PrinceOfAbyss added a post in a topic: Not getting email notifications from "Bug Tracker"
PrinceOfAbyss added a file in Moderation ToolsUser Geolocation Restriction vv1.1.2User Geolocation Restriction v1.1.2
User Geolocation Restriction (henceforth UGR) is an advanced tool that offers control over access and/or new registrations to your community based on the location of your visitors. Whether you run a strictly localized community or you want to counterfeit spammers or you simply want to monitor your users' locations, UGR will prove itself as a great asset in your hands.
Access and registration control: Spamwise, it is no secret that the vast majority of spammers originate more or less from a handful of specific countries. Prohibiting new registrations to visitors from those countries or at least allowing the registrations but automatically banning the members for future review or even, as an extreme measure, completely prohibiting access to them is by itself a very effective way to counterfeit spamming. Of course some legitimate members may be lost with that practice, but for the sake of a spam-free community they can be considered as collateral damage.
Application overview: The overview page in UGR v1.0.0 contained a great amount of information, making the interface a bit cluttered. This has changed in v1.1.0. It now displays a small, interactive pie chart powered by Google Charts, with no legend that would consume extra space. Instead, population data is displayed upon hovering with the mouse over each slice of the pie. Additionally, only Top 5 statistics are displayed on the side column for the rest of the information gathered by the application (leaving the rest of it available in other sections of the application).
Location discovery: This is the tool that an admin can use to periodically, manually re-scan each member's location. It is also used when the application is installed for the first time and the locations map of your members needs to be built. Then, during each new registration, the location of the new member is automatically scanned, and stored in the system. So, unless instructed by the application, there is no specific reason to periodically re-scan your members' locations. The locations map is again powered by Google Charts and displays population data upon hovering with the mouse over each region of the map.
Invitations: There are always exceptions that prove the rule, so UGR v1.1.0 offers the ability to invite members originating even from blacklisted locations allowing them to register an account to your community. This can be achieved through an easy-to-use form where you simply fill in an e-mail address that the visitor will use (prior contact between the admin and the visitor is required). The system then sends an informative email to that email address with further instructions. It is also worth mentioning that a task takes care of deleting unused invitations after a specified number of days (configurable in the application's settings).
IP Lookups: Detailed information about your members' IP addresses is available in the Members section (will be presented later). But an admin may need to check any other specific IP address as well for a number of reasons. In UGR v1.1.0, this is possible in this section. You are presented with a form where you fill in an IP address and the system returns any information available for it. Additionally, if the coordinates that correspond to that IP address are available, a Google Map is displayed pointing to the spot defined by those coordinates.
Integration in Members section: UGR v1.1.0 integrates very well with your Members section in ACP. More specifically, it adds a neat hovercard with detailed information about your members' IP addresses in all four locations where their IP is displayed (single member page, members list, incomplete members list and validating members list). The information contains their country, city, ISP, geographical coordinates, etc. Additionally, the advanced Member Search form is greatly extended by UGR. Especially in v1.1.0 this is implemented in a very unique way, allowing the admin to actually search for specific locations (or, for all locations but those specifically checked).
Detailed statistics: In UGR v1.1.0, a new section was added to relieve the clutter of Overview page. This is the Statistics section, where detailed lists are displayed for the subsections Population statistics (each location and the number of members originating from it), Denied Access statistics (the number of access denials performed for each location), Denied Registrations statistics (the number of registration denials performed for each location) and Sent Invitations statistics (the number of invitations sent to each location - determined after the visitor makes use of the invitation).
Logged actions: UGR v1.1.0 logs every action performed either automatically by the system, or manually by an admin. So, each access denial, registration denial, registration (from a blacklisted location) that ended in banning the new member (according to your settings) is logged. However, as those actions are performed by the system and are not admin initiated, the system groups them under Deleted admin. Additionally, any invitation sent to an email address by an admin is also logged.
Settings: Here you can set the settings of the application to tailor it to the needs of your community.
TOR network detection: Lately, a new privacy tool has been provided to users of the Internet. That is TOR network, which directs Internet traffic through a free, worldwide volunteer network consisting of thousands of relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. Unfortunately, when this technology falls into the hands of users with malicious intentions, it can help them create havoc to your community allowing them to create multiple accounts, etc. UGR v1.1.0 takes care of this to some degree by comparing members' IP addresses against a list of IP addresses that are known to be part of the TOR network.
