still have to submit each one to Google and bing? I'm currently using the Sitemap for XenForo add on, and would like to switch to this one.
 
Jaxel updated [8wayRun.Com] XenUtiles (Tools) with a new update entry:

Version 1.2.0 CHANGELOG

This is actually a pretty big update...
  • Registration Challenging has been completely revamped! You can now change settings for each system individually. You can disable the challenging of usernames. You can also chose to disable "immediate mode" for the challenge system.
  • Blocked Registrations logged is much nicer now. In addition of informing you of which challenge database has blocked it, you can now submit directly to some of the databases.
  • Account and Profile Spam Finder now...

Read the rest of this update entry...
 
To update we just need to replace EWRutiles directory ?

Thanks.

my guess its like any other update process.. upload the folders in "upload" folder to root/ and run the xml file in "upgrade" area for that resource/XenUtiles... probably from server >_> I'm glad for these changes though.. xD
 
I'm getting the error below from this url: admin.php?utiles/spamlogs

Template Errors: EWRutiles_SpamLogs
  1. Invalid argument supplied for foreach() in /home/xxx/public_html/library/XenForo/Template/Abstract.php(265) : eval()'d code, line 18:
    17: ';
    18: foreach ($logs AS $log)
    19: {
 
I'm getting the error below from this url admin.php?utiles/spamlogs

Template Errors: EWRutiles_SpamLogs
  1. Invalid argument supplied for foreach() in /home/xxx/public_html/library/XenForo/Template/Abstract.php(265) : eval()'d code, line 18:
    17: ';
    18: foreach ($logs AS $log)
    19: {

i guess i aint updating it just yet.. lmfao.. :p
 
  • Like
Reactions: HWS
Top Bottom