Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.15.6

No permission to buy ($45.00)
Overview FAQ Updates (105) Reviews (21) History Discussion
You will need to check the 'Email rules' section which does pattern matching. The current defaults wouldn't match a +1 on that gmail address but since I can't see the entire thing it is hard to say.
 
Xon said:
You will need to check the 'Email rules' section which does pattern matching. The current defaults wouldn't match a +1 on that gmail address but since I can't see the entire thing it is hard to say.
Click to expand...
Yea I was like there's no way the default (which I have) will detect Gmail but perhaps it's the numbers in the username before @gmail that caused the email trigger.

And then I also have the ASN triggering on legit sign ups. Any idea why? Default settings too for ASN.
 
Some ISPs are legit but where spammy sources in the past, the default list is fairly opinionated.
 
Xon said:
Some ISPs are legit but where spammy sources in the past, the default list is fairly opinionated.
Click to expand...
It is opinionated, but it's not always wrong with even some of the legit members that come out of some those on the default list.

John917 said:
And then I also have the ASN triggering on legit sign ups. Any idea why? Default settings too for ASN.
Click to expand...
As Xon mentioned, the default list is opinionated, but you really have to tune these tools to your own needs. We've made so many modifications to the default settings over the past couple of years, just to get it perfectly tuned or at least as close as possible to perfect for our own needs.

When the ASN gets triggered, you have to investigate who it belongs to and why it's triggered. We block a LOT of VPN's and some of the default ASN list that Xon put in covers a percentage of these, but it's constantly moving target that requires attention. If you determine that the ASN trigger is blocking members you want, just remove it from the list.
 
ENF said:
When the ASN gets triggered, you have to investigate who it belongs to and why it's triggered. We block a LOT of VPN's and some of the default ASN list that Xon put in covers a percentage of these, but it's constantly moving target that requires attention. If you determine that the ASN trigger is blocking members you want, just remove it from the list.
Click to expand...
This is why the ASN links to peeringdb.com and getipintel.com is used to help classify IPs which are probably going to be unknown.

It sure as heck beats trying to block individual IPs
 
Xon said:
It sure as heck beats trying to block individual IPs
Click to expand...
1000% (y)

Although, I will throw this out there as something we have experienced. One of the challenges that has come up since we entered the post-COVID world is people travelling again. We found out that these temporary eSIM providers that people use for mobile data services when travelling, do some incredulous things with their traffic. I mentioned above that we are restrictive on VPN usage, and it turns out that some of these eSIM firms are routing their traffic through some of these VPN services/servers OR just leased hardware/nodes from various cloud providers that happened to also be hosting VPN nodes for some the common names you see advertised.

We got a lot of complaints about people being blocked because of those restrictions we have in place. We ran a campaign to gather information from people who were willing to fill out the survey and most issues came from these temporary eSIM or physical SIM card providers, used by tourists.
 
When this Add-on ins installed URLs like https://www.domain.tld/index.php?register/connected-accounts/facebook&setup=1 are redirected to https://www.domain.tld/login/register/connected-accounts/?setup=1 which then generates a 404.
 
You must log in or register to reply here.
Top Bottom