![[TAC] Stop Human Spam](/community/data/resource_icons/1/1480.jpg?1577367507){kind=icon}
[TAC] Stop Human Spam [Paid] 1.4.8
- Thread starter tenants
- Start date
cdub
Well-known member
tenants
Well-known member
That's a core xenforo phrase (I thought it was unlikely any of the TAC would detect you incorrectly, since I avoid most API pitfalls by default.. but APIs are never great)
This implies StopForumSpam has logged your IP \ email \ username
I have just looked at the logs and the core checks against username (I wouldn't recommend this), I've turned off the core SFS detection and changed back to AnyAPI SFS (lot's more flexibility in the detection logic) I never check against username:
SFS API Rules
Rule1: {$response['email']['lastseen']} > 0 // bot emails banned forever, you dont need this line
Rule2: {$response['email']['confidence']} > 90.01 // more than 90.01 % confidence
Rule3: {$response['email']['appears']} > 0 // appears once or more, you dont need this line
Rule4: {$response['ip']['lastseen']} > $timenow - 1814400 // 3 weeks
Rule5: {$response['ip']['confidence']} > 90.01 // more than 90.01 % confidence
Rule6: {$response['ip']['appears']} > 0 // appears once or more, you dont need this line
... give that a go
AnyAPI logs are full detail, so if there is an issue, it will tell me the exact response from the api
This implies StopForumSpam has logged your IP \ email \ username
I have just looked at the logs and the core checks against username (I wouldn't recommend this), I've turned off the core SFS detection and changed back to AnyAPI SFS (lot's more flexibility in the detection logic) I never check against username:
SFS API Rules
Rule1: {$response['email']['lastseen']} > 0 // bot emails banned forever, you dont need this line
Rule2: {$response['email']['confidence']} > 90.01 // more than 90.01 % confidence
Rule3: {$response['email']['appears']} > 0 // appears once or more, you dont need this line
Rule4: {$response['ip']['lastseen']} > $timenow - 1814400 // 3 weeks
Rule5: {$response['ip']['confidence']} > 90.01 // more than 90.01 % confidence
Rule6: {$response['ip']['appears']} > 0 // appears once or more, you dont need this line
... give that a go
AnyAPI logs are full detail, so if there is an issue, it will tell me the exact response from the api
Last edited:
cdub
Well-known member
Ok so it let me register with your site. Does that mean my IP got logged with StopForumSpam? That may be possible actually as I think for some reason some spammers were using my IP address according to the logs because of that weird glitch when you have an automated welcome e-mail going out. Or something like that.
How do I get my IP removed from StopForumSpam?
How do I get my IP removed from StopForumSpam?
tenants
Well-known member
It looks like it was you username. It is my opinion that username should never be used as an API spam detection mechanism, it is also my opinion that an IP address is not a very accurate (avoiding false positives) / powerful (always catch new spammers) mechanism for detecting spam, since they get re-added back to the pool, and with the availability of IPv6, they will be bought and disposed of in larger quantities and very quickly than ever before. But, how else can API's define a user (email addresses can very quickly be disposed of and automated)
This is why I'm not that much of a fan of API's, particularly multiple APIs layered on top of each other, the more APIs you use, the more likely you are to get false positives.
This is why I'm not that much of a fan of API's, particularly multiple APIs layered on top of each other, the more APIs you use, the more likely you are to get false positives.
Last edited:
tenants
Well-known member
What happens if you set all the permissions for those users
Can Bypass Link-Post-Rules:
Can Bypass Signature-Modify-Rules:
Can Bypass Stop-Banned-Words:
Can Bypass Stop-Sneaky-Urls:
My guess is, that they are getting caught by one of the others
What does it say in the logs for those users that can now bypass?
Can Bypass Link-Post-Rules:
Can Bypass Signature-Modify-Rules:
Can Bypass Stop-Banned-Words:
Can Bypass Stop-Sneaky-Urls:
My guess is, that they are getting caught by one of the others
What does it say in the logs for those users that can now bypass?
System0
Active member
It looks like it could be a sneaky url. The log states:
I looked at what he did and all he did was recommend a link to a useful tutorial he found online. Why would it be classed as sneaky when the full url was published.
A sneaky URL has been detected in your content. Please check your content and remove anything that might look like a URL
Why would it state this?
I looked at what he did and all he did was recommend a link to a useful tutorial he found online. Why would it be classed as sneaky when the full url was published.
tenants
Well-known member
A real link contains many things that a sneaky fake link contains, if you want them to be able to add a real link www.mysite.com , then catching www and .com or even w w w my site dot com is not desirable (this is some of what the sneaky link detection does). If you want to allow users to bypass link post rules, you should also allow them to bypass sneaky urls
The Dark Wizard
Well-known member
The Dark Wizard
Well-known member
Does anyone know if this still works.
CTXMedia
Well-known member
The Dark Wizard
Well-known member
Yes it does.
Excellent, what happened to @tenants though, haven't seen him post in a while. Hope his addons don't become unsupported.
