Go Back   vb.org Archive > vBulletin Modifications > vBulletin 3.8 Modifications > vBulletin 3.8 Add-ons
FAQ Community Calendar Today's Posts Search

Reply
 
Thread Tools
Multiple Account Detection & Prevention Details »»
Multiple Account Detection & Prevention
Version: 1.1.3, by Kiros72 Kiros72 is offline
Developer Last Online: Nov 2023 Show Printable Version Email this Page

Category: Administrative and Maintenance Tools - Version: 3.7.x Rating:
Released: 12-16-2008 Last Update: 03-31-2009 Installs: 1039
Uses Plugins
Additional Files Translations  
No support by the author.

It happens all of the time. Some members will make multiple accounts to back their own opinion or get an extra vote in a poll. Here's a modification that will detect and prevent multiple accounts, as well as notify the administration about multiple accounts. Inspiration for this modification came from the work of MPDev (creator of the Multiple Account Login Detector) and randominity (creator of the Multiple Account Registration Prevention). This is basically a combination of those two modifications but with new and improved functionality.

This is not an update to the "Multiple Account Login Detector (AE Detector)" nor is it an update to the "Multiple Account Registration Prevention." If you have either one of these (or both of them) installed, you should uninstall them before installing this modification.

With the initial release of Multiple Account Detection & Prevention, I believe that I have fixed previous bugs/complications as well as improved the efficiency and logic of the code. This is my first publicly released modification. I would appreciate any comments and suggestions!

Confirmed! This works perfectly on all vBulletin 3.6, 3.7, and 3.8 versions.

Unfortunately, I cannot give support right now. I may be able to help periodically, but until my schedule yields some more free time, I won't be much support. Please check back in a week or two.

Basic Details
File Edits: None
Template Edits: None
New Files: 6
Hooks/Plugins: 3
Global Phrases: 36
Install Time: 2 Minutes or Less
Install Difficulty: None, Very Easy

Features and Settings
- Login Detection
- Registration Prevention (Multiple Methods)
- Ignore Child Accounts
- Ignored Users
- Ignored Usergroups
- Ignored ISPs
- Prevention Usergroup
- IP Address Based Prevention
- Extended IP Address Prevention
- IP Address Time Inclusion
- Banned Account Check
- Primary Banned Usergroup
- Cookie Expiration Time
- Cookie Refreshing
- Cookie Name
- Cookie Reset
- Multiple Account Reporter
- Reports via PM
- PM Report Recipients
- Reports via New Thread
- Forum for Report Threads
- Verbose Mode
- BB Codes: LIST, URL, CODE

How it Works
With every newly recognized login/registration, an account-counting cookie is set (or added onto) with the member's User ID. Depending on the settings, Multiple Account Detection & Prevention will analyze the cookie during login/registration to see if there are any multiple accounts.

Login Detection offers cookie-checking and reporting. Registration Prevention offers the same thing, plus more advanced features. First of all, when it prevents an account from registering, it actually moves the registrant to the Prevention Usergroup so that the administration can review the case. This also allows for customized privileges for recognized multiple registrants. Registration Prevention also has IP address detection which finds out just as much information about users. Depending on an administrator's preference, this modification can also reban a new registrant if one of their previous accounts has been banned. In fact, if the administration wishes, multiple registrants can simply be denied registration all together.

Whenever there is a detection/prevention, the modification will report the information to the administration through private messages, a new thread, or both (depending on settings). The Multiple Account Reporter can be any valid user.

Known Issues
- vB Optimise users: Reporting via thread seems to get messed up by vB Optimise, so try reporting via PM instead.
- PhotoPost vBGallery users: The registration handling appears to not work properly when PhotoPost vBGallery is enabled.

From what I can tell, these known clashes have been caused by the other modification's coding. The author of vB Optimise will not even work with me to fix it. Until they improve their coding, I'm not sure if I can do anything about these issues. As far as I know, administrators that do not use the above modifications will not have any problems.

Installation / Upgrade
Unzip the package (madp.zip), upload the files to your forum location, and import the product file (allow overwrite if upgrading). Please read the ReadMe.txt file that is packaged with the modification for more information.

Please remember to mark this modification as installed if you use it!
If you like it, nominate it for the Mod of the Month!

Thank you!

