[XTR] IP Threat Monitor

[XTR] IP Threat Monitor [Paid] 1.0.4

No permission to buy ($30.00)
Overview FAQ Updates (4) History Discussion
Osman

Osman

Well-known member
Osman submitted a new resource:

[XTR] IP Threat Monitor - Smart IP monitoring system protecting your forum from bots and DDoS attacks, boosting performance

View attachment 330468

IP Threat Monitor is a professional security addon that protects your XenForo forum from malicious bots, DDoS attacks, and excessive request traffic. With its cache-first architecture, it reduces database load by 98% while delivering 5-10x faster response times. SEO-friendly design protects search engines while never affecting your real users' experience.

IP Threat Monitor - Smart Security & Performance​


Is your forum constantly...
Click to expand...

Read more about this resource...
 
This looks interesting, but how similar is it to Cloudflare rules doing the same.
My cloudflare stats are horrific when you look at all the scraping and AI bots hitting it as well as the threat count going up.

Have been using some bot rules and tuning that as I go as well some country blocking, China, INdia, Singapore and Vietnam as those seem to be majority of traffic. I am still getting hit massively from the US and can't block the entire country as I have genuine users there, so now need to go into IP Blocks
 
Osman updated [XTR] IP Threat Monitor with a new update entry:

1.0.1

  • [New] Added "Enable Bot rDNS Verification" option to validate search engine bots via reverse DNS lookup and prevent User-Agent spoofing.
  • [Improvement] Enhanced logic for "Block Only (No Captcha)"mode:
    • Initial threshold breach triggers a standard 429 Too Many Requests response.
    • Persistent attacks after the 429 warning now result in a permanent 403 Forbidden ban.
This update introduces critical security...
Click to expand...

Read the rest of this update entry...
 
Osman updated [XTR] IP Threat Monitor with a new update entry:

1.0.2

Fixed: Duplicate entry database errors
  • Resolved race condition issues in blacklistIP(), blockIP(), and trustIP() methods
  • Improved concurrent request handling with proper error recovery
  • Enhanced database integrity with unique constraint protection
Fixed: PHP 8+ compatibility warnings
  • Eliminated string offset cast warnings in IPv6 CIDR validation
  • Added proper bounds checking for binary string operations
  • Updated CloudflareIPs and RateLimiter...
Click to expand...

Read the rest of this update entry...
 
Osman updated [XTR] IP Threat Monitor with a new update entry:

1.0.3

[NEW] Bot IP Range Detection
  • Added primary bot detection using official IP ranges (Google, Bing, Yandex, Baidu, DuckDuckBot)
  • Instant bot verification without DNS lookup overhead
  • 99% coverage of legitimate search engine traffic
  • New BotIPRanges service with CIDR matching support
[IMPROVED] Multi-Layer Bot Protection
  • 3-tier bot detection: IP Range → User-Agent → rDNS
  • Bot rDNS Verification remains as secondary protection layer
  • Reduced...
Click to expand...

Read the rest of this update entry...
 
ES Dev Team said:
Do you have some before/after results with cloudflare..
Or a site that runs this so i can see your bot traffic?
Click to expand...
We don’t provide a public demo site or share raw traffic statistics due to security and privacy reasons. However, I’ve sent you a private message with more details regarding this.
 
@Osman - What exactly is the "proxycheck.io" key for, and when is it called?
I only ask as my forum isnt massive, however i have hit 573 queries within the first 30 mins (so the "less than 1k" free package is going to be out of the window!)...

More worryingly, what happens when it runs out completely?!

EDIT : Exceeded 1k after around an hour!!
 
Last edited:
Paul said:
@Osman - What exactly is the "proxycheck.io" key for, and when is it called?
I only ask as my forum isnt massive, however i have hit 573 queries within the first 30 mins (so the "less than 1k" free package is going to be out of the window!)...

More worryingly, what happens when it runs out completely?!

EDIT : Exceeded 1k after around an hour!!
Click to expand...
What does the “proxycheck.io” API key do?
This API key is used for VPN, Proxy, and Tor detection. When enabled, it checks whether visitor IP addresses are coming through a VPN or proxy service. The main purpose is to detect and block potentially malicious traffic hidden behind anonymization services.

Why were there so many API requests?
In a previous version, there was a performance issue where the API was being called on every request instead of only when necessary. This resulted in excessive API usage, especially on high-traffic forums.

As of version 1.0.4, we believe this issue has been resolved, and API calls are now properly optimized.
 
Osman updated [XTR] IP Threat Monitor with a new update entry:

1.0.4

Fixed
Critical Performance Fix: VPN/Proxy API check no longer runs on every HTTP request
API Quota Exhaustion: System now gracefully handles ProxyCheck.io quota limits without hammering the API
Auto-Ban in Captcha Modes: Fixed issue where Auto-Ban rules were not working when protection mode was set to "Captcha (Soft)" or "Captcha (Hard)"

Changed
  • VPN check now only executes when an IP exceeds the rate limit threshold
  • API errors are now cached for 1...
Click to expand...

Read the rest of this update entry...
 
You must log in or register to reply here.

Similar threads

Osman
[XTR] Watermark Pro [Paid]
Replies
2
Views
42
Osman
Osman
Osman
[XTR] Similar Thread Suggestions [Paid]
Replies
4
Views
33
Osman
Osman
Osman
[XTR] Smart Customization [Paid]
Replies
0
Views
30
Osman
Osman
Osman
[XTR] Dynamic Welcome Panel [Paid]
Replies
2
Views
71
Osman
Osman
Osman
[XTR] Temporary Sticky Threads [Paid]
Replies
1
Views
45
Osman
Osman
Back
Top Bottom