Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.16.7

No permission to buy ($45.00)
Check that you've updated to the latest version, or have changed the 'country timezone - unknown' option. The initial defaults for the 'browser timezone matched to country' had bad defaults.

That did the trick! Thank you, i've must have overseen it.
 
  • Like
Reactions: ENF
@Moshe1010
By default this add-on doesn't ship with any domains being known. This must be built up for each site, the approve action in the approval queue should have an add email domain to known or banned list.
  • "accept" is a score of 0, and is just informational.
    "moderate" means it the direct rule has indicated the registration should be moderated. Rather than based on scoring thresholds.
  • "reject" means it the direct rule has indicated the registration should be rejected. Rather than based on scoring thresholds.
I'll need to look into why the block doesn't support RTL but it is likely the spam trigger isn't sanely supporting it either.
 
@Moshe1010
By default this add-on doesn't ship with any domains being known. This must be built up for each site, the approve action in the approval queue should have an add email domain to known or banned list.
  • "accept" is a score of 0, and is just informational.
    "moderate" means it the direct rule has indicated the registration should be moderated. Rather than based on scoring thresholds.
  • "reject" means it the direct rule has indicated the registration should be rejected. Rather than based on scoring thresholds.
I'll need to look into why the block doesn't support RTL but it is likely the spam trigger isn't sanely supporting it either.
Thanks. Where can I find the phrase accept and moderate? I can't seme to find them in phrases.
 
got a quick question for you @Xon. I go to the FlyerTalk forum quite a bit. Whenever I browse there with my VPN on I get this message:

flyertalk.webp

i see that its a cloudflare thing, but is it possible to setup some kind of message like this with the power of the addon?
 
i see that its a cloudflare thing, but is it possible to setup some kind of message like this with the power of the addon?
you can block users or send them to approval queue based on several criteria on registration with this addon, but not on every request (you would have to look up too many IPs and that's also not the purpose of this addon as far as I can tell). ;)
 
  • Like
Reactions: Xon
you can block users or send them to approval queue based on several criteria on registration with this addon, but not on every request (you would have to look up too many IPs and that's also not the purpose of this addon as far as I can tell). ;)
no no you misunderstood. i'm not asking it to flag every single IP, i'm wondering if it was possible when it flags an IP or some other suspicious signup detail, to generate a block screen like the one i posted.
 
By default this add-on doesn't ship with any domains being known. This must be built up for each site, the approve action in the approval queue should have an add email domain to known or banned list.

where does it list email domains? Mine has been blocking gmail.com for example from day one
 
where does it list email domains? Mine has been blocking gmail.com for example from day one
Gmail isn't on the default block list. You have to configure that. If it's blocking Gmail it's for a specific reason or you have configured it that way.
You'll want to look under "Connection Profiling - Passive" in the configuration page to see the email settings.
 
Outright banned emails are under admin.php?banning/emails

Check the Non-allowed email action option for the add-on, I do not recommend 'rejected' (the default is 'none').
 
  • Like
Reactions: ENF
Outright banned emails are under admin.php?banning/emails

Check the Non-allowed email action option for the add-on, I do not recommend 'rejected' (the default is 'none').

no no, my problem is we are moderating too many actual members. We are catching the spammers too, but too many real members get moderated. For example...

Screenshot_7.webp
"unknown email domain failed". I don't see gmail, yahoo, etc as being unknown but can't figure out how to get it "known". Not to mention unknown browser timezone and unknown browser language.

I don't know what direct rule selection means.

I like the addon Xon, but IMO its a bit complicated with limited explanation of what things do.
 
I think in these cases “unknown” means “not listed for specific treatment”, so it means those domains (etc) are not set up with scores in the addon.

Why the users are getting moderated isn’t clear. A score of 0 would usually mean there’s nothing much wrong but something is triggering that “direct rule”.
 
Some of those phrases definitely need some changes.

I don't know what direct rule selection means.
It is moderated because a rule directly says it should be moderated. Compared to the score being over some threshold.

I think in these cases “unknown” means “not listed for specific treatment”, so it means those domains (etc) are not set up with scores in the addon
Yup.
 
We do have an Add-on that deals with reports, unfortunately report type MultipleAccount doesn't return anything useful in getContentMessage

PHP:
/**
 * @param Report|\SV\SignupAbuseBlocking\XF\Entity\Report $report
 * @return string|\XF\Phrase
 */
public function getContentMessage(Report $report)
{
    return '';
}

Could this be changed? :)
 
Back
Top Bottom