Signup abuse detection and blocking [Paid] 1.16.12

[Joe Link]

Great, thanks!

 

[smallwheels]

@Xon : Given the reports on this forum lately about the massive rise of AI bots that are scraping content w/o registration I am wondering if it would be possible to extend this add on to not only block signup but also visits of the forum, using ASNs and country codes. Those are already in there and in use in the "Connection profiling - ASN" section, so to extend the possiblities of that would be a very beneficial feature for those who don't use Cloudflare and are on shared hosting (so lacking a configurable firewall and in most cases apache mod_asn as well). Clearly a brilliant way to shoot oneself in the foot as well - but as stated this add on is "no turnkey solution" anyway already. Would absolutely love that!

PS: Would also be happy with this feature being an extension to the add on or a separate add on.

 

[Xon]

If you want to block by ASN's I recommend using clouldflare so the traffic never reaches your site.

 

[smallwheels]

If you want to block by ASN's I recommend using clouldflare so the traffic never reaches your site.

I try to avoid Cloudflare as they have become much too powerful. They are in a way as close to a monopoly as Google has become. And, as Google has already done, from solving problems they are becoming part of the problem. So I try to stay away from them as long as I can.

 

[Alpha1]

I'm noticing an uptick in spammers that quote a post with links, then edit those links or add their own. Its easy to overlook.
As well as AI spammers posting 800 word posts with a link hidden in it somewhere.
It starts to go beyond the attention span of a human. Some AI analysis would be quite helpful to highlight what and where the issue is.
This may be beyond the scope of this addon. Though I think this will only get more frequent and advanced.

 

[Suzanne O]

Gotta get this re-newed.

 

[Fraize_Websleuths]

I love this plugin, but the one thing on my wishlist is to make it available to my admin team. Right now, only Super User Administrators can see the Anti-Spam node in the Users admin panel.

 

[Xon]

They need the Manage anti-spam and Manage users and moderators admin permissions

 

[Fraize_Websleuths]

They need the Manage anti-spam and Manage users and moderators admin permissions

Thanks for your quick reply. I thought that would be the issue, but the Anti-Spam panel only appears if I've set the user as a super-admin.

Environment:

• Xenforo-hosted 2.3.7
• Add-Ons:
  • Themehouse User Criteria Extended 1.0.7 Patch Level 3
  • [XB] Badges 2.3.7
  • Better Analytics 1.1.2.2
  • Gift Upgrades 2.5.3
  • Search Improvements 2.17.0
  • Signup abuse detection and blocking 1.16.11
  • Standard Library 1.22.6
  • Ultimate Content Display 1.1.6
  • XF Enhanced Search 2.3.7
  • XF Redirects for vBulletin 1.1.9

What I've tested:

• User set-up:
  • Test-user added as a regular administrator with all permissions selected: FAILED
  • Checked 'Show advanced control panel options: FAILED
  • Selected Super administrator: SUCCEDED
• Environment:
  • Incognito Chrome browser, no plugins. Safari Private mode, no plugins.
  • Logging out and logging in again

 

[Xon]

Xon updated Signup abuse detection and blocking with a new update entry:

1.16.12 - Bugfix update

• Fix rare internal server error on XF2.3 after deleting a user

Read the rest of this update entry...

 

[dutchbb]

With 'Service flags' can oflags=i be added like b&oflags=i of just add i?

And is iCloud Relay then excluded?

 

[Xon]

The oflags feature isn't supported yet and I don't yet have a timeline for supporting it. I would need to consider how to surface this into the registration logs/approval queue.

Let me know if you are interested in funding that as a priority feature.

 

[smallwheels]

A somewhat stupid question regarding usage:

I had a user end up in moderation for posts, as the country of his IP during registration did not match the the country of his IP during the first posts. So far so good (and desirable).

It turned out the the user is ok, so I'd like to release him for that barrier. How would I do that? Did not find a way and can only hope that this option builds on the general XF spam-management option/setting "moderate first x posts of the user".

Still: Is there a way to release a user from being set to moderation early/at all?