Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.15.6

No permission to buy ($45.00)
We have pretty common situation that a user creates account having typo in email address. Such account remains in state "Awaiting email confirmation". After some time such user creates a new account with correct email address. This add-on properly detects it as a duplicate.

The thing is that in approval queue there is no information about previous account email address nor its status, which would help make a better decision. So supermoderators (which do not have access to admin panel and don't see all the facts) reject such new user account instead of approving it.

Still having this issue. The goal is to provide more info in approval queue, so supermoderators can quickly establish if there is a typo in email address for previously registered account.

To do that is it possible to provide account status, email address and reject reason to $phraseData in MultipleAccount.php.

So sv_reg_log.multi_account_moderate phrase could be changed from:
Code:
Moderating, Multiple account - {method} - Username: {username}, UserId: {user_id}
to:
Code:
Moderating, Multiple account - {method} - Username: {username}, UserId: {user_id}, Status: {status}, E-mail: {email}, Reject reason: {reject_reason}

Although displaying UserId field is not necessary at all.

There is a similar content in other sv_reg_log.multi_account* phrases, probably they should be modified, too.
 
Last edited:
That information is a snapshot, and some of what you are after isn't easily accessible. I've been busy finishing updating some add-ons to XF2.2, and probably will not have time to look at improving this till start of next year
 
Will this do the work in Spam/Checker/MultipleAccount.php:
Code:
$phraseData = [
    'method'   => $methods,
    'username' => $data->user->username,
    'user_id'  => $data->user->user_id,
	/* New fields below */
    'user_state'  => $data->user->user_state,
	'email'  => $data->user->email,
	'reject_reason' => pull reject_reason field using UserReject
];
 
1) To see account state, email address and reject reason change the phrase sv_reg_log.multi_account_moderate to:
Code:
Moderating, Multiple account - {method} - Username: {username}, State: {user_state}, Email: {email}
(removed UserId: {user_id})

Also alter $phraseData array in Spam/Checker/MultipleAccount.php to:
Code:
$user_reject = \XF::app()->find('XF:UserReject', $data->user->user_id);
$phraseData = [
    'method'   => $methods,
    'username' => $data->user->username,
    'user_id'  => $data->user->user_id,
    'user_state'  => $data->user->user_state . ($user_reject ? ' (' . $user_reject->reject_reason . ')' : ''),
    'email'  => $data->user->email,
];

2) It would be good to break down line "Shared IP with rejected users (test54, test53)" into separate rows, like:
Code:
Shared IP with rejected user - Username: {username}, Email: {email}, Reject reason: {reject_reason}

3) Is it possible to skip duplicate report if primary account is in state "Awaiting email confirmation"?
 
Last edited:
That information is a snapshot, and some of what you are after isn't easily accessible. I've been busy finishing updating some add-ons to XF2.2, and probably will not have time to look at improving this till start of next year
I can make a quick suggestion to your improvements list, for on form submission
 
Faced a server issue today with title "[SignupAbuseBlocking] Server appears banned from http://getipintel.net/, disabling getipintel option src/XF/Error.php:75" .

Later I fount in the addon option that Get IP Intel option in unchecked .



Generated by: Unknown account Nov 30, 2020 at 11:41 PM
Stack trace
#0 src/XF.php(190): XF\Error->logError('[SignupAbuseBlo...', true)
#1 src/addons/SV/SignupAbuseBlocking/Spam/Checker/GetIpIntel.php(89): XF::logError('[SignupAbuseBlo...', true)
#2 src/XF/Spam/UserChecker.php(11): SV\SignupAbuseBlocking\Spam\Checker\GetIpIntel->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#3 src/addons/SV/SignupAbuseBlocking/XF/Spam/UserChecker.php(208): XF\Spam\UserChecker->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#4 src/XF/Service/User/Registration.php(180): SV\SignupAbuseBlocking\XF\Spam\UserChecker->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#5 src/addons/SV/SignupAbuseBlocking/XF/Service/User/Registration.php(39): XF\Service\User\Registration->checkForSpam()
#6 src/XF/Pub/Controller/Register.php(415): SV\SignupAbuseBlocking\XF\Service\User\Registration->checkForSpam()
#7 src/addons/SV/SignupAbuseBlocking/XF/Pub/Controller/Register.php(61): XF\Pub\Controller\Register->actionRegister()
#8 src/XF/Mvc/Dispatcher.php(350): SV\SignupAbuseBlocking\XF\Pub\Controller\Register->actionRegister(Object(XF\Mvc\ParameterBag))
#9 src/XF/Mvc/Dispatcher.php(257): XF\Mvc\Dispatcher->dispatchClass('XF:Register', 'Register', Object(XF\Mvc\RouteMatch), Object(SV\SignupAbuseBlocking\XF\Pub\Controller\Register), Object(XF\Mvc\Reply\Reroute))
#10 src/XF/Mvc/Dispatcher.php(113): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(SV\SignupAbuseBlocking\XF\Pub\Controller\Register), Object(XF\Mvc\Reply\Reroute))
#11 src/XF/Mvc/Dispatcher.php(55): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#12 src/XF/App.php(2300): XF\Mvc\Dispatcher->run()
#13 src/XF.php(465): XF\App->run()
#14 index.php(20): XF::runApp('XF\\Pub\\App')
#15 {main}
 
