- Discussions
- 4 649
- Messages
- 12 075
- Solutions
- 81
- J'aime
- 7 620
- Points
- 198
De la (simple) détection de plusieurs comptes à l’empreinte digitale des fournisseurs de services Internet / connexion avec une logique de modération / rejet basée sur le score. Ce sont des solutions simples et efficaces pour réduire les spams.
Supports migration configuration from the following XF1 add-ons;
For multiple account detection, supports reporting to reports/threads. And will send reports to the same report/thread. To send to thread you must select the "Multi-account to thread" extra.
For connection fingerprinting more additional information is collected and recorded on the account.
Note ; Configuration defaults are conservative, aimed at blocking VPNs and proxies. There are a large number of configuration options for this add-on!
Multiple account handling permissions
Per-user whitelist :
Multiple account logs per-user :
Télécharger V1.2.3 :
Version 1.6.0 Maintenance update :
Fix port scanning error when some socket functions are unexpectedly disabled but others are not
Fix race condition between user being deleted and the approval queue entry being removed
Enable wildcard support in geoip block country matching rules
Improve text rules descriptions
Implement "Add to group" if the score is above some threshold, or if directly triggered. Use "addToGroup" in text rules. Can be applied even if moderation/rejection rules are applied
Implement Free Proxy / VPN / TOR / Bad IP Detection Service via API and Web Interface | IP Intelligence integration, requires a contact email address to be set
Télécharger V1.6.0 :
Version 1.6.1 Maintenance update :
Fix for some phrase/templates associated with this add-on having invalidly high version id's making translating the add-on difficult
Version 1.6.2 Maintenance update :
Fix "add to group" option being considered a custom option.
Fix multiple account filtering in admincp's user edit page.
Télécharger V1.6.2 :
Version 1.6.3 Bugfix update : Fix that the email bb-code was not being checked for url domain filtering
Version 1.6.4 Maintainance update :
Improve onboarding process by hooking XF's periodic 'keep-alive' beacons, and checking that the tracking cookie is set
Improve reliability of tracking multiple accounts in some cases
Fix "Add to group"/"Reject" direct rules not working for multi-account actioning on registration
Fix "Do not save users rejected on signup" option with XF2.1.6+
Version 1.6.5 Maintainance update :
Be explicit about legacy detection events (ie log a detection method of 'legacy'). Not a retroactive change
Order per-account multi-account list by most recent event first
Improve robustness of 'Permit Duplicate Report' to not suppress reporting of new multi-account pairs
Télécharger V1.6.5 :
Version 1.6.6 Bugfix update :
Fix filter suppressing previously seen multi-account pairs re-opening a resolved report was checking the wrong id
Add option to log reason for why a report is bumped (default enabled)
Version 1.6.7 Bugfix update : Fix phrase reporting when a report was re-opened due to an unknown multi-account
Télécharger V1.6.7 :
Version 1.6.8 Bugfix update : Fix that disabling "Use RIPE HTTP API for ASN lookup" didn't actually work which could cause unexpected slow downs
Télécharger V1.6.8 :
Version 1.7.0 - Feature update :
Fixes :
Fix "Duplicate entry 'xx-0' for key 'report'" when a race condition occurs and the record is saved but not reported
Only delete "User registration log" entry for a deleted user if "Full delete for GDPR" option is set
New features :
Rework "ignore for future events" option to actively exclude that set of users detected with those detection details rather than passively being ignored
Run Xenforo's spam checker over user profile fields and custom fields on signup
Add option "Registration spam phrases" (default empty)
Add option "Link Spam checker: Registration default action" (default moderate)
Add option "Request Website on signup" (default disabled)
"Email domain moderation" ie require explicit approval by domain and moderate unknown email domains
Add option "Non-allowed email action" (default none)
New permission; "[SignupAbuse] Allow approving email domains" (default not granted)
Import/export as CSV or XML
Allow banning an email domain from the approval queue
New permission; "[SignupAbuse] Allow banning email domains" (default not granted)
Allow banning an ISP/ASN from the approval queue
New permission; "[SignupAbuse] Allow banning ASN" (default not granted)
Work-around for a user approval design flaw in XenForo where a user may not have yet had their email confirmed.
