Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.15.6

No permission to buy ($45.00)
Overview FAQ Updates (105) Reviews (21) History Discussion
I want to ask how to get the part that says {country} at the bottom.
  • 0. Unknown browser language: tr-TR,tr;q=0.9,en-US;q=0.8,en;q=0.7, {country}
  • 0. Unknown browser timezone: Europe/Moscow, {country}
 
  • ErrorException: [SignupAbuseBlocking] User registered from an unroutable address/private address. This may be a BGP hijacking, or server configuration is not passing a real IP to XenForo
  • src/XF/Error.php:77


this is an interesting one.

Code: 
Checking: xxx, xxx@gmail.com, 192.168.0.198
Hostname detected: 192.168.0.198
Registration form completed: 62 sec
Moderate, No IP threat score for private IPs (possible BGP hijackings?)
+0. Unknown email domain: gmail.com
0. Unknown browser language: ko,en;q=0.9,en-US;q=0.8,ja;q=0.7 in {country}
0. Unknown browser timezone: Asia/Tokyo in {country}
Total score: 0
Moderated. Direct rule selection

xxx = removed info.
 
That error doesn't block registration, but it is likely a server configuration issue. For a public forum, you really should not be seeing that.
 
ActorMike said:
Just a heads up to everyone and @Xon. Facebook recently was sending me messages telling me they needed the login for my Forums. They were very vauge. Finally the clown tells me that he's trying to test the facebook login and it's telling him
"We have received your email and we apologize for any inconvenience caused to you, while reviewing we were not able to login into the website using FB as it is leading error (Your account has been rejected for the following reason: VPN or IP Anonymizer such as Windscripe/Apple iCloud private relay are not permitted during registration. Log out of your account and then log back in. )we just need to test credentials to login We don't need any admin access or we just need to check the fb sign up functionality from our end. So request you to send fb credentials and let us know so that we will review the app accordingly."

and sent this screenshot below. Obviously, they got blocked because they are in Singapore, and are using an IP address that a typical user would not be using https://whatismyipaddress.com/ip/165.225.113.43

Anyway, I approved the account so they can test the facebook login.

View attachment 280544
Click to expand...

Is this VPN-specific message shown when VPN's are detected/rejected, or did you just customize spam_prevention_registration_rejected? I've been trying to figure out how to show a VPN-specific message, as it'd be much more helpful for rejected users.

@Xon It'd be cool if there were a box below each rejected radio option on the ACP > Options > Signup abuse detection and blocking page where we could specify a phrase to display to the rejected user.
 
I updated to PHP 8.2 and got this error:

An exception occurred: [Error] Call to undefined method XF\Entity\User::canViewMultiAccountReport() in src/addons/SV/SignupAbuseBlocking/Report/MultipleAccount.php on line 22
  1. SV\SignupAbuseBlocking\Report\MultipleAccount->canViewContent() in src/XF/Report/AbstractHandler.php at line 19
  2. XF\Report\AbstractHandler->canView() in src/XF/Entity/Report.php at line 45
  3. XF\Entity\Report->canView() in src/XF/Mvc/Entity/AbstractCollection.php at line 328
  4. XF\Mvc\Entity\AbstractCollection->XF\Mvc\Entity\{closure}()
  5. array_filter() in src/XF/Mvc/Entity/AbstractCollection.php at line 197
  6. XF\Mvc\Entity\AbstractCollection->filter() in src/XF/Mvc/Entity/AbstractCollection.php at line 325
  7. XF\Mvc\Entity\AbstractCollection->filterViewable() in src/XF/Pub/App.php at line 307
  8. XF\Pub\App->updateModeratorCaches() in src/XF/Pub/App.php at line 200
  9. XF\Pub\App->start() in src/XF/App.php at line 2483
  10. XF\App->run() in src/XF.php at line 524
  11. XF::runApp() in index.php at line 20

I also get the error trying 8.1
 
Last edited:
@dethfire this sounds like your site's class extension cache was corrupted somehow. Can you rebuild any add-on, that should force various caches to be rebuilt.
 
Xon updated Signup abuse detection and blocking with a new update entry:

1.15.0 - Feature update

  • Require Standard Library by Xon v1.18.0+.
  • Fix "Allowed email domains" admincp page didn't assert a specific admin permission
  • Fix warning being logged when viewing Signup Abuse blocking options & Content Title history add-on is enabled
  • Detect multi-account usage for api-token logins (exposed via Frictionless Login 3rd party add-on)
  • Update default ASN block lists, this does not affect existing sites.
  • Ensure https://getipintel.com API integration is configured by default. ...
Click to expand...

Read the rest of this update entry...
 
Last edited:
Question on capability to do the following with your addons:

New user registers their postings require approval before viewing until they hit 5 approved posts. However, the admins don't have an easy way to track approvals among themselves. Approval might be held off for some reason that another admin doesn't know of. Is there a way to automatically create a report or post or ticket etc.. for new user while they are still in review phase?

I use most of your addons so wasn't sure if you knew a way to setup the above function.
- David
 
David G said:
New user registers their postings require approval before viewing until they hit 5 approved posts. However, the admins don't have an easy way to track approvals among themselves. Approval might be held off for some reason that another admin doesn't know of. Is there a way to automatically create a report or post or ticket etc.. for new user while they are still in review phase?
Click to expand...
Somewhat.

When Report Improvements is installed; if content has a report it gets hidden by default from the approval queue.

Except for the first post of a thread because the approval queue backend is a troll. But at least it displays the linked report.
 
Is there a way to cause a post to create a report automatically? I can use your signup abuse to put new registrations in a special group with *|addtoGroup on username. Would be good if any post from that group gets auto report.
 
David G said:
Is there a way to cause a post to create a report automatically? I can use your signup abuse to put new registrations in a special group with *|addtoGroup on username. Would be good if any post from that group gets auto report.
Click to expand...
Not currently sorry!

Report Center Essentials adds a 'report' button to the approval queue however.
 
Xon updated Signup abuse detection and blocking with a new update entry:

getipintel integration & shared hosting

The getipintel feature has a 500 queries per day limit on the free plan.

When using shared hosting, this include XenForo Cloud, you may receive the following error:
[SignupAbuseBlocking] Server appears banned from https://getipintel.net/, disabling getipintel option
Click to expand...

If this happens, you can contact getipintel for information about a paid plan. Re-enabling the integration using the free plan may result in further (and longer lasting) IP bans from this service.
Click to expand...

Read the rest of this update entry...
 
Xon updated Signup abuse detection and blocking with a new update entry:

1.15.2 - Bugfix & maintainance update

  • Fix setting up tor detection configuration on new install
    • It was adding a "1" to the server field, which was causing a redundant DNS lookup which should fail
  • Update Tor scoring to support non-numeric scoring (ie explicit reject/moderate/add-to-group/none)
  • For new installs, enable "Show Detection Methods" option by default.
    • This option will likely be removed in future releases and always enabled
Click to expand...

Read the rest of this update entry...
 
You must log in or register to reply here.
Top Bottom