Faced a server issue today with title "[SignupAbuseBlocking] Server appears banned from http://getipintel.net/, disabling getipintel option src/XF/Error.php:75" .

Later I fount in the addon option that Get IP Intel option in unchecked .



Generated by: Unknown account Nov 30, 2020 at 11:41 PM
Stack trace
#0 src/XF.php(190): XF\Error->logError('[SignupAbuseBlo...', true)
#1 src/addons/SV/SignupAbuseBlocking/Spam/Checker/GetIpIntel.php(89): XF::logError('[SignupAbuseBlo...', true)
#2 src/XF/Spam/UserChecker.php(11): SV\SignupAbuseBlocking\Spam\Checker\GetIpIntel->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#3 src/addons/SV/SignupAbuseBlocking/XF/Spam/UserChecker.php(208): XF\Spam\UserChecker->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#4 src/XF/Service/User/Registration.php(180): SV\SignupAbuseBlocking\XF\Spam\UserChecker->check(Object(Datio\AllowedEmails\XF\Entity\User), Array)
#5 src/addons/SV/SignupAbuseBlocking/XF/Service/User/Registration.php(39): XF\Service\User\Registration->checkForSpam()
#6 src/XF/Pub/Controller/Register.php(415): SV\SignupAbuseBlocking\XF\Service\User\Registration->checkForSpam()
#7 src/addons/SV/SignupAbuseBlocking/XF/Pub/Controller/Register.php(61): XF\Pub\Controller\Register->actionRegister()
#8 src/XF/Mvc/Dispatcher.php(350): SV\SignupAbuseBlocking\XF\Pub\Controller\Register->actionRegister(Object(XF\Mvc\ParameterBag))
#9 src/XF/Mvc/Dispatcher.php(257): XF\Mvc\Dispatcher->dispatchClass('XF:Register', 'Register', Object(XF\Mvc\RouteMatch), Object(SV\SignupAbuseBlocking\XF\Pub\Controller\Register), Object(XF\Mvc\Reply\Reroute))
#10 src/XF/Mvc/Dispatcher.php(113): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(SV\SignupAbuseBlocking\XF\Pub\Controller\Register), Object(XF\Mvc\Reply\Reroute))
#11 src/XF/Mvc/Dispatcher.php(55): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#12 src/XF/App.php(2300): XF\Mvc\Dispatcher->run()
#13 src/XF.php(465): XF\App->run()
#14 index.php(20): XF::runApp('XF\\Pub\\App')
#15 {main}

getipintel.net said:
-5 Your connecting IP has been banned from the system or you do not have permission to access a particular service. Did you exceed your query limits? Did you use an invalid email address? If you want more information, please use the contact links below.

You must enter an valid email address to enable this feature without being banned. It is possible you where hitting it with too much traffic, and they might require you to switch to a paid account.

Either way, you'll need to reach out to the person running the service; http://getipintel.net/free-proxy-vpn-tor-detection-api/#Contact
 



You must enter an valid email address to enable this feature without being banned. It is possible you where hitting it with too much traffic, and they might require you to switch to a paid account.

Either way, you'll need to reach out to the person running the service; http://getipintel.net/free-proxy-vpn-tor-detection-api/#Contact

So it's a paid plan ! :( I did not know .
 



You must enter an valid email address to enable this feature without being banned. It is possible you where hitting it with too much traffic, and they might require you to switch to a paid account.

Either way, you'll need to reach out to the person running the service; http://getipintel.net/free-proxy-vpn-tor-detection-api/#Contact

This is my current config and my entered email ID is valid too as it's my primary email ID:
2020-12-01_172728.webp

Is there still anything wrong ?
 
getipintel rate limiting said:
There's a rate limit 15 requests / minute to prevent abuse as well as a burst parameter set to ensure smoothing of traffic. If you hit any of these limits, the web server will return a 429 error. Please do not exceed 500 queries per day. The limits may change based on abuse and/or server load which will be posted on twitter and at least one week in advance. If you need guaranteed resources and/or more queries, please contact me. In most cases, the cost is significantly less than other paid services.
They do offer a free plan. But frankly 500 registration attempts per day is a lot.
 
Top Bottom