If you reject a user from the approval queue it sets who rejected them. Otherwise it is automatic so there isn't any point.@Xon Please can be add option set username for Rejected by?
The logs are under the AdminCP & logs section. The anti-spam logs are just the standard spam trigger log, and a custom "user registration log" for users who pass and to keep the record for longer than the spam trigger logsAlso user can view log about that Signup abuse detection and blocking?
You can send the domain in theIn the meantime, the only workaround I've found is to set the "Link Spam checker: Registration default action" option to "Allowed".
Link Spam checker: Accept
option, and it will whitelist those domains to not trigger the link checker.
- Update link to team-cymru's ip to ASN mapping service
- Fix spam-check for account details page would check non-editable custom fields and custom fields not on that page
That helps, but I still have to leave the option disabled because it will block people from updating their profile if they put a URL into the "website" profile field that this addon adds to the edit profile page. I have the option "Request website on signup" disabled, but the field still appears in the edit profile page.Xon updated Signup abuse detection and blocking with a new update entry:
1.15.5 - Bugfix update
Read the rest of this update entry...
That is stock XenForo behavior, the website field is hard-coded to display. I might need to add an option to disable showing (and then spam checking) that fieldThat helps, but I still have to leave the option disabled because it will block people from updating their profile if they put a URL into the "website" profile field that this addon adds to the edit profile page. I have the option "Request website on signup" disabled, but the field still appears in the edit profile page.
XF\PrintableException: Job XF:ApprovalQueueProcess: Banned emails must be unique. The specified banned email is already in use. src/XF/Mvc/Entity/Entity.php:1228
Generated by: Unknown account Feb 23, 2024 at 11:53 AM
Stack trace
#0 src/XF/Repository/Banning.php(98): XF\Mvc\Entity\Entity->save()
#1 src/addons/SV/SignupAbuseBlocking/XF/ApprovalQueue/User.php(186): XF\Repository\Banning->banEmail('*@gmail.com')
#2 src/addons/SV/SignupAbuseBlocking/XF/ApprovalQueue/User.php(258): SV\SignupAbuseBlocking\XF\ApprovalQueue\User->doBanEmailDomain(Object(OzzModz\EmailWhitelist\XF\Entity\User))
#3 src/XF/ApprovalQueue/AbstractHandler.php(122): SV\SignupAbuseBlocking\XF\ApprovalQueue\User->actionReject(Object(OzzModz\EmailWhitelist\XF\Entity\User))
#4 src/XF/Job/ApprovalQueueProcess.php(67): XF\ApprovalQueue\AbstractHandler->performAction('reject', Object(OzzModz\EmailWhitelist\XF\Entity\User))
#5 src/XF.php(625): XF\Job\ApprovalQueueProcess->XF\Job\{closure}()
#6 src/XF/Job/ApprovalQueueProcess.php(53): XF::asVisitor(Object(OzzModz\EmailWhitelist\XF\Entity\User), Object(Closure))
#7 src/XF/Job/Manager.php(260): XF\Job\ApprovalQueueProcess->run(8)
#8 src/XF/Job/Manager.php(202): XF\Job\Manager->runJobInternal(Array, 8)
#9 src/XF/Job/Manager.php(118): XF\Job\Manager->runJobEntry(Array, 8)
#10 job.php(22): XF\Job\Manager->runByIds(Array, 8)
#11 {main}
Request state
array(4) {
["url"] => string(8) "/job.php"
["referrer"] => string(38) "/approval-queue/"
["_GET"] => array(0) {
}
["_POST"] => array(5) {
["only_ids"] => array(1) {
[0] => string(7) "3070824"
}
["_xfRequestUri"] => string(16) "/approval-queue/"
["_xfWithData"] => string(1) "1"
["_xfToken"] => string(8) "********"
["_xfResponseType"] => string(4) "json"
}
}
This happens when a moderator attempts to ban the same email domain multiple times from the approval page. If they just ban it once it will not error.@Xon Getting Server error log:
