Signup abuse detection and blocking

Signup abuse detection and blocking [Paid] 1.15.6

No permission to buy ($45.00)
Just upgraded and now have 3 people saying they can't sign-up. I'm also getting errors in my error log. I've attached the error over at your site. Please take a look. Thanks
 
Can confirm.

Code:
ParseError: syntax error, unexpected '$query' (T_VARIABLE) src\addons\SV\SignupAbuseBlocking\Spam\Checker\Asn\Cymru.php:61
 
The latest update (1.8.8.1 on XF2.1) is broken, no one is able to register.

Error: Class name must be a valid object or a string
src/addons/SV/SignupAbuseBlocking/Spam/Checker/EmailDomain.php:36


I fixed this by reverting this change on line 38 of EmailDomain.php:
1609390356221.png


Replace this:
PHP:
$duringRegistration = Globals::$duringRegistration :: false;
if (!$email || !$duringRegistration)

with:
PHP:
if (!$email || !Globals::$duringRegistration)
 
Last edited:
The latest update (1.8.8.1 on XF2.1) is broken, no one is able to register.

Error: Class name must be a valid object or a string
src/addons/SV/SignupAbuseBlocking/Spam/Checker/EmailDomain.php:36


I fixed this by reverting this change on line 38 of EmailDomain.php:
View attachment 243167


Replace this:
PHP:
$duringRegistration = Globals::$duringRegistration :: false;
if (!$email || !$duringRegistration)

with:
PHP:
if (!$email || !Globals::$duringRegistration)
Confirmed.
 
Apologies for the last few buggy releases. :(

That line should be;
PHP:
$duringRegistration = Globals::$duringRegistration ?? false;
 
Last edited:
I've enabled the option to detect VPN but I'm getting this error when I attempt to register using a vpn:
Your registration has been rejected as it resembles spam-like or automated behaviour.
Is this the error users should see if they are rejected because they are using a VPN?
 
This add-on is a tool-kit for preventing most spam, and while the defaults are decent this add-on is not set-and-forget.

There is an option to remove all information this add-on tracks for a user when their account is deleted, but that doesn't prevent the add-on from tracking and rediscovering additional accounts.

Also define "GDPR compliant". It is perfectly acceptable to retain tracking and identifying information of users under GDPR for core business functions. Such as preventing abuse of service.
 
I understand that IP Checking/Date range should check whether new user IP address matches some previous one.

But when set it to 10 minutes, new registration info still shows matches with IP addresses used a month ago?
 
The ip check feature checks the XF IP table with the date limit, so that IP was used recently.
 
Here is a potential issue. Stopforumspam acts on three elements: user name, email address and IP. On a new forum with only a few members, people may well register with a common user name like Dave which is quite likely to be in the Stopforumspam database.
Therefore matching the user name should carry less weight than matching the IP or email address. In fact, I want to automatically block everyone who matches on the IP or email in Stopforumspam, but put people who match on the user name into the moderation queue.
So I'm asking whether this differentiation could be added. Or is this something that's in the core and difficult to change?
Thanks.
 
Top Bottom