Download Now

File Type: zip madp.zip (22.3 KB, 4977 views)

Screenshots

File Type: png admincprep.png (62.6 KB, 0 views)
File Type: png admincpop1.png (65.8 KB, 0 views)
File Type: png admincpop2.png (50.6 KB, 0 views)
File Type: png threadregverbose.png (40.3 KB, 0 views)
File Type: png threadloginverbose.png (34.7 KB, 0 views)
File Type: png threadregip_disallow.png (83.3 KB, 0 views)

Show Your Support

  • This modification may not be copied, reproduced or published elsewhere without author's permission.
3 благодарности(ей) от:
aeturner89, Filgga, ricardoNJ

Comments
  #302  
Old 04-21-2009, 05:10 AM
Kiros72 Kiros72 is offline
 
Join Date: Apr 2006
Location: Albany, LA - USA
Posts: 215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by I.am View Post
Hello sorry just a question but this mod work also if members are using proxy servers?

Thanks
Technically, the IP address checks would come through if they used the same proxy server to register multiple accounts. Also, if the cookie information is passed through the proxy (which it should be for them to be able to login to vBulletin), then the cookie detection will also work.

Quote:
Originally Posted by Raul7 View Post
hi Kiros,
if i only care about login detection and not registration, i can just select no prevention and silent mode doesnt really matter then right?
Correct. In version 1.x no action is taken for login detections. Action is only taken for registration prevention (if you enable it to).

Quote:
Originally Posted by vitrag24 View Post
wht's difference between Multiple account login detector (AE Detector)
mod and this mod?
if difference, then which is better?
shd i keep both or only one? which?
The difference is plenty. MPDev's modification only detects logins. My modification detects logins and registrations and can prevent registrations as well. During registration, advanced IP checks can also take place if the administrator configures the options that way. Speaking of options, there are far more settings and features. There is also much better documentation for all of the configurations. My modification also uses faster functions (like explode() instead of split()) and in my opinion, it also has better logic within the code. On top of everything else, I provide support for my modification. I don't see too much support coming from MPDev, himself. I don't think that his/her modification is bad, but I honestly think that mine is better. That's the whole reason I built this modification up; I saw that major improvements could be made upon the idea.

Feel free to take my modification for a test-drive. You can always uninstall it and go back to the AE Detector if you want (everything will still work as it did before).

Also, you should not have my modification installed while the AE Detector is installed. Just chose one or the other.

Quote:
Originally Posted by exportforce View Post
Yes another one that wants the same I do
First account instaban too! Yes.

I have a problem.
The thing just did not! ban a multiple one



Yes the two commas are there already I only edited the values for security reasons.
It did NOT! ban ABCABC as it should.
Multiple Account Detection & Prevention is NOT supposed to ban for multiple logins. It is only supposed to ban multiple registrants if you have it configured to do so. This was a multiple login detection, not a registration detection. In other words, the person just logged into another account; he/she did not make a new one.

Get it?
Reply With Quote
  #303  
Old 04-21-2009, 09:20 AM
vitrag24's Avatar
vitrag24 vitrag24 is offline
 
Join Date: Nov 2006
Location: India
Posts: 639
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
The difference is plenty. MPDev's modification only detects logins. My modification detects logins and registrations and can prevent registrations as well. During registration, advanced IP checks can also take place if the administrator configures the options that way. Speaking of options, there are far more settings and features. There is also much better documentation for all of the configurations. My modification also uses faster functions (like explode() instead of split()) and in my opinion, it also has better logic within the code. On top of everything else, I provide support for my modification. I don't see too much support coming from MPDev, himself. I don't think that his/her modification is bad, but I honestly think that mine is better. That's the whole reason I built this modification up; I saw that major improvements could be made upon the idea.

Feel free to take my modification for a test-drive. You can always uninstall it and go back to the AE Detector if you want (everything will still work as it did before).

