Signup abuse detection and blocking [Paid] 1.16.11
- Thread starter Xon
- Start date
ENF
Well-known member
You need to show an example from the User Registration Log to show what part of their registration is being rejected.
../admin.php?logs/user-registration/Example: (We're looking for lines with 'rejected')
In this example above, this user was rejected because of the source network (ASN).
There's also a moderation flag fo IP thread score, but this would not trigger a direct rejection in this example.
If you can show us an example, we can help ID the reason for rejections.
My immediate guess is the IP scoring, since that's a common one.
Spam trigger log (or user registration log) will have the exact details of what triggered it
I'm getting a lot of users either rejected or placed onto moderation because they are using the Apple iCloud Private Relay. This, on its own, wouldn't be enough to trigger sufficient points on my setup, however I've ended up with someone else being rejected and now pretty much every registration generating additional points because they share an IP address with another rejected user.
I'm not sure how Apple iCloud Private Relay allocates IPs, but it seems to be picking from a fairly small pool.
Is there a way to sort this, for example temporarily allowing Apple iCloud Private Relay IPs?
I'm not sure how Apple iCloud Private Relay allocates IPs, but it seems to be picking from a fairly small pool.
Is there a way to sort this, for example temporarily allowing Apple iCloud Private Relay IPs?
ENF
Well-known member
From our data, iCloud private relay tends to come from spaces owned by Cloudflare and Akamai. Look at your registration log see if the IP threat score is the rejection reason or something else. If it's the IP threat score, you would have to lower that threshold.
I would also recommend deleting the accounts where there are rejected users, too many IP's are shared these days, so this tends to be a false alarm (shared IP with rejected). We flush out rejected accounts once per day... if the same person comes back, the cookie detection is usually triggered.
If you want to dive into the data of outbound IP's for private relay, take a look here: https://mask-api.icloud.com/egress-ip-ranges.csv
Thanks for reply. The reason for rejection is shared IP with previously rejected user. That original user was rejected for another reason, but it now seems to be blocking most users that are signing up with iCloud Private Relay (as expected).
I was wondering if there was a way, to temporarily disable checking for IP match with rejected user (this seems to be different to the Ip match with duplicate account unless I’m missing something).
ENF
Well-known member
What do you have set for this one?
../admin.php?options/groups/spam/#approveSharedBannedRejectedIp
ENF
Well-known member
As long as the cookie remains intact, yes. More often than not, this is the case as I have seen people trying to make new accounts and forgot they had an existing account. (Sometimes weeks apart, sometimes months...) The detection method is usually cookie based.
ENF
Well-known member
Correct. The cookie has to be set and then they will be eligible for detection. But, you will have still have the chance to detect by IP address.
It's entirely possible that they could login on two different accounts from the same IP, that will trigger an IP detection. (Of course, this is all subject to how you configure the addon.)
Personal recommendation would be to get the "Multiple Account to Thread" reporting setup and create a sub-forum in an admin area, where your multiple account detections can be recorded and tracked. This all logged anyway in the ACP anyway, but the sub-forums gives easy visibility.
Ozzy47
Well-known member
So I purchased this, set up the options. I see this under the IP checking, "IP matches are considered a low quality signal and will not trigger a multiple account match by themselves."
Signing up without a cookie being present on the browser does not trigger a duplicate account thread.