Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.8.12

No permission to buy ($45.00)

Joe Link

Well-known member
Your reject reason wasn't actually being shown before this update :(

That's really odd! It seems to be displaying both before and after the update. I have it set to reject anyone with a VPN over at Southwest Firearms. When I turn my VPN (Nord) on and try to register, I see the message (which is what I took a screenshot of).

You've forgotten way more than I know about this stuff so I know better than to argue, but I'm curious as to why I see it (and whether others are seeing it or something different). Maybe you can give it a shot on the site?
 

marshreef

Member
Today i had a user rejected coming from one of the many school district IP ranges.

1614130262429.png
1614130398821.png

1614130441870.png



Is there a way to whitelist particular ASN's? or what is the best way to not have these users rejected.
 

Movie Prop Sites

Active member
@Xon, have a bit of a weird one for you.

For Multi-account Reporting, we have your software create a thread in a specific forum for us.

Here is the title of a typical thread:

UserX has 1 multiple accounts

Here is the body:

On Registration, UserX (Awaiting approval) has the following potential multiple account(s):
UserY (Awaiting email confirmation)
Ignore for future events

Triggered detection methods: Cookie IP address: XX.XXX.XXX.XXX

However, if you edit that body text you see this code:

Code:
[multi_account_block]{"event":1030}[/multi_account_block]

The problem is, we would like to be able to search that forum that only contains those notices for the name "UserY" but the text "UserY" doesn't actually exist within the posts. Is there any way we can do this?
 

Xon

Well-known member
There was an option to embed a static copy into the post "Include raw information into reported content", this effectively disables the permission checking on who can view this information.

This sadly doesn't embed previous versions into search.

I'll need to think about a better solution
 

Joe Link

Well-known member
That's really odd! It seems to be displaying both before and after the update. I have it set to reject anyone with a VPN over at Southwest Firearms. When I turn my VPN (Nord) on and try to register, I see the message (which is what I took a screenshot of).

You've forgotten way more than I know about this stuff so I know better than to argue, but I'm curious as to why I see it (and whether others are seeing it or something different). Maybe you can give it a shot on the site?

@Xon have you had a chance to take a look at this? I've tested it with multiple devices and a VPN, and it appears the message is displaying properly (though we're still getting the errors in the Server Error Log).
 

Xon

Well-known member
The latest version of this add-on contains a work-around for that error, which is very similar to how XF2.2.4 implements it.
 

D.O.A.

Well-known member
They do offer a free plan. But frankly 500 registration attempts per day is a lot.
That reminds me, your add-on was seriously tested by unwanted tiktok users, we didn't get any results though because the server blew up

tumblr_mk5jbtSlLe1qdlh1io1_400.gif

Capture.PNG
 
  • Wow
Reactions: Xon

Xon

Well-known member
It will definitely allow for that. It does have some additional setting you may wish to consider such as ASN blocking (aka ISP), as well as country blocking. These can all be disabled by just blanking the relevant setting. They are grouped up so it is easier to handle.

The getipintel integration (disabled by default) is very useful for identifying unknown-ish problematic signup sources.
 
Top