Also, you should not have my modification installed while the AE Detector is installed. Just chose one or the other.
Thanks.
i'll try your mod..it seems promising.
so do i have to uninstall AE detector mod first?
and i fear if your mod will move users or prevent from registrations to non-spammers too? as if someone surf on cybercafe and multiple users register there but they arent same but then ur mod will prevent them from registering?

i mean to ask wht does ur mod use to detect and prevent multiple registration?
wll it prevent non-spammers too anyway?
Reply With Quote
  #304  
Old 04-21-2009, 12:10 PM
static-skillz static-skillz is offline
 
Join Date: Mar 2004
Posts: 30
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Is there any plan to fix the glitch regarding vBOptimize being installed?
Reply With Quote
  #305  
Old 04-21-2009, 12:35 PM
BlueNinjaGo's Avatar
BlueNinjaGo BlueNinjaGo is offline
 
Join Date: Mar 2009
Posts: 668
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by vitrag24 View Post
Thanks.
i'll try your mod..it seems promising.
so do i have to uninstall AE detector mod first?
and i fear if your mod will move users or prevent from registrations to non-spammers too? as if someone surf on cybercafe and multiple users register there but they arent same but then ur mod will prevent them from registering?

i mean to ask wht does ur mod use to detect and prevent multiple registration?
wll it prevent non-spammers too anyway?
You should uninstall AE detector completely (not just disable) for it to function properly. (You can see by the comments that this has been verified again and again)

You can CHOOSE whether or not multiple accounts are moved to a prevention usergroup. Also, if you do choose to have multiple accounts moved to a prevention usergroup, you can always choose to move them to a new usergroup, after you verify they aren't a spammer/multiple account. (This does NOT stop them from registering.)

It's pretty much impossible to tell the difference between Spammer and non-Spammer by simply checking IP addresses or cookies. If you're worried about real, unique users being moved to a prevention usergroup, you can always activate "silent mode" which will ONLY notify you. (It will not take any actions in silent mode) This will help you get an idea of how many reports you can be expecting and give you an idea of how it works.
Reply With Quote
  #306  
Old 04-21-2009, 02:52 PM
sfc sfc is offline
 
Join Date: Jan 2006
Posts: 6
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

how do I uninstall.. I did a test and now can't get into my admin...

Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3
Reply With Quote
  #307  
Old 04-21-2009, 09:24 PM
exportforce exportforce is offline
 
Join Date: Jun 2007
Posts: 157
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Kiros72 View Post
Multiple Account Detection & Prevention is NOT supposed to ban for multiple logins. It is only supposed to ban multiple registrants if you have it configured to do so. This was a multiple login detection, not a registration detection. In other words, the person just logged into another account; he/she did not make a new one.

Get it?
I want those instantly banned too.
Can you add this too ?
What about my suggestion? Can a few $ put it in front of the cue ?
Reply With Quote
  #308  
Old 04-22-2009, 02:53 AM
Kiros72 Kiros72 is offline
 
Join Date: Apr 2006
Location: Albany, LA - USA
Posts: 215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by vitrag24 View Post
Thanks.
i'll try your mod..it seems promising.
so do i have to uninstall AE detector mod first?
and i fear if your mod will move users or prevent from registrations to non-spammers too? as if someone surf on cybercafe and multiple users register there but they arent same but then ur mod will prevent them from registering?

i mean to ask wht does ur mod use to detect and prevent multiple registration?
wll it prevent non-spammers too anyway?
Quote:
Originally Posted by BlueNinjaGo View Post
You should uninstall AE detector completely (not just disable) for it to function properly. (You can see by the comments that this has been verified again and again)

You can CHOOSE whether or not multiple accounts are moved to a prevention usergroup. Also, if you do choose to have multiple accounts moved to a prevention usergroup, you can always choose to move them to a new usergroup, after you verify they aren't a spammer/multiple account. (This does NOT stop them from registering.)

It's pretty much impossible to tell the difference between Spammer and non-Spammer by simply checking IP addresses or cookies. If you're worried about real, unique users being moved to a prevention usergroup, you can always activate "silent mode" which will ONLY notify you. (It will not take any actions in silent mode) This will help you get an idea of how many reports you can be expecting and give you an idea of how it works.
I couldn't have said it better myself. Okay, well I would have added a few more things, but I'll do that now

This modification will always check for a cookie that tracks which account the person has logged into. This happens for both registration and login. You can enable IP address detection for registration; this is to protect against someone clearing or modifying their cookies to get past the detection. Since IP addresses change and some (although very few) people may register while at a public place (i.e. library or cafe), I also include a time limit. This setting limits the time (in days) in which the modification will look for matching IP addresses. Take this scenario for example:

You have the IP address checks enabled and you have the time limit set to 30 days. Someone registers on a public computer. Two months later, another person registers on the same computer. Although they might have matching IP addresses, the modification knows to ignore it since it is past the time limit of 30 days.