When manual approval is configured, there are two flows which result in the use user ending in the approval queue;
register => spam checker says moderate => approval queue. No email confirmation.
register => email confirm => approval queue. Has email confirm.
The only hint on which flow has triggered is the user registration record has a non-approved status.
The "Require email confirmation (always notifies)" feature is now flagged enabled if it detects the user's email likely has not been confirmed and avoids the email_confirm => moderated => email_confirm loop that could potentially happen.
Télécharger V1.7.0 :
Version 1.7.0 Patch 1 Bugfix update :
Update installer to not wipe the "Link Spam checker" URL options. Retrieving this information can be done via using SQL to find the last update and manually extract it from the relevent json;
Télécharger V 1.7.0 Patch 1 :
Version 1.8.0 - XF2 Compatibility update
Requires php 7.0+
Now depends on Standard Library by Xon
Confirm XF2.2+ support
Version 1.8.1 - Bugfix update
Fix SFS and Project HoneyPot lookup being triggered twice
Fix showing last activity for guests in tickets in moderation queue
Version 1.8.3 - Bugfix update : Remove unexpectedly wide locking on user table during multi-account detection.
Télécharger V1.8.3 pour Xenforo 2.1 :
Télécharger V1.8.3 pour Xenforo 2.2 :
Version 1.8.4 - Maintenance update
Remove the defunct Apility.Io as an geoip/asn lookup provider.
Add external API caching support (default cache time is 12 hours, adjustable), with XF cache context support ('spamCheckCache')
Version 1.8.5 - Compatibility update : Fix MySQL 8+ compatibility when upgrading
Version 1.8.6 - Bugfix update
Fix the "External API query cache time" option was being ignored
Fix php 8+ compatibility issue with LinkChecker
Version 1.8.7 - Bugfix update : Fix Team Cymru IP to ASN integration failing for ASN's shorter than 4 digits, also a php 8 compatibility fix.
Version 1.8.8 - Bugfix update : Fix 'attempt to read property "group_id" on null' error on viewing trophies.
Version 1.8.9 - Bugfix update : Fix error when doing email pattern check on registration.
Version 1.8.10 - Maintenance update : Improve User Registration log filtering.
Version 1.8.11 - Bugfx/Feature update : Link spam checker now captures [media] embeds. If exists, the bb-code media site url is used otherwise the media embed is rendered and then any url(s) extracted.
Version 1.8.12 - Bugfix update
Fix 'no javascript' not working for external account association
Fix multi-account detection not working for external account association
Work-around for default reject reason phrase (
Télécharger V1.8.12 :
Version 1.9.0 - Feature update
Use <xf:fa icon="..." /> instead of hard-coded icons
Ensure multi-account tracking isn't triggered from an admincp login
Correctly set tracking cookie on logout & keep-alive ping (previous code was ineffective as it had the wrong cookie path)
Capture client timezone & language into user registration log
Add filtering for allowed email domains in admincp
Télécharger V1.9.0 :
Version 1.9.1 - Bugfix update
Fix allowing banned users to logout was failing
Inject a "log out" link onto banned error page if "Allow banned logout" is true
Force global namespace for functions which are known to be optimizable to bytecode in php
Télécharger V1.9.1 :
Version 1.9.2 - Bugfix update : Fix Link Checker not being run on post contents
Version 1.9.3 - Bugfix update :
As documented, make ASN matching actually stop on first match
As documented, make Allowed email domain matching actually stop on first match
Version 1.9.4 - Bugfix update : Fix the moderate based off threshold was incorrectly using reject threshold instead of moderation threshold (affects v1.9.1-1.9.3)
Télécharger V1.9.4 :
Version 1.9.5 - Minor feature update : Add "Allow rejected user logout" option
Version 1.9.6 - Bugfix & maintenance update :
On user delete, ensure expensive large data recomputing only occurs once even if multiple users are deleted at once.
Fix running expensive data delete is full-delete for GDPR is not enabled
Add "Approval queue - skip click-to-shrink" option which allows individual content types to skip the XF2.2+ default click-to-shrink behaviour.
