Add-Ons [XTR] IP Threat Monitor 1.0.30

Sort by date Sort by reactions
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.8

Update highlights​

This update focuses on better data visualization, smarter false-positive prevention, and easy data management features requested by the community.
Highlights:
  • Smart Mobile Protection: Introduced a "Allow Legitimate Network Types" option. This intelligent filter prevents false positives for users on mobile networks (CGNAT) or residential connections, ensuring genuine visitors are not blocked.
  • Top Threat Countries: A new dashboard widget now visualizes the top 5 countries generating the most threat logs.
  • Data Pruning System: You can now easily wipe old logs, clear blacklist/blocked lists, or reset all data with a single click using the new "Prune" tool in the dashboard.
  • Visual Improvements: Country flags are now displayed across all IP lists (Blocked, Blacklisted, Logs) for better identification at a glance.


Complete Change Log​

  • [New] Added "Prune / Clear Logs" tool to Admin Dashboard for easy database cleanup.
  • [New] Added "Top Threat Countries" widget to the main Dashboard.
  • [New] Added "Allow Legitimate Network Types" option to prevent blocking Wireless, Residential, and Business IPs.
  • [Update] Added country flags to Blocked, Blacklisted, and Log List views for better visual identification.
  • [Update] Dashboard navigation now includes a shortcut for the Prune tool.
  • [Update] Improved database structure for better geo-analytics.
  • [Fix] Resolved an issue where country flags were not updating correctly in some detection modes.
Note: Country flags and geo-stats require an active VPN/Proxy detection setting and a valid API key. Data will populate for new visitors after the update.


Read more about this product...
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.9

Update highlights​

This update focuses on improving stability and refining the user experience. With critical fixes to the installation infrastructure, we ensure the add-on runs smoothly in all environments.

Highlights:
  • Robust Installation: Eliminated potential issues with database schema creation during fresh installs and upgrades.
  • Full Multi-Language Support: The "Test Configuration" page in the Admin CP is now fully phrased and translatable. Hard-coded text has been removed.
  • Smarter Diagnostics: The system self-test tool now intelligently analyzes your server configuration, preventing false positives regarding cache settings.

We recommend all users upgrade to this version.


Complete Change Log​

  • [Fix] Resolved an issue where the xentr_ipt_country column was not being created in the xf_user table during fresh installations (Fixed step ordering in Setup.php).
  • [Fix] Fixed the Cache Logic in "Test Configuration" page where "Direct DB Mode" (when Redis/APCu is unavailable) was incorrectly reported as a failure. It is now recognized as a valid passing state.
  • [Fix] Corrected a layout alignment issue with status icons in the admin test results.
  • [Refactor] Replaced all hard-coded strings in the "Test Configuration" page with XenForo phrases, ensuring full multi-language support.


Read more about this product...
 
Hello

That's me again. Added yesterday the v1.0.9....

And again... and that's since v1.0.4.. in my eviroment (XF v2.37), no querries were made to proxycheck.io anymore! Stays at zero for the day.

Last "working" version for me was the v1.0.3 with daily statistics and querries with proxycheck.io. Then it seems all other features since version 1.0.3 will also not work, even though the test passed 100%. Consequently, the country flags will also not be displayed because no further entries are being made. I've already tried everything here. Reinstalling, updating from v1.0.3, always with the same result.

Dear Guests, welcome! Please, Log in or Register to view hide content!

Dear Guests, welcome! Please, Log in or Register to view hide content!

Dear Guests, welcome! Please, Log in or Register to view hide content!

Dear Guests, welcome! Please, Log in or Register to view hide content!

Dear Guests, welcome! Please, Log in or Register to view hide content!
 
Hello,

We have investigated your report. The situation you are experiencing is not a bug, but rather the intended design of the "Moderate" and "Aggressive" protection modes, which are built specifically to conserve your API quota.

In these modes, the add-on only queries proxycheck.io for users who exceed rate limits or exhibit suspicious behavior. Since normal visitors are not queried, your API quota is saved; consequently, however, country data (flags) cannot be retrieved for these clean visitors.

If you wish to see country flags for all visitors, even in "Moderate" mode, the add-on must check every new visitor via the API at least once (without necessarily blocking them). Technically, the add-on is capable of this.

However, please be aware that enabling this behavior (showing flags for everyone) will increase your proxycheck.io API usage, as 1 query will be consumed for every unique visitor to your site.

We are using version 1.0.9.
Result

Dear Guests, welcome! Please, Log in or Register to view hide content!


Best regards.
 
Ah understand! OK.. So if a want more details about any visitor I have to change that to "first visit"? With the result, that I have to switch to a monthly payed account at proxycheck.io because of the more querries?

That would ok for me. So getting this information with your tool the only thing is to switch to first visit?