So I would like to confirm this for you. You have nothing to worry about. You will be able to reverse anything (such as bans or changed usergroups) and you can uninstall it at any time and reinstall AE Detector with no permanent consequences.

Quote:
Originally Posted by static-skillz View Post
Is there any plan to fix the glitch regarding vBOptimize being installed?
Unfortunately, the author of vBOptimise refuses to respond to my private messages. I cannot find anything wrong with my code, so I think he/she will have to be the one to fix this glitch. If I need to change something, then I will gladly, but again, I cannot find anything wrong with my code. Please notify the author of vBOptimise about this inconvenience. He/she might know what to do.

Quote:
Originally Posted by sfc View Post
how do I uninstall.. I did a test and now can't get into my admin...

Warning: require_once([path]/madp/detection.php) [function.require-once]: failed to open stream: No such file or directory in [path]/includes/functions_login.php(185) : eval()'d code on line 3
It looks like you don't have the files correctly uploaded. The files within the 'upload' folder should be uploaded to your forum root. Once you have the files in place, it will work just fine. I can help you with this privately if you would like my assistance.

If you just want to uninstall it, you will need to add this line near the top of your config.php file:

PHP Code:
define('DISABLE_HOOKS'true); 
Reupload your config.php file and all hooks will be disabled. You will be able to login and modify whatever you need to.

Quote:
Originally Posted by exportforce View Post
I want those instantly banned too.
Can you add this too ?
What about my suggestion? Can a few $ put it in front of the cue ?
Yes, I'll have actions available for multiple logins for my next major release.
Also, yes, money always helps. I work on projects that I get paid for before I work on projects that I wouldn't get paid for.
Reply With Quote
  #309  
Old 04-22-2009, 11:44 AM
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Location: Netherlands
Posts: 3,537
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

It would be good to have more functions to deal with returning banned members / trolls that keep opening new accounts.

Here's a functionality request / suggestion:

Have a usergoup that is not able to log out. Members in that usergroup are automatically forwarded to a site of your choice.

This way, returning trolls could silently be moved to this usergoup. They would not be able to log out except by clearing cookies.

Logician once created a code that disallowed banned members from logging out.
Reply With Quote
  #310  
Old 04-23-2009, 04:33 AM
Kiros72 Kiros72 is offline
 
Join Date: Apr 2006
Location: Albany, LA - USA
Posts: 215
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Alfa1 View Post
It would be good to have more functions to deal with returning banned members / trolls that keep opening new accounts.

Here's a functionality request / suggestion:

Have a usergoup that is not able to log out. Members in that usergroup are automatically forwarded to a site of your choice.

This way, returning trolls could silently be moved to this usergoup. They would not be able to log out except by clearing cookies.

Logician once created a code that disallowed banned members from logging out.
Hmm, while I do make other modifications (privately), this one modification has a set theme: detecting and preventing multiple accounts. Your suggestion is for a modification that deals with banned users, which is not what this modification is about. If you would like me to create a modification for such a purpose, I'll get around to it when I have the time. It's a good idea, though
Reply With Quote
  #311  
Old 04-23-2009, 07:14 PM
Alfa1's Avatar
Alfa1 Alfa1 is offline
 
Join Date: Dec 2005
Location: Netherlands
Posts: 3,537
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yes, thats true. Such modification would be a wonderful addition to the functionality that the MAD&P is offering.

Please create this modification when you find the time.
Reply With Quote
Reply


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 01:41 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.09558 seconds
  • Memory Usage 2,395KB
  • Queries Executed 26 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)bbcode_php
  • (13)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)modsystem_post
  • (1)navbar
  • (4)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (4)pagenav_pagelink
  • (2)pagenav_pagelinkrel
  • (11)post_thanks_box
  • (3)post_thanks_box_bit
  • (11)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (1)post_thanks_postbit
  • (11)post_thanks_postbit_info
  • (10)postbit
  • (7)postbit_attachment
  • (11)postbit_onlinestatus
  • (11)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • fetch_musername
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • post_thanks_function_fetch_thanks_bit_start
  • post_thanks_function_show_thanks_date_start
  • post_thanks_function_show_thanks_date_end
  • post_thanks_function_fetch_thanks_bit_end
  • post_thanks_function_fetch_post_thanks_template_start
  • post_thanks_function_fetch_post_thanks_template_end
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_attachment
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete