TPU: Detect and Block Spam Registrations 1.6.6
- Thread starter W1zzard
- Start date
Going by the stack trace you posted, it will be under;
Code:
/public_html/library/TPUDetectSpamReg/IPCountry.php
W1zzard
Well-known member
W1zzard updated TPU: Detect and Block Spam Registrations with a new update entry:
Bugfixes and improved TOR support
Read the rest of this update entry...
Bugfixes and improved TOR support
Read the rest of this update entry...
W1zzard
Well-known member
W1zzard updated TPU: Detect and Block Spam Registrations with a new update entry:
Added option to show spam reg info in mod queue
Read the rest of this update entry...
Added option to show spam reg info in mod queue
Read the rest of this update entry...
markku
Well-known member
Hi @W1zzard, thanks for the great addon!
After I installed this addon today, I'm getting the following kind of reports in "Spam Trigger Log"
Is this normal?
The posts are from already previously registered and approved members, so the TPU Detect addon shouldn't even be interfering, right?
Before installing the addon, this didn't happen.
After I installed this addon today, I'm getting the following kind of reports in "Spam Trigger Log"
Is this normal?
The posts are from already previously registered and approved members, so the TPU Detect addon shouldn't even be interfering, right?
Before installing the addon, this didn't happen.
Code:
Action: Moderated -
Generated By: kikuli, A moment ago, Content: post (87256)
Request State
array(4) {
["url"] => string(88) "http://www.****.com/threads/****.7591/add-reply"
["referrer"] => string(79) "http://www.****.com/threads/****.7591/"
["_GET"] => array(1) {
["/threads/****_7591/add-reply"] => string(0) ""
}
["_POST"] => array(9) {
["message_html"] => string(651) "<p>Hello all, I really appreciate your replies. I am willing to listen and try anything to help. I have never done it before in my lifetime, so I know there's a problem. I will be confirming it soon. </p>"
["_xfRelativeResolver"] => string(79) "http://www.****.com/threads/****.7591/"
["attachment_hash"] => string(32) "f17569f085fe253f4958b310abfd9100"
["last_date"] => string(10) "1419900916"
["last_known_date"] => string(10) "1419900916"
["_xfToken"] => string(8) "********"
["_xfRequestUri"] => string(52) "/threads/****.7591/"
["_xfNoRedirect"] => string(1) "1"
["_xfResponseType"] => string(4) "json"
}
}W1zzard
Well-known member
The addon creates a new useer group permission "TPU: Detect Spam Reg - Moderate all posts:". This should be set to grey for all groups.
Any chance you changed that to green, so it is active for all or some users?
Once the addon determines a user should have all his new posts moderated, it will set that one individual user's permission to green, which means all his posts get moderated.
Any chance you changed that to green, so it is active for all or some users?
Once the addon determines a user should have all his new posts moderated, it will set that one individual user's permission to green, which means all his posts get moderated.
markku
Well-known member
No, didn't touch the TPU permission at all.
Also, there are other stuff in the Spam Trigger Log now as well (after installing TPU Detect):
And what's interesting is that none of these actually triggered the content to go into moderation queue.
So it's only a logging issue, as far as I can tell?
I can see in the Spam Trigger Log that one new user has already registered and since the score was below the moderation/reject limit, they were approved automatically.
So the registration function works.
But I really wouldn't like to see these "profile_post, post, thread" things in the log. As they are false information (the content didn't go into moderation).
You will need AdminCP access.
Spam trigger log (Tools -> Logs sidebar) shows past approvals and rejections.
"Users Awaiting Approval" shows current pending users.
XxUnkn0wnxX
Active member
i cannot install this addone on 1.4.3 it brings me to addone install page it doesn't even rebuild templates.. and when i try to do manually it doesn't do it properly the phrases are all messed up. the whole thing is a mess:
i had rebuild 2 -3 times manually b4 it properly built.. and this is the first time only with this plugin
i had rebuild 2 -3 times manually b4 it properly built.. and this is the first time only with this plugin
@XxUnkn0wnxX You need to upload the zip containing all the files. The addon isn't just an xml file.
XxUnkn0wnxX
Active member
i did.. and it never installed i even tried via the link. like i usually do and it didn't do anything. it uploaded files but ignored the XML.
it all ok now but it strange..
had to manually go to controls on the plugin and press on rebuild then it took
it all ok now but it strange..
had to manually go to controls on the plugin and press on rebuild then it took
XxUnkn0wnxX
Active member
so how would i configure this to block all proxies? and VPN's? i used to use the TAC stop county spam but it got to unstable and hand been updated for a long time. it mostly blocked legit users form registering.
W1zzard
Well-known member
By default it is already configured to block the most popular VPN/proxy hosting companies, you have to watch the spam trigger logs for your visitor patterns and add new entries.
Unfortunately there is no magical way to block all proxies and VPN, because the well-configured ones can't be detected.
Unfortunately there is no magical way to block all proxies and VPN, because the well-configured ones can't be detected.
ForestForTrees
Well-known member
Thank you for this terrific addon. I love the granularity it provides.
Many people have reported increasing spam recently from Pakistan Telecommunication Company Limited (PTCL) IP#s like this one:
http://whatismyipaddress.com/ip/39.46.81.58
I thought I'd share what I'm doing in case it helps someone. I'd also appreciate feedback regarding whether I'm doing it right.
I was able to look up the AS Number of PTCL by entering one of their IP#s into the search box on the following page:
http://www.tcpiputils.com/browse/as
It turns out that they have two AS Numbers.
I added the following to the AS Name section of the options page in order to reject all signups from that ISP:
Once profile spammers from them become less regular, I'll probably change it to:
Feedback appreciated! Let's block these scum.
Many people have reported increasing spam recently from Pakistan Telecommunication Company Limited (PTCL) IP#s like this one:
http://whatismyipaddress.com/ip/39.46.81.58
I thought I'd share what I'm doing in case it helps someone. I'd also appreciate feedback regarding whether I'm doing it right.
I was able to look up the AS Number of PTCL by entering one of their IP#s into the search box on the following page:
http://www.tcpiputils.com/browse/as
It turns out that they have two AS Numbers.
I added the following to the AS Name section of the options page in order to reject all signups from that ISP:
reject|45595
reject|17557
reject|17557
Once profile spammers from them become less regular, I'll probably change it to:
+3|45595
+3|17557
+3|17557
Feedback appreciated! Let's block these scum.
W1zzard
Well-known member
That's exactly how it works. You can also put the AS name instead of the number, or even just the start of the AS name, this should solve the problem with multiple entries and will also be more readable.
PTCL is a pretty big ISP with lots of normal users (if you have any from this region). I'm using "moderate" on PK/IN/TH/CN/BD so mods have to manually approve posts but legit users won't be rejected.
PTCL is a pretty big ISP with lots of normal users (if you have any from this region). I'm using "moderate" on PK/IN/TH/CN/BD so mods have to manually approve posts but legit users won't be rejected.
Similar threads
