Signup abuse detection and blocking

xF2 Add-on Signup abuse detection and blocking 1.8.1

No permission to download
Compatible XF Versions
2.0, 2.1, 2.2
Visible Branding
No
Additional Requirements
php 5.6+
Outbound HTTP & DNS requests
socket_create support for portscaning
Number Domain Install
Unlimited
From (simple) multiple accounts detection to isp/connection fingerprinting with score-based moderating/rejecting logic. These are very effective low-hanging fruit at reducing spam.

Supports migration configuration from the following XF1 add-ons;
  • TPU Spam Detect
  • Alter ego Detector
See the FAQ Known Issues for known limitations. This is not a turn-key solution, and each site may require customization!

For multiple account detection, supports reporting to reports/threads. And will send reports to the same report/thread. To send to thread you must select the "Multi-account to thread" extra.

For connection fingerprinting more additional information is collected and recorded on the account.

Note; Configuration defaults are conservative, aimed at blocking VPNs and proxies. There are a large number of configuration options for this add-on!

Multiple account handling permissions
  • Bypass multiple account checking
  • Can enable / disable alerting for user
  • Can enable / disable alerting for log
  • View reportings.
Use Multiple account to thread add-on to send multiple account reports to threads.

Per-user whitelist:
per-user-whitelist.png

Multiple account logs per-user:
1543801253995.png
Related Resources
Known issues
  • This is not a turn-key solution for blocking spam, but rather a toolkit.
    • On banning a spammer, it is recommended to check the "User Registration Record" for that user and check the signup IP to see if it is associated with an ISP which provides VPN, hosting, or proxy services but not residential services
      If so, you may wish to consider adding that ISP to be grey listed (ie auto-moderate) or blacklisted (auto-reject).
  • "Multi-account to thread" does not support merging threads, it will generate a new report thread if it's target is merged or hard deleted.
  • There may be GDPR considerations due to the additional information collected and exposed to staff. This information is currently not purged when the account is deleted.
  • Geo location information is not an exact science, and VPN providers are adversarial at ensuring ip-geo location may not be accurate
Author
ENXF NET
Downloads
107
Views
1,799
Last update
Rating
5.00 star(s) 2 ratings

More resources from ENXF NET

Latest updates

  1. 1.8.1 - Bugfix update

    Fix SFS and Project HoneyPot lookup being triggered twice Fix showing last activity for guests...
  2. 1.8.0 - XF2 Compatibility update

    Requires php 7.0+ Now depends on Standard Library by Xon Confirm XF2.2+ support
  3. 1.7.0 Patch 1 - Bugfix update

    Update installer to not wipe the "Link Spam checker" URL options. Retrieving this information...

Latest reviews

good addon for large forums .
This add-on has greatly reduced the amount of spam we get over @ our site. Prior to installing this, multiple spam accounts per week would slip through and be allowed to post spam threads. 99% of them are caught by the advanced filtering rules in this mod.
Top