Do you have a geoip service enabled? ie cloudflare set to send the country to your site?
Checking: xxx, xxx@gmail.com, 192.168.0.198
Hostname detected: 192.168.0.198
Registration form completed: 62 sec
Moderate, No IP threat score for private IPs (possible BGP hijackings?)
+0. Unknown email domain: gmail.com
0. Unknown browser language: ko,en;q=0.9,en-US;q=0.8,ja;q=0.7 in {country}
0. Unknown browser timezone: Asia/Tokyo in {country}
Total score: 0
Moderated. Direct rule selection
Just a heads up to everyone and @Xon. Facebook recently was sending me messages telling me they needed the login for my Forums. They were very vauge. Finally the clown tells me that he's trying to test the facebook login and it's telling him
"We have received your email and we apologize for any inconvenience caused to you, while reviewing we were not able to login into the website using FB as it is leading error (Your account has been rejected for the following reason: VPN or IP Anonymizer such as Windscripe/Apple iCloud private relay are not permitted during registration. Log out of your account and then log back in. )we just need to test credentials to login We don't need any admin access or we just need to check the fb sign up functionality from our end. So request you to send fb credentials and let us know so that we will review the app accordingly."
and sent this screenshot below. Obviously, they got blocked because they are in Singapore, and are using an IP address that a typical user would not be using https://whatismyipaddress.com/ip/165.225.113.43
Anyway, I approved the account so they can test the facebook login.
View attachment 280544
spam_prevention_registration_rejected
? I've been trying to figure out how to show a VPN-specific message, as it'd be much more helpful for rejected users.ACP > Options > Signup abuse detection and blocking
page where we could specify a phrase to display to the rejected user.
- Require Standard Library by Xon v1.18.0+.
- Fix "Allowed email domains" admincp page didn't assert a specific admin permission
- Fix warning being logged when viewing Signup Abuse blocking options & Content Title history add-on is enabled
- Detect multi-account usage for api-token logins (exposed via Frictionless Login 3rd party add-on)
- Update default ASN block lists, this does not affect existing sites.
- Ensure https://getipintel.com API integration is configured by default. ...
Somewhat.New user registers their postings require approval before viewing until they hit 5 approved posts. However, the admins don't have an easy way to track approvals among themselves. Approval might be held off for some reason that another admin doesn't know of. Is there a way to automatically create a report or post or ticket etc.. for new user while they are still in review phase?
Not currently sorry!Is there a way to cause a post to create a report automatically? I can use your signup abuse to put new registrations in a special group with *|addtoGroup on username. Would be good if any post from that group gets auto report.
The getipintel feature has a 500 queries per day limit on the free plan.
When using shared hosting, this include XenForo Cloud, you may receive the following error:
[SignupAbuseBlocking] Server appears banned from https://getipintel.net/, disabling getipintel option
If this happens, you can contact getipintel for information about a paid plan. Re-enabling the integration using the free plan may result in further (and longer lasting) IP bans from this service.
- On install, only enable getipintel if the "Contact email address" option is a valid email address
- Better handle when getipintel rate-limit is being applied to avoid server IP bans
- Fix setting up tor detection configuration on new install
- It was adding a "1" to the server field, which was causing a redundant DNS lookup which should fail
- Update Tor scoring to support non-numeric scoring (ie explicit reject/moderate/add-to-group/none)
- For new installs, enable "Show Detection Methods" option by default.
- This option will likely be removed in future releases and always enabled
Thanks for the info.Not currently sorry!
Report Center Essentials adds a 'report' button to the approval queue however.
- Fix some options where not fully phrased
- Fix detection method "ip and cookie" would not work correctly when email link/api switch was detected
- Spam-check custom fields, website and location when editing account details
- This was done at signup but not when editing account details
- Fix error blocking a user editing their account details when spam checking was required, and a custom field had been set on their profile and then the custom field was deleted.
We use essential cookies to make this site work, and optional cookies to enhance your experience.