Signup abuse detection and blocking

xF2 Add-on Signup abuse detection and blocking 1.14.2

No permission to download
  • Fix the moderate based off threshold was incorrectly using reject threshold instead of moderation threshold (affects v1.9.1-1.9.3)
1.9.3 - Bugfix update
  • As documented, make ASN matching actually stop on first match
  • As documented, make Allowed email domain matching actually stop on first match
1.9.2 - Bugfix update
  • Fix Link Checker not being run on post contents
  • Fix allowing banned users to logout was failing
  • Inject a "log out" link onto banned error page if "Allow banned logout" is true
  • Force global namespace for functions which are known to be optimizable to bytecode in php
  • Use <xf:fa icon="..." /> instead of hard-coded icons
  • Ensure multi-account tracking isn't triggered from an admincp login
  • Correctly set tracking cookie on logout & keep-alive ping (previous code was ineffective as it had the wrong cookie path)
  • Capture client timezone & language into user registration log
  • Add filtering for allowed email domains in admincp
  • Fix 'no javascript' not working for external account association
  • Fix multi-account detection not working for external account association
  • Work-around for default reject reason phrase (spam_prevention_registration_rejected) being too long causing a 'string too long' phrase instead of the reject reason
  • Like
Reactions: supaflowin
  • Remove unexpectedly wide locking on user table during multi-account detection
  • Fix admincp multi-account list pagination not generating correct links
  • Like
Reactions: supaflowin
  • Fix SFS and Project HoneyPot lookup being triggered twice
  • Fix showing last activity for guests in tickets in moderation queue
  • Like
Reactions: supaflowin
  • Like
Reactions: Heyye and bobbob
  • Update installer to not wipe the "Link Spam checker" URL options. Retrieving this information can be done via using SQL to find the last update and manually extract it from the relevent json;
    SQL:
    select *from xf_admin_log
    where request_data like '%svLinkSpamCheckerBlackList%'
    order by 1 desc limit 1;
Fixes:
  • Fix "Duplicate entry 'xx-0' for key 'report'" when a race condition occurs and the record is saved but not reported
  • Only delete "User registration log" entry for a deleted user if "Full delete for GDPR" option is set

New features:
  • Rework "ignore for future events" option to actively exclude that set of users detected with those detection details rather than passively being ignored
  • Run Xenforo's spam checker over user profile fields and custom fields on signup
  • Add option "Registration spam phrases" (default empty)
  • Add option "Link Spam checker: Registration default action" (default moderate)
  • Add option "Request Website on signup" (default disabled)
  • "Email domain moderation" ie require explicit approval by domain and moderate unknown email domains
    • Add option "Non-allowed email action" (default none)
    • New permission; "[SignupAbuse] Allow approving email domains" (default not granted)
    • Import/export as CSV or XML
  • Allow banning an email domain from the approval queue
    • New permission; "[SignupAbuse] Allow banning email domains" (default not granted)
  • Allow banning an ISP/ASN from the approval queue
    • New permission; "[SignupAbuse] Allow banning ASN" (default not granted)
  • Work-around for a user approval design flaw in XenForo where a user may not have yet had their email confirmed.

    When manual approval is configured, there are two flows which result in the use user ending in the approval queue;
    • register => spam checker says moderate => approval queue. No email confirmation.
    • register => email confirm => approval queue. Has email confirm.
  • The only hint on which flow has triggered is the user registration record has a non-approved status.
    The "Require email confirmation (always notifies)" feature is now flagged enabled if it detects the user's email likely has not been confirmed and avoids the email_confirm => moderated => email_confirm loop that could potentially happen
  • Like
Reactions: Benz6969
Top