Code:XF\PrintableException: Job XF:ApprovalQueueProcess: Banned emails must be unique. The specified banned email is already in use. src/XF/Mvc/Entity/Entity.php:1228 Generated by: Unknown account Feb 23, 2024 at 11:53 AM Stack trace #0 src/XF/Repository/Banning.php(98): XF\Mvc\Entity\Entity->save() #1 src/addons/SV/SignupAbuseBlocking/XF/ApprovalQueue/User.php(186): XF\Repository\Banning->banEmail('*@gmail.com') #2 src/addons/SV/SignupAbuseBlocking/XF/ApprovalQueue/User.php(258): SV\SignupAbuseBlocking\XF\ApprovalQueue\User->doBanEmailDomain(Object(OzzModz\EmailWhitelist\XF\Entity\User)) #3 src/XF/ApprovalQueue/AbstractHandler.php(122): SV\SignupAbuseBlocking\XF\ApprovalQueue\User->actionReject(Object(OzzModz\EmailWhitelist\XF\Entity\User)) #4 src/XF/Job/ApprovalQueueProcess.php(67): XF\ApprovalQueue\AbstractHandler->performAction('reject', Object(OzzModz\EmailWhitelist\XF\Entity\User)) #5 src/XF.php(625): XF\Job\ApprovalQueueProcess->XF\Job\{closure}() #6 src/XF/Job/ApprovalQueueProcess.php(53): XF::asVisitor(Object(OzzModz\EmailWhitelist\XF\Entity\User), Object(Closure)) #7 src/XF/Job/Manager.php(260): XF\Job\ApprovalQueueProcess->run(8) #8 src/XF/Job/Manager.php(202): XF\Job\Manager->runJobInternal(Array, 8) #9 src/XF/Job/Manager.php(118): XF\Job\Manager->runJobEntry(Array, 8) #10 job.php(22): XF\Job\Manager->runByIds(Array, 8) #11 {main} Request state array(4) { ["url"] => string(8) "/job.php" ["referrer"] => string(38) "/approval-queue/" ["_GET"] => array(0) { } ["_POST"] => array(5) { ["only_ids"] => array(1) { [0] => string(7) "3070824" } ["_xfRequestUri"] => string(16) "/approval-queue/" ["_xfWithData"] => string(1) "1" ["_xfToken"] => string(8) "********" ["_xfResponseType"] => string(4) "json" } }
It's matching the AS (Autonomous System) network ID in the list in the addon settings. There are some default ones in the addon that are known problem sources. You can adjust these on your own... to your specific needs.Can someone tell me what "AS Match" means when new signups are sent to the Approval Queue? I'm getting a significant number of new signups getting sent to the Approval Queue because they have an "AS Match" which assigns them +3 and thus exceeds the threshold I've set. At first glance these all appear to be genuine customers.
../admin.php?options/groups/svSignupAbuseBlocking/
For most users, "AS Match" should probably be renamed as "ISP match". It isn't technically correct but it is the most useful way for end-users to think about it.
- Fix "Banned emails must be unique. The specified banned email is already in use" occurring when banning the same email domain multiple times in the same approval run
- Adjust various "ASN related phrases to be more consistent
The add-on was inconsistent about referencing it as ASN, the last update ensures it says "ASN" rather than "AS" or "Asn" etc. I'm in the middle of a major feature update, and once that is done I'll review how the ASN phrasing is used and likely change the front-end to be more clear that it is aimed at ISP-level blocking.I owned an ISP back in the day. We always used the abbreviation ASN. ISP is probably better for end users though, I agree.
Autonomous System Numbers
An Autonomous System (AS) is a group of one or more IP prefixes (lists of IP addresses accessible on a network) run by one or more network operators that maintain a single, clearly defined routing policy.www.arin.net
I'll look into removing that from the defaults, not sure how it crept in.Thanks for the replies, understood all. l think the issue l was experiencing is that TalkTalk, which is the 4th biggest lSP in the UK, appeared on the list (l have subsequently removed it). As a UK-based forum it was not surprising that a significant amount of my patronage was affected!
Hi, do you know in particular what permission is required, as all my Super Moderators can already “approve / reject users,” and indeed can see any users that are suspect of spam thrown up by this plugin and act upon it, they just cannot see the reports for duplicate accounts.That is up to standard XenForo permissions around "approving users"
Under the "Multiple account handling permissions" group, the "View reportings" permission. Next version I'll update that permission name to be more useful for the filter/search feature.Hi, do you know in particular what permission is required, as all my Super Moderators can already “approve / reject users,” and indeed can see any users that are suspect of spam thrown up by this plugin and act upon it, they just cannot see the reports for duplicate accounts.
We use essential cookies to make this site work, and optional cookies to enhance your experience.