[XTR] IP Threat Monitor [Paid] 1.0.6

[Osman]

I would also like the same or to at least share my Cloudflare data with you to see if this will help in anyway. I added rate limiting via Cloudflare hower this was overly aggressive as it appears cloudflare looks at internal page requests as requests as well and I need to really look at the initial request only and not all of the libraries etc that need to be pulled in

Hi,

You've hit the exact problem that our add-on is designed to solve!

The Cloudflare Problem: Cloudflare's rate limiting counts every HTTP request including CSS, JS, images, fonts, etc. A single page load can trigger 30-50+ requests, which quickly hits the limit and blocks legitimate users.

How IP Threat Monitor Handles This: Our add-on is specifically built for XenForo and understands the difference between:

• Real page requests(index.php) → Counted
• Static assets(css.php, js.php, data.php) → NOT counted
• Background scripts(job.php, admin.php) → NOT counted

This means a user browsing normally will only trigger 1-3 "requests" per page, not 30-50+.

Additionally, our add-on:

• Works with Cloudflare (we auto-whitelist Cloudflare IPs and detect the real visitor IP behind CF)
• Protects registered members and search engine bots automatically
• Offers Captcha challenges instead of hard blocks (user-friendly)

I've sent you a private message with real-world data from a live site to demonstrate how this works in practice.

 

[Dannymh]

I am going to roll the dice on this, its a much needed bit of kit and I am at a loss to how long it would take me to build the same

 

[Dannymh]

Actually one question, I have cloudflare pretty heavily embedded with my site. Are there going to be conflicts here and am I going ot have to peel some of that back?

 

[Osman]

Actually one question, I have cloudflare pretty heavily embedded with my site. Are there going to be conflicts here and am I going ot have to peel some of that back?

No conflicts! IP Threat Monitor is built to work with Cloudflare.

• We detect the real visitor IP behind CF automatically
• Cloudflare IPs are whitelisted by default
• No need to change your Cloudflare setup

Just install, enable "Whitelist Cloudflare IPs", and you're good to go.

 

[smallwheels]

@Osman: Is is possible to block on a ASN basis as well? The featurelist is somewhat unclear here:

• Manual IP Management: Whitelist, blacklist, unblock operations with one click
• CIDR Support: Easily manage IP ranges (192.168.1.0/24)

Would come in very handy in defense against AI bots and scrapers.

What would also be useful was, if the list of current visitors would be enriched with country flags (when viewed with admin rights) like cloudlfare seems do offer it currently - would be helpful for those that do not use Cloudflare.

PS: The pic of the settings in the add on description is unreadable as to much i shown for the resolution.