Version 1.9.7 - Bugfix update : Fix GetIpIntel integration from being soft-disabled.
Télécharger V1.9.7 :
Version 1.9.8 - Bugfix update : Fix php 8.1 compatibility, with csv export
Version 1.10.2 - Feature update :
Add php7 typehinting (partial)
Add short caching to DNS querys lookups for ASN resolving
Support using Cymru country lookup as a last ditch geoip lookup
Add new GeoIP lookups, most require paid accounts or limited free services
Add support for ipstack.com for geoip/asn service. This service requires an account for the geoip, and a paid account for the asn lookup service
Add support for ip-api.com for geoip/asn service. This service requires an account for the geoip, and a paid account for the asn lookup service
Add support for ipregistry.co for geoip/asn service. This service requires an account, with a free tier and then requiring payment
Update GetIpIntel "private ip" error text to indiciate this can also be due to BGP hijacking
In user registration log, render IP's as links to ip-lookup tool
In user registration log, render ASN's as links to peeringdb.com to describe the ISP/network provider
Support setting a per-content type default for spam link check rendering
Version 1.10.3 - Bugfix update :
On display of registration logs, correctly encode URLs.
Compatibility fix with New Registration Email add-on
Version 1.10.4 - Bugfix update :
Use ipStack/ipApi/ipregistry geo/asn providers if configured over cloudflare/Cymru
Fix ASN lookup for ipApi/ipregistry
Fix "Ban ASN" feature (ErrorException: Job XF:ApprovalQueueProcess: [E_WARNING] preg_match_all(): Unknown modifier '/')
Version 1.10.5 - Bugfix update :
Fix bad links to known email providers in the approval queue
Fix "Ban ASN" option not appearing in approval queue
Télécharger V1.10.5 :
Version 1.10.6 - Bugfix update : Fix ipregistry.co support
Version 1.10.7 - Bugfix update :
- Fix migrating add-on multi-accounts records from XF 1.x 'alter ego detector' records
- Fix ipregistery asn lookup support
- Report GeoIP/ASN API errors to the XF error log and do not swallow them
Version 1.10.8 - Bugfix update :
- Fix caching not occurring for external API calls if a caching provider is not setup
- Fix "Undefined offset: 2" from ASN resolver attempting to extract a country when using non-Team Cymru/Ripe ASN providers.
- Guard against add-ons which incorrectly implement XenForo Entities or content types when generating a list of content-types for the options;
Approval queue - skip click-to-shrink
Link Spam checker: Default action (by content type)
- This is known to affect add-ons by the Vault Wiki author who refuse to implement core XenForo functionality correctly
Version 1.10.9 - Bugfix update :
- Fix handling DuplicateKeyException when detecting multiple accounts
- When preventing internal errors in this add-on from blocking login:
Rethrow exceptions when development is enabled, not when debug mode is enabled.
Version 1.10.10 - Maintenance update : When multi-account report creator validation fails, log an error to help diagnose why
Télécharger V1.10.10 :
Version 1.12.3 : Fix "accept/moderate/reject/addToGroup" as score values where not phrased.
Télécharger V1.12.3 :
Version 1.13.4 :
Version 1.14.0 - Feature update :
Version 1.15.5 :
Version 1.16.7 :
Version 1.16.8 - Bugfix update :
- Fix missing phrase on XF2.3 about starting a conversation about multi-account usage
- Fix updating MaxMind key would fail if the "Update MaxMind databases" option was not set
Version 1.16.9 - Bugfix update : Fix "[E_WARNING] Attempt to read property "LogEvent" on false" when no logs are fetched for a multi-account tracking event
Version 1.16.10 - Bugfix update : Fix "manage anti-spam" admincp option didn't allow saving options when the user didn't have the "manage options" admin permission.
Télécharger V1.16.10 :
Version 1.16.11 - Bugfix update :
Version 1.17.0 - Bugfix update :
Supports migration configuration from the following XF1 add-ons;
- TPU Spam Detect
- Alter ego Detector
For multiple account detection, supports reporting to reports/threads. And will send reports to the same report/thread. To send to thread you must select the "Multi-account to thread" extra.