Installation process: The installation of the applications is pretty straight-forward and similar to the installation of any other application for IP.Board. You simply go to ACP > System > Applications & Modules > Manage Applications & Modules. There, you click on the prompt button on the narrow right column to install the application.
API authentication: If you are upgrading from v1.0.0, you do not need to perform what is described here. If, however, you are installing the application for the first time, you will have to authenticate yourself to the Geolocation API, which is queried by the application, before you can make use of its features. Failing to do so will display a warning message and the application will not function. In order to authenticate yourself to the Geolocation API, you simply have to fill your IPS member ID in the form mentioned in the application's settings or in the warning message mentioned above. Your IPS member ID is the number followed by your name in the URL when viewing your profile page in this community. Eg. my profile page is http://community.invisionpower.com/user/107076-princeofabyss/, so my member ID is 107076. Once authenticated, you will be given a key that you will have to type in the appropriate setting of the application.
Changelog in: [*]Version 1.1.2 [*]Fixed a bug affecting location discovery of specific IP addresses and only on 32-bit servers [*]Fixed a bug affecting search filters in Advanced Member Search form not being honored when mass Prune/Move of returned members was selected
[*]Version 1.1.1 [*]Fixed a bug that made Discover Locations to not work (just re-upload a fresh copy of the app to your server) [*]Added ping service for the Geolocation API [*]Added a counter informing about the remaining days of service [*]Added setting for turning off admin logging of access/registration control actions [*]Added IP detail hovercards in "Viewing Member" page, under "Actions > Show All IP Addresses" [*]Greatly enhanced access/registration control dropping API requests to just one per member session [*]Fixed an error in Advanced Member Search, where selecting a specific country and then de-selecting it was impossible [*]TOR network list is now maintained in-house, and retrieval of its IP's is performed by the API
[*]Version 1.1.0 [*]Split the list of locations to control access and/or registrations into two lists, one for access control and one for registration control [*]Added detection of TOR network IP's [*]Modified the advanced Member Search form integration to search by specific locations [*]Added logging functionality to every action performed by the application [*]Added the ability to invite members originating from blacklisted locations [*]Completely re-designed the interface of the application making it more functional and aesthetically pleasing [*]Added a tool to lookup even "external" IP addresses (not related to your members)
[*]Version 1.0.0 [*]Initial release
[*]Attention: If you install this application to an IP.Board v3.2.3 (it may exist in earlier versions as well) and due to a known and reported bug, you will need to make one file edit to fix the bug before the AJAXed Member Search form in ACP can be extended with the geolocation criteria added by the application. The fix, however, is very easy to apply and is included in the bug report mentioned above.
Important: Purchasing this application grants you the permission to use it in one community. If you want to use it in additional communities, you will have to purchase additional licenses.
Some interesting stats taken from my community where UGR runs since March 2012 until today (May 22, 2013):
Total spammer registrations prevented: 155,030
Top 15 spammer countries - Number of spammer registrations prevented: [*]China - 47,744 registration attempts prevented [*]United States - 21,876 registration attempts prevented [*]Russian Federation - 18,165 registration attempts prevented [*]Ukraine - 16,802 registration attempts prevented [*]Poland - 7,838 registration attempts prevented [*]France - 5,927 registration attempts prevented [*]Germany - 4,661 registration attempts prevented [*]Sweden - 4,643 registration attempts prevented [*]United Kingdom - 3,760 registration attempts prevented [*]Netherlands - 2,826 registration attempts prevented [*]Latvia - 2,722 registration attempts prevented [*]Thailand - 2,138 registration attempts prevented [*]Luxembourg - 2,096 registration attempts prevented [*]Romania - 1,417 registration attempts prevented [*]Moldova, Republic of - 1,048 registration attempts prevented
Disclaimer: My certainty about the legitimacy of the above numbers comes from the fact that my community is strictly localized, so I doubt any member coming from those countries wanted to become an active member of it for any reason other than for spamming.
