Add-Ons [XTR] IP Threat Monitor 1.0.15

[Offical]

A new update is available for [XTR] IP Threat Monitor by Offical.

[XTR] IP Threat Monitor 1.0.15​

Update highlights​

This is a critical maintenance update highly recommended for all users, especially those with busy forums.

Highlights:

• Database Scalability Fix: We identified a limitation in XenForo's native SimpleCache system where storing thousands of VPN check results caused a "Data too long" database error on high-traffic sites. We have refactored the caching logic to separate these high-volume records into our own CacheManager system. This ensures your site runs smoothly regardless of how many IPs are being monitored.
• New Maintenance Tool: A new tool in the Admin Panel allows you to specifically clear the VPN check cache. This is useful if you want to re-check previously scanned IPs against the API without clearing your entire log history.
• Reliability Improvements: Fixed a typo in the iCloud Private Relay logic to ensure Apple users are correctly identified and not blocked when exemptions are enabled.

No database schema changes are required. Safe to upgrade on production environments.

Complete Change Log​

• Critical Fix: Resolved MySQL query error [1406]: Data too long for column 'data_value'. This issue occurred on high-traffic sites because XenForo's SimpleCache stores all data in a single database row, which overflowed with thousands of IP check records. VPN/Proxy check results are now securely stored using the add-on's efficient CacheManager (Redis/APCu/File) instead.
• New Feature: Added "Clear VPN Check Cache" option to the Monitor Dashboard > Prune / Clear Logs page. Admins can now easily flush cached VPN/Proxy results to force re-validation of IPs without needing database queries.
• Bug Fix: Fixed a variable typo ($ip vs $ipAddress) in the Apple iCloud Private Relay detection service that potentially hindered correct identification.
• Technical: Optimized cache handling: Global API health status remains in SimpleCache for persistence, while high-volume per-IP validation data is moved to CacheManager for scalability.

Read more about this product...

 

[Mike1706]

Hello

I have a question (IP Threat Monitor v1.0.15) installed.

I've noticed that certain IP addresses from China aren't being blocked, even though China (CN) is on the country blocklist.
Specifically, the IP block 116.179.* seems to be getting through. Would it be possible to extend IP Thread
Monitor to allow admins to add additional blocked IP blocks like this to prevent unwanted IP addresses from
getting through?

Thank you for your work!

 

[XenTR]

Hi,

Thank you for your question. Let me explain why this might be happening and what options you have:

Why some China IPs might not be blocked:

Country blocking in IP Threat Monitor works through the ProxyCheck.io API, which identifies the country of each IP address. For this to work, you need:

1. VPN/Proxy Detection → Must be Enabled
2. VPN API Key → A valid ProxyCheck.io API key must be entered
3. VPN Check Mode → Set to "First Visit" (this checks every new IP immediately)

If any of these are not configured, the country blocking won't work because we can't identify the IP's country without making an API call.

Please verify your settings:
- Go to Admin CP → Options → IP Threat Monitor
- Make sure "VPN/Proxy Detection" is ON
- Make sure you have a valid "VPN API Key"
- Set "VPN Check Mode" to "First Visit"

Regarding your feature request:

You're right - currently there's no option to manually block specific IP ranges. This is a good feature request! In the meantime, you have two workarounds:

1. Use ASN Blocking: The IP range `116.179.*` belongs to an ASN. You can find the ASN at [bgp.he.net](https://bgp.he.net/ip/116.179.32.1) and add it to "Blocked ASNs" in the options.

2. Manual Blacklist: In the Monitor Dashboard, you can search for specific IPs and manually blacklist them.

We'll consider adding an "IP Range Blocking" option in a future update.