For connection fingerprinting more additional information is collected and recorded on the account.
Note ; Configuration defaults are conservative, aimed at blocking VPNs and proxies. There are a large number of configuration options for this add-on!
Multiple account handling permissions
- Bypass multiple account checking
- Can enable / disable alerting for user
- Can enable / disable alerting for log
- View reportings.
Per-user whitelist :
Multiple account logs per-user :
Télécharger V1.2.3 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.6.0 Maintenance update :
Fix port scanning error when some socket functions are unexpectedly disabled but others are not
Fix race condition between user being deleted and the approval queue entry being removed
Enable wildcard support in geoip block country matching rules
Improve text rules descriptions
Implement "Add to group" if the score is above some threshold, or if directly triggered. Use "addToGroup" in text rules. Can be applied even if moderation/rejection rules are applied
Implement Free Proxy / VPN / TOR / Bad IP Detection Service via API and Web Interface | IP Intelligence integration, requires a contact email address to be set
Télécharger V1.6.0 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.6.1 Maintenance update :
Fix for some phrase/templates associated with this add-on having invalidly high version id's making translating the add-on difficult
Version 1.6.2 Maintenance update :
Fix "add to group" option being considered a custom option.
Fix multiple account filtering in admincp's user edit page.
Télécharger V1.6.2 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.6.3 Bugfix update : Fix that the email bb-code was not being checked for url domain filtering
Version 1.6.4 Maintainance update :
Improve onboarding process by hooking XF's periodic 'keep-alive' beacons, and checking that the tracking cookie is set
Improve reliability of tracking multiple accounts in some cases
Fix "Add to group"/"Reject" direct rules not working for multi-account actioning on registration
Fix "Do not save users rejected on signup" option with XF2.1.6+
Version 1.6.5 Maintainance update :
Be explicit about legacy detection events (ie log a detection method of 'legacy'). Not a retroactive change
Order per-account multi-account list by most recent event first
Improve robustness of 'Permit Duplicate Report' to not suppress reporting of new multi-account pairs
Télécharger V1.6.5 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.6.6 Bugfix update :
Fix filter suppressing previously seen multi-account pairs re-opening a resolved report was checking the wrong id
Add option to log reason for why a report is bumped (default enabled)
Version 1.6.7 Bugfix update : Fix phrase reporting when a report was re-opened due to an unknown multi-account
Télécharger V1.6.7 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.6.8 Bugfix update : Fix that disabling "Use RIPE HTTP API for ASN lookup" didn't actually work which could cause unexpected slow downs
Télécharger V1.6.8 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.7.0 - Feature update :
Fixes :
Fix "Duplicate entry 'xx-0' for key 'report'" when a race condition occurs and the record is saved but not reported
Only delete "User registration log" entry for a deleted user if "Full delete for GDPR" option is set
New features :
Rework "ignore for future events" option to actively exclude that set of users detected with those detection details rather than passively being ignored
Run Xenforo's spam checker over user profile fields and custom fields on signup
Add option "Registration spam phrases" (default empty)
Add option "Link Spam checker: Registration default action" (default moderate)
Add option "Request Website on signup" (default disabled)
"Email domain moderation" ie require explicit approval by domain and moderate unknown email domains
Add option "Non-allowed email action" (default none)
New permission; "[SignupAbuse] Allow approving email domains" (default not granted)
Import/export as CSV or XML
Allow banning an email domain from the approval queue
New permission; "[SignupAbuse] Allow banning email domains" (default not granted)
Allow banning an ISP/ASN from the approval queue
New permission; "[SignupAbuse] Allow banning ASN" (default not granted)
Work-around for a user approval design flaw in XenForo where a user may not have yet had their email confirmed.
When manual approval is configured, there are two flows which result in the use user ending in the approval queue;
register => spam checker says moderate => approval queue. No email confirmation.
register => email confirm => approval queue. Has email confirm.
The only hint on which flow has triggered is the user registration record has a non-approved status.
The "Require email confirmation (always notifies)" feature is now flagged enabled if it detects the user's email likely has not been confirmed and avoids the email_confirm => moderated => email_confirm loop that could potentially happen.