- 221 downloads
- 11 comments
PrinceOfAbyss added a file in Moderation ToolsDuplicate Members Logger vv3.0.4Duplicate Members Logger v3.0.4
Duplicate Members Logger logs, using a Flash cookie, and reports members who use multiple accounts on the same computer to access your IP.Board community.
The use of a Flash cookie makes the application a cross-browser solution to deal with "ghost" members, as it detects and reports them even if they use one browser for each registered account.
In version 3.0.4, loading of the Flash movie, that writes the cookie, is performed through AJAX to eliminate any possible delays in page load. On every page refresh normal community content loads, while the Flash movie does its job asynchronously.
In version 3.0.3, some frequently asked features have been added to complement the existing ones improving the application even more, and making it an even more robust and effective solution to deal with such situations.
New account registration control: The detection of a duplicate account now begins at its registration. Through the appropriate setting, you can choose among allowing a duplicate account registration, allowing it but immediately banning it, or completely prohibiting its creation.
ACP feature Log-in as member: With IP.Board 3.2 a new feature was introduced as a tool to help admins assist members of their community. This was the Log-in as member feature, which as a side-effect confused the application that reported the admin as a duplicate of the members the admin logged in as. This was of course not a bug of the application. It was a situation it was not programmed to deal with. The new version however can detect and ignore the use of this feature very efficiently.
PM notifications: You can now, with a click of a button, send a PM to all members of each duplicate group notifying them that you know about their actions and asking them for an explanation. Actually, the content of the PM is even configurable through the appropriate setting. Additionally, two different modes are available to choose between when sending a new PM. You can either set them as System (the sender will have no record of the notification being sent, as if it was system-generated, and the recipient will not be able to reply to it.), or you can choose Normal mode. In version 3.0.3 this feature is even automated through the appropriate setting in ACP to save you from having to do it manually.
Topic postifications: Additionally, you can now, with a click of a button, post a new topic in a selectable through the appropriate setting forum about all members of each duplicate group notifying them that you know about their actions, and also warning the rest of the members that they should be alert in case they get scammed by those duplicate members. Similar to the above, in version 3.0.3 this feature is also automated should you set the appropriate setting in ACP.
Member comments: A very useful feature was added that allows you to store comments for each member found either in Duplicates Management or in Exclusions Management sections making it easier for you to remember i.e. the reason a member was excluded from producing duplicate reports, etc.
Integration in Edit Member page: The application embeds perfectly within the Editing member page in ACP. A new tab, labeled Duplicate Members Logger, is added where you can set/unset a member as Excluded to control whether they will further produce duplicate reports or not. Additionally, you can view/edit the machine IDs of the machines each member has used to access your community. And finally, you can edit/delete the comments left for each member.
Integration in Moderator CP: The application also embeds in Moderator CP to show registration attempts that came from computers that were previously used by other accounts to access your community. This module splits the attempts in two categories: Registration attempts that resulted in a banned account and registration attempts that were completely rejected (based on the setting mentioned above). Additionally, through the appropriate setting you can choose who can view this section of Modedator CP. You can choose between Administrators only, or Administrators and Moderators. Finally, an alert similar to the community's stock Report center alert is triggered whenever such a new attempt is detected.
Public side alerts: Up to version 3.0.2 you were notified through a public side alert whenever a new fraud registration attempt was detected. This has been working extremely well for new members, but you still had to periodically check the admin side of the application to see if any two or more existing members have logged in from the same computer. To deal with this, a new type of alert has been introduced in version 3.0.3. This alert is triggered whenever an existing member uses the machine of another existing member to access your community. The alert itself is even a hyperlink to the appropriate section (Duplicates Management) in the admin side of the application. The hyperlink, however, respects the setting Remove the ACP link from the community in Security and Privacy. In other words, if you have set your community to remove the ACP link from the public side, the alert is not a hyperlink anymore but rather a simple piece of text. Finally, the alert itself goes off when you visit the Duplicates Management section.
Application Overview: This section displays an overview of statistics, as well as the application's status. The statistics have been improved and include: Unique Machines With One Member/With Multiple Members and also Unique Members From One Machine/From Multiple Machines. These, while seemingly unimportant, can let you understand the habits of your members. In two words, they display the number of unique machines and members that have accessed your community. Additionally, they are now visually represented with the appropriate charts. Typically, these stats do not include Excluded members, but should you need to count them as well, you can do that by clicking the appropriate button.
Duplicates Management: Maybe the greatest improvement of the application is the way it deals with duplicate accounts. Through a complex but lightweight algorithm, it groups all accounts that used the same computer to access your community, and presents them in a list. Scenario: Member A logs in the community from Machine A. Member B logs in the community from Machine B. Member C, who normally logs in the community from Machine C, logs in once from Machine A and once from Machine B. This will result in showing Member A, Member B and Member C as a Duplicate Group, with Member C being the link between Member A and Member B. For any such duplicate group, a number of options is available. You can either Exclude, Ban/Unban, or Delete any single member, and there are also mass options, like Notify All (through a PM) the whole group, Ban All/Unban All, or Delete All by clicking the appropriate button. Finally, there may be cases where a member incidentally has to log into the community from a computer that is normally used by another member (i.e., they are friends, etc). Those will be reported as duplicates in the application. However, you may not completely trust them to mark any/both as excluded. In such cases, you can now remove the machine ID from the system that links the members together, thus removing the duplicate itself. The machine ID of course will be reinserted in the system the next time it is used by any of the members to access the community but it will now correspond to just one of them. You can find which machine was used by each member through hovering with your mouse over each machine ID.
Exclusions Management: This section has also undergone improvements. Actually, the way exclusions work has completely changed. You do not exclude pairs of members anymore. You exclude single members, and those members will never again trigger a duplicate report, no matter how many accounts they create. Thus, it is advised to use this feature carefully and only exclude trusted members.
Settings: Here you can set the settings of the application to tailor it to the needs of your community.
Installation Process: The installation of the applications is pretty straight-forward and similar to the installation of any other application for IP.Board. You simply go to ACP > System > Applications & Modules > Manage Applications & Modules. There, you click on the prompt button on the narrow right column to install the application.
Changelog in: [*]Version 3.0.4 [*]Loading of the Flash movie is performed asynchronously via AJAX
[*]Version 3.0.3 [*]Fixed a well hidden bug for a very rare scenario where if one, with no duplicates, was manually whitelisted before and then tried to create a new account, the system would throw a Warning message for them on the Registration page [*]Added an automatic notification of members feature [*]Added an automatic postification of members feature [*]Added a public side alert for duplicate access attempts [*]Added a Delete All button for Fraud Registrations logs [*]Re-organized Duplicates Management and Exclusions Management sections layout to optimize them for lower resolution screens (ie. 1366px x 768px) [*]Fixed a bug in Topic Postification where if an admin was one of the postified members, their IP address was revealed if you had set IP addresses to be shown in the topic
[*]Version 3.0.2 [*]Added several settings to suit the app's behavior exactly to the admin's needs [*]Fixed a bug regarding the rotation of the usernames while sending a PM notification * [*]Fixed a bug regarding the Flash object POSTing its data to a relative URL instead of to an absolute one [*]Changed the behavior of Duplicates Management and Exclusions Management sections to return the admin to the page they were before performing each action [*]Added the ability to post a new topic in a selectable forum about each duplicate group detected [*]Added the ability to write down comments regarding each member of a duplicate group and/or each excluded member [*]AJAXified the actions of saving a comment for a member, mass notifying members of a duplicate group, and postifying a new topic about them [*]Fixed a bug in ModeratorCP when an admin/moderator tried to delete an already deleted registration attempt
[*]Version 3.0.1 [*]Improved the algorithm that calculates duplicate groups [*]Fixed a bug where member links in Manage Duplicates & Manage Exclusions threw a [#404] incorrect_furl error [*]Fixed the template hook that loads the .swf object in the public side of the community [*]Added the option in app Overview to delete all machines stored for all members [*]Added an icon in app Overview that makes it obvious when duplicate groups are found
Attention: This application installs a Flash cookie on your members' computers. It will not catch duplicates coming from environments where Adobe Flash is unavailable.
Attention: v3.0.0+ of the application will not be able to use already stored duplicates from v2.0.0 as they work totally differently.
Attention: Be sure to download the appropriate version of the application according to your IP.Board version.
- 435 downloads
- 12 comments