Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.16.7

No permission to buy ($45.00)
You should be able to get getContentTitle, but there really isn't much point to replicating getContentTitle into getContentMessage. getContentMessage is only used when posting a report to a thread. But the thread creation on a multi-account eveent is handled by the SV/MultipleAccountToThread add-on.

You can always just extend that method and then use this code snippet to build an interesting (or useful) message body:
PHP:
$primaryUser = $report->ReportData->MultipleAccountLogs['primaryUser'] ?? null;
$users = $report->ReportData->MultipleAccountLogs['users'] ?? [];
 
ok so what does Country Timezone do exactly? I mean, does it exclude timezones or accept them?
You can set Timezone evaluation in the admin.php?options/groups/svSignupAbuseBlocking/ "Country Timezone" section of the addon setup. If you feel that a certain timezone carries more risk, you can elevate the scoring for each time zone. The default setting is zero (0) which basically skips this check if all are set to 0.

There are three areas for timezone related settings:
Country Timezone
Country Timezone - Unknown > You can select an action if the timezone comes back as unknown.
Timezone content spam check > Crosschecks content timezone against registration record and applies action if there's a discrepancy.
 
The format is score|country-timezone

I would suggest setting "country timezone - unknown" to "moderated" or a +3 score at most.
 
  • Like
Reactions: ENF
This is what I have. the countries are not selectable. I dont understand what this does or how I should set it.

Code:
0|CA-America/Caracas
0|CA-America/Chicago
0|CA-America/Denver
0|CA-America/Halifax
0|CA-America/Los_Angeles
0|CA-America/New_York
0|CA-America/Phoenix
0|CA-America/St_Johns
0|CC-Asia/Yangon
moderate|CD-Africa/Algiers
+2|CD-Africa/Johannesburg
moderate|CF-Africa/Algiers
moderate|CG-Africa/Algiers
0|CH-Europe/Amsterdam
0|CI-Atlantic/Reykjavik
0|CK-Pacific/Honolulu
0|CL-America/Argentina/Buenos_Aires
0|CL-America/Cuiaba
moderate|CM-Africa/Algiers
0|CN-Asia/Dhaka

Simple enough.
 
Just wanted to let you know that geop ip & content matching works very well!

There was a user that registered from the same country as my forum, so it was accepted. Nothing weird.
Few days later, the same user posted relevant looking content in the same language as my forum, but from location India.
The post went automatically to the approval queue for investigation.
It was very sophisticated spam I would normally not have recognized, but this add-on detected it! (y)
 
If you keep an eye on the software that Spammers use, then it becomes obvious that a way to detect AI generated content would be very welcome. I recently watched some YouTube videos on the topic and it blew me away how advanced their toolbox is and how much more advanced and ahead of us they are getting. I'm not going to post details here for obvious reasons.
Spammers are able to post thousands of unique elaborate AI generated messages per minute to many online forums, and keep replies coming. AI written posts are quite hard to spot by moderators. They often feel off, but mostly do not look like spam until links are edited in or new replies with spam links are added. I know various online forums are just becoming aware of this. @cdub @thomas1

@Xon have you considered doing something with AI content checks on posts? What are your thoughts on this topic?

Here are some AI content checkers:
 
@Xon have you considered doing something with AI content checks on posts? What are your thoughts on this topic?
I've actually done some preliminary work to add content scanning on new or edited content (via regex, but could use a service) but never really finalized it.

One of the blockers is the approval queue just isn't suitable for this thing, and the report system is actually more useful but needs additional UI work to add quick actions for reported content.

I've been fairly busy this last year with other projects so haven't been able to work through the backlog of features I wanted to add to my public add-ons.
 
Just a heads up to everyone and @Xon. Facebook recently was sending me messages telling me they needed the login for my Forums. They were very vauge. Finally the clown tells me that he's trying to test the facebook login and it's telling him
"We have received your email and we apologize for any inconvenience caused to you, while reviewing we were not able to login into the website using FB as it is leading error (Your account has been rejected for the following reason: VPN or IP Anonymizer such as Windscripe/Apple iCloud private relay are not permitted during registration. Log out of your account and then log back in. )we just need to test credentials to login We don't need any admin access or we just need to check the fb sign up functionality from our end. So request you to send fb credentials and let us know so that we will review the app accordingly."

and sent this screenshot below. Obviously, they got blocked because they are in Singapore, and are using an IP address that a typical user would not be using https://whatismyipaddress.com/ip/165.225.113.43

Anyway, I approved the account so they can test the facebook login.

cUBe3X.png
 
The getipintel feature doesn't have a white list. Instead of rejecting to can set to moderated, then approve the account once they signup then tell them to continue the signup workflow.
 
Xon updated Signup abuse detection and blocking with a new update entry:

1.13.4 - Feature update

  • Require php 7.2+
  • Fix score-based option did not correctly show the hint/explain text in admincp
  • Move "Non-allowed email action" option into "Connection Profiling - Passive" group
  • Extend "Writing before registering" spam-checks to use add-on's scoring system, with defaults to moderate if the linked content is moderated or rejected (XF default)
  • Add "[SignupAbuse] Limit user to replies per day" per-forum user-froup permission
    • Limit a member (not guest!) to X...

Read the rest of this update entry...
 
Question, is there anyway to reject/ban a user if they use Chinese characters in their first post? We are getting hammered.
 
Question, is there anyway to reject/ban a user if they use Chinese characters in their first post? We are getting hammered.
Have you seen this thread?

You can add some spam-phrases and also use the add-on @benFF recently released which makes the spam-checker apply based on number of days since registered;
 
Back
Top Bottom