Télécharger V1.7.0 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.7.0 Patch 1 Bugfix update :
Update installer to not wipe the "Link Spam checker" URL options. Retrieving this information can be done via using SQL to find the last update and manually extract it from the relevent json;
SQL:
select *
from xf_admin_log
where request_data like '%svLinkSpamCheckerBlackList%'
order by 1 desc limit 1;Télécharger V 1.7.0 Patch 1 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.8.0 - XF2 Compatibility update
Requires php 7.0+
Now depends on Standard Library by Xon
Confirm XF2.2+ support
Version 1.8.1 - Bugfix update
Fix SFS and Project HoneyPot lookup being triggered twice
Fix showing last activity for guests in tickets in moderation queue
Version 1.8.3 - Bugfix update : Remove unexpectedly wide locking on user table during multi-account detection.
Télécharger V1.8.3 pour Xenforo 2.1 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Télécharger V1.8.3 pour Xenforo 2.2 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.8.4 - Maintenance update
Remove the defunct Apility.Io as an geoip/asn lookup provider.
Add external API caching support (default cache time is 12 hours, adjustable), with XF cache context support ('spamCheckCache')
Version 1.8.5 - Compatibility update : Fix MySQL 8+ compatibility when upgrading
Version 1.8.6 - Bugfix update
Fix the "External API query cache time" option was being ignored
Fix php 8+ compatibility issue with LinkChecker
Version 1.8.7 - Bugfix update : Fix Team Cymru IP to ASN integration failing for ASN's shorter than 4 digits, also a php 8 compatibility fix.
Version 1.8.8 - Bugfix update : Fix 'attempt to read property "group_id" on null' error on viewing trophies.
Version 1.8.9 - Bugfix update : Fix error when doing email pattern check on registration.
Version 1.8.10 - Maintenance update : Improve User Registration log filtering.
Version 1.8.11 - Bugfx/Feature update : Link spam checker now captures [media] embeds. If exists, the bb-code media site url is used otherwise the media embed is rendered and then any url(s) extracted.
Version 1.8.12 - Bugfix update
Fix 'no javascript' not working for external account association
Fix multi-account detection not working for external account association
Work-around for default reject reason phrase (
spam_prevention_registration_rejected) being too long causing a 'string too long' phrase instead of the reject reason.Télécharger V1.8.12 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.9.0 - Feature update
Use <xf:fa icon="..." /> instead of hard-coded icons
Ensure multi-account tracking isn't triggered from an admincp login
Correctly set tracking cookie on logout & keep-alive ping (previous code was ineffective as it had the wrong cookie path)
Capture client timezone & language into user registration log
Add filtering for allowed email domains in admincp
Télécharger V1.9.0 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.9.1 - Bugfix update
Fix allowing banned users to logout was failing
Inject a "log out" link onto banned error page if "Allow banned logout" is true
Force global namespace for functions which are known to be optimizable to bytecode in php
Télécharger V1.9.1 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.9.2 - Bugfix update : Fix Link Checker not being run on post contents
Version 1.9.3 - Bugfix update :
As documented, make ASN matching actually stop on first match
As documented, make Allowed email domain matching actually stop on first match
Version 1.9.4 - Bugfix update : Fix the moderate based off threshold was incorrectly using reject threshold instead of moderation threshold (affects v1.9.1-1.9.3)
Télécharger V1.9.4 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.9.5 - Minor feature update : Add "Allow rejected user logout" option
Version 1.9.6 - Bugfix & maintenance update :
On user delete, ensure expensive large data recomputing only occurs once even if multiple users are deleted at once.
Fix running expensive data delete is full-delete for GDPR is not enabled
Add "Approval queue - skip click-to-shrink" option which allows individual content types to skip the XF2.2+ default click-to-shrink behaviour.
Version 1.9.7 - Bugfix update : Fix GetIpIntel integration from being soft-disabled.
Télécharger V1.9.7 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.9.8 - Bugfix update : Fix php 8.1 compatibility, with csv export
Version 1.10.2 - Feature update :
Add php7 typehinting (partial)
Add short caching to DNS querys lookups for ASN resolving
Support using Cymru country lookup as a last ditch geoip lookup
Add new GeoIP lookups, most require paid accounts or limited free services
Add support for ipstack.com for geoip/asn service. This service requires an account for the geoip, and a paid account for the asn lookup service
Add support for ip-api.com for geoip/asn service. This service requires an account for the geoip, and a paid account for the asn lookup service
Add support for ipregistry.co for geoip/asn service. This service requires an account, with a free tier and then requiring payment
Update GetIpIntel "private ip" error text to indiciate this can also be due to BGP hijacking
In user registration log, render IP's as links to ip-lookup tool
In user registration log, render ASN's as links to peeringdb.com to describe the ISP/network provider
Support setting a per-content type default for spam link check rendering
Version 1.10.3 - Bugfix update :
On display of registration logs, correctly encode URLs.
Compatibility fix with New Registration Email add-on
Version 1.10.4 - Bugfix update :
Use ipStack/ipApi/ipregistry geo/asn providers if configured over cloudflare/Cymru
Fix ASN lookup for ipApi/ipregistry
Fix "Ban ASN" feature (ErrorException: Job XF:ApprovalQueueProcess: [E_WARNING] preg_match_all(): Unknown modifier '/')
Version 1.10.5 - Bugfix update :
Fix bad links to known email providers in the approval queue
Fix "Ban ASN" option not appearing in approval queue
Télécharger V1.10.5 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.10.6 - Bugfix update : Fix ipregistry.co support
Version 1.10.7 - Bugfix update :
- Fix migrating add-on multi-accounts records from XF 1.x 'alter ego detector' records
- Fix ipregistery asn lookup support
- Report GeoIP/ASN API errors to the XF error log and do not swallow them
Version 1.10.8 - Bugfix update :
- Fix caching not occurring for external API calls if a caching provider is not setup
- Fix "Undefined offset: 2" from ASN resolver attempting to extract a country when using non-Team Cymru/Ripe ASN providers.
- Guard against add-ons which incorrectly implement XenForo Entities or content types when generating a list of content-types for the options;
Approval queue - skip click-to-shrink
Link Spam checker: Default action (by content type)
- This is known to affect add-ons by the Vault Wiki author who refuse to implement core XenForo functionality correctly
Version 1.10.9 - Bugfix update :
- Fix handling DuplicateKeyException when detecting multiple accounts
- When preventing internal errors in this add-on from blocking login:
Catch Throwable (php7+) which is broader than ExceptionRethrow exceptions when development is enabled, not when debug mode is enabled.
Version 1.10.10 - Maintenance update : When multi-account report creator validation fails, log an error to help diagnose why
Télécharger V1.10.10 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.11.1 :
Version 1.12.2 :
- Fix php 8.1 compatibility bug on user registration when multi-account detection triggers
- Fix php 8.1 compatibility bug in non-cloudflare TOR detection
- Fix a too long reject reason from the approval queue would be truncated instead of allowing to error
- Fix GeoIP country from the ASN lookup when no other GeoIP provider is configured
- Fix error viewing multi-account logs for a user which had a linked account that was fully-deleted instead of disabled
- Add rules trigger scoring based on browser language, with initial defaults based on official langauges per country
- Add rules trigger scoring based on browser timezone, with initial defaults based on XF supported timezones per country
- Add defaults for permissions;
- [SignupAbuse]
ng ASN - [SignupAbuse] Approving email domains
- [SignupAbuse] ng email domains
- [SignupAbuse]
- Add content spam checker to verify various signup details match the what is used for the content:
- "Asn content spam check action" (Default: Allowed)
- "GeoIp content spam check action" (Default: Moderated)
- "Language content spam check action" (Default: Allowed)
- "Timezone content spam check action" (Default: Allowed)
- On signup, log required on signup fields (website/location/date-of-birth) into user change log
- Add option "Show date of birth in approval queue" option, default false. If true, the date of birth fields are rendered as a single field instead of 3 fields.
- Detect cases where User B uses User A's email/password reset links as a multi-account.
- Reduce false positives from country/language matching.
- Remove various
0|countryCode-language-countryCodeentires from the "Country language" option as these are no longer required.
- Remove various
- Update options "Country timezone - Unknown" and "Country language - Unknown"
- Update defaults to more sensible values
- Change options "Country timezone - Unknown" and "Country language - Unknown" from "moderate" to "none" scoring due to v1.11.1 having bad defaults.
- Explicitly report unknown language/timezone rather than giving it a score (or not)
- Fix "[E_WARNING] Undefined array key" in language matching.
- Fix unknown langauges wouldn't always be explicitly marked as such.
- Add "Only score unknown language once" option (default true). Makes the "Country language - Unknown" setting more consistant to use.
- Require Xenforo 2.2+
- Add support for NixFifty's Tickets v2.5.0 approving/rejecting users from tickets
Version 1.12.2 :
- Fix link checker could missing some URLs.
- Raw IPv6 and international domains (aka punnycode encoded) where not reliably detected
- Fix XFMG media item description did not reliably trigger the link checker
Télécharger V1.12.3 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.13.4 :
- Require php 7.2+
- Fix score-based option did not correctly show the hint/explain text in admincp
- Move "Non-allowed email action" option into "Connection Profiling - Passive" group
- Extend "Writing before registering" spam-checks to use add-on's scoring system, with defaults to moderate if the linked content is moderated or rejected (XF default)
- Add "[SignupAbuse] Limit user to replies per day" per-forum user-froup permission
- Limit a member (not guest!) to X replies/new-threads per-day (ie the last 24 hours)
- 0 or -1 mean no limit
- Does not apply to users with "Manage any thread" permission
- Require Standard Library by Xon v1.17.0+
- Uses standardized route building to avoid conflicts with other 3rd party add-ons
- Add specific message in the thread view for why a user can't reply to a thread when the per-day limit has been reached
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.14.0 - Feature update :
- Require Standard Library by Xon v1.18.0+
- Fix uninstaller leaving behind some cached data
- Use php 7.2 typehinting in more locations
- Add "Multi-account registration mode - specific permissions" option to trigger the "Multi-account registration mode - specific" action when the detected multi-account has been explicitly allowed/denied per-user permissions
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.14.1 : Signup abuse detection and blocking - Updates
Version 1.14.2 : Signup abuse detection and blocking - Updates
Version 1.15.0 : Signup abuse detection and blocking - Updates
Version 1.15.1 : Signup abuse detection and blocking - Updates
Version 1.15.2 : Signup abuse detection and blocking - Updates
Version 1.15.3 : Signup abuse detection and blocking - Updates
Version 1.15.4 : Signup abuse detection and blocking - Updates
Version 1.14.2 : Signup abuse detection and blocking - Updates
Version 1.15.0 : Signup abuse detection and blocking - Updates
Version 1.15.1 : Signup abuse detection and blocking - Updates
Version 1.15.2 : Signup abuse detection and blocking - Updates
Version 1.15.3 : Signup abuse detection and blocking - Updates
Version 1.15.4 : Signup abuse detection and blocking - Updates
- Update link to team-cymru's ip to ASN mapping service
- Fix spam-check for account details page would check non-editable custom fields and custom fields not on that page
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.15.6 :
- Fix "Banned emails must be unique. The specified banned email is already in use" occurring when banning the same email domain multiple times in the same approval run
- Adjust various "ASN related phrases to be more consistent
- php 8.4+ compatibility
- XF2.3 compatibility
- Rename permission "View reportings" to "View multiple account reports"
- Fix csv import/export of allowed email domains didn't work
- Fix viewing anti-spam options page did not highlight the anti-spam options sidebar as active
- Fix shared email link detection did not also check for shared IP usage between the affected users
- Fix multi-account detection would fail to log events if "Multi-account report user" was invalid
- Fix missing return value for XF\Spam\ContentChecker::logSpamTrigger
- Fix error when viewing multi-accounts referencing deleted users
- Fix url canonization for connected account registration would result in broken redirect
- Ensure "Multi-account report user" has a valid user set if non is set by selecting the 1st valid user on the forum on install/upgrade/rebuild
- Remove "accept & report" feature as it is completely broken
- Remove "Notify front-end on multiple account registration" option
- Remove The "Detection method matching mode" option (ip/ip&cookie/cookie) as it was a foot-gun
- IP matches are a low quality signal that needs a strong signal before multi-account detection triggers
- IP only multi-account matches which can be removed with the CLI command xf-rebuild:sv-prune-ip-only-multi-account-matches
- On login, the ASN (aka ISP) and country are captured and preserved into a more durable log than XF's IP table
- Reduce number of queries hitting the ASN/Country geolocation providers by querying the local login/registration records with the minimum viable IP routing subnet
- This is effectively a /24 for IPv4 and /48 for IPv6.
- Add CLI xf-rebuild:sv-enrich-login-records command to trigger binding ASN/Country to login records.
Strongly recommend setting up MaxMind over using paid API calls as this will generate a significant number of queries for ASN/Country values - Add MaxMind integration for geoip and asn resolving. This requires an API key.
- Signup page: https://www.maxmind.com/en/geolite2/signup
- Key processioning page: https://www.maxmind.com/en/accounts/current/license-key/
- Copy the key to the "MaxMind GeoIP License Key" option
- MaxMind auto-update can be opt'ed out via disabling the "Update MaxMind databases" option, which describes which MaxMind databases are used
- Add signup throttling - rate limit signups
- Configurable window to apply throttling limits (ie X seconds/minutes/hours/etc)
- Throttle by IP/ASN/Country, and if XenCentral/MultiSite is installed by site
- Signup limits automatically based on daily registrations with min/max values, or a fixed value
- New multiple account display page, under Users => Multiple accounts
- Paginated list of recent users which have triggered multiple accounts
- Displays users which have been linked together, and first/last time these have been detected
- Fix entity not found error on allowed-email-domains page for XF2.3
- Fix logins by ip list included non-existent .less
- Fix logins by ip pagination from user edit page dropped the user filter, and had inconsistant number of items for the full list
- Fix error logs would be spammed with missing maxmind database key
- Improve validation of the "Multi-account report user" option on upgrade to detect if the linked user is missing or the option missconfigured
- Fix cloudflare geoip failing for content anti-spam checks
- Fix new multi-account reports where created with the wrong user
- Fix "GeoIp content spam check action" option would throw all posts into the approval queue if resolving the geoip failed
- Fix "GeoIp content spam check action" unexpectedly send posts to the approval queue if no geoip providers had been configured but Team Cymru's API for ASN lookups which gets an approximate country lookup
- Add "test resolving geoip" and "test resolving asn" pages for troubleshooting IP lookup issues
- Fix typo in template modification title
- Fix options "Country timezone rules" and "Country language rules" would get reset if the add-on rebuild was triggered
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.16.8 - Bugfix update :
- Fix missing phrase on XF2.3 about starting a conversation about multi-account usage
- Fix updating MaxMind key would fail if the "Update MaxMind databases" option was not set
Version 1.16.9 - Bugfix update : Fix "[E_WARNING] Attempt to read property "LogEvent" on false" when no logs are fetched for a multi-account tracking event
Version 1.16.10 - Bugfix update : Fix "manage anti-spam" admincp option didn't allow saving options when the user didn't have the "manage options" admin permission.
Télécharger V1.16.10 :
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
Version 1.16.11 - Bugfix update :
- Fix pagination of on user profile multiple accounts tab
- Fix compatibility with "Login as User (LAU2)", by disabling multi-account checking when using that add-on
Version 1.17.0 - Bugfix update :
- Require StandardLib v1.22.0+
- Improve XF cloud compatibility
- Re-add XF2.1 support
- Update Country language/timezone anti-spam option example text to be explicit that is supports wildcards
- Fix 'Country language - Unknown' did not reliably apply non-zero scores
- Do not skip country language tests if the country is unknown, instead use
XXas the country
Pour afficher le contenu, vous devez Vous connectez ou vous Enregistrez.
![[OzzModz] One-Click Mark Read 2.0.2](https://www.societyfrenchmodding.net/data/attachments/3/3338-c92d8450b34e00408ab272ae497c518f.jpg){kind=small}
Dernière édition:
,