Thank you for answering!

Mike
 
Hello Mike,

You are absolutely correct regarding version 1.0.9; switching to "First Visit" mode would achieve this, as it checks every new IP regardless of threat level.

However, I have great news for you! Based on feedback like yours, we have implemented a specific feature for this exact requirement in our upcoming update (Version 1.0.10), which will be released very shortly.

In version 1.0.10, we have added a new dedicated option called "Check all visitors for country flag".

This is better because:
  • You can keep your protection mode on "Moderate" (to prevent accidental blocking of legitimate users).
  • The add-on will separately check every visitor just to get their country flag.
Regarding API Usage: You are 100% right. Enabling this new option (or using "First Visit" mode) will trigger an API query for every unique visitor once every 24 hours. Depending on your daily traffic, this will increase your query volume and may likely require a paid plan with ProxyCheck.io.

I recommend updating to v1.0.10 when it is released and simply enabling the "Check all visitors for country flag" option in the settings.

Best regards,
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.10

Update highlights​

This comprehensive update brings critical features to the add-on. The most notable addition is the "Flag Display" option, allowing you to show country flags for all visitors even in "Moderate" mode. Additionally, the "Geo-Blocking" feature is now available to block unwanted traffic from specific countries. The "Integrated Diagnostics Tool" has been extensively rewritten and now features,
Management capabilities have been maximized with "Last URL Tracking" and "Smart Prune" features.


Complete Change Log​

  • [New] Check All Visitors: Added "Check all visitors for country flag" option. It is now possible to display country flags for all visitors regardless of the protection mode (Moderate/Aggressive).
  • [New] Geo-Blocking: Added the "Blocked Countries" setting to permanently block all traffic from specified countries (e.g., CN, RU).
  • [New] Integrated Diagnostics Tool (Revamped): Added a completely redesigned diagnostics tool with visual charts and Vanilla JS structure, compliant with XenForo 2.3 standards.
  • [New] Last URL Tracking: Added the ability to see the Last URL and User Agent information of visitors/blocked IPs (via tooltip in Admin Panel).
  • [New] Smart Prune: Introduced an optimized cleaning mode that removes old logs while preserving "Blocked" and "Blacklisted" records.
  • [New] Comment Support: Support for comments using the '#' character has been added to the Blocked ASNs list.
  • [Fix] Fixed a logic error where country/flag checks were skipped for Admins and Trusted users.
  • [Fix] Fixed the "IP address is required" error that occurred when performing actions in Admin Panel IP lists.
  • [Fix] Resolved various database and getter errors in Setup.php and User entity extension.


Read more about this product...
 
Thank you very much for your quick response and your quick updates! Like it very much!

Now the flags were displayed. Changed back to moderate and will see if everything works!

I'm very happy with your tool!

Mike
 
Hello, I don't understand why do I need this addon when I'm already using Cloudflare Free or Pro plan. Can you explain this in your free time? Thanks.
 
decproca said:
Dear Guests, welcome! Please, Log in or Register to view hide content!
Click to expand...
In summary: Cloudflare protects your network, but IP Threat Monitor protects your server resources and database against exhaustion and application-level attacks, ensuring a fast experience for your real users.

Best regards,
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.11

Update highlights​

This maintenance release focuses on stability and better integration with XenForo's alert system.
  • Fixed: Users can now properly view "IP Threat" alerts in their notification list. Previously, these alerts were generated but remained hidden.
  • Fixed: Resolved a server error log triggered when the VPN detection API returned data in an unexpected format. This ensures smoother operation and cleaner logs.


Complete Change Log​

  • Alert Bug Fixed: Resolved an issue where IP Threat alerts were not visible in the alerts popup/list due to missing content handlers. Alerts are now properly integrated into the notification system.
  • API Data Handling: Fixed a server error log (TypeError) caused by unexpected array data formats in the ProxyCheck.io API response for ASN/Provider fields.


Read more about this product...
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.12

Update highlights​

This update brings critical improvements to the VPN detection engine.
  • Smarter Whitelisting: We've refined how the whitelist works for Apple/iCloud users. Previously, a loose check could allow unrelated VPNs to bypass the block if their name contained "Apple". The new logic is much stricter and safer.
  • Stability: Fixed edge cases where API data formats could cause errors on certain server configurations.


Complete Change Log​

  • Improvement: Enhanced the logic for "iCloud Private Relay" detection. The system now uses stricter validation (checking for specific identifiers like "Apple Inc." or "iCloud Private Relay") to prevent false positives where unrelated VPNs with similar names were being whitelisted incorrectly.
  • Fix: Fully resolved the data type mismatch (Array vs String) error when processing API responses, ensuring stability for all network types.


Read more about this product...
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.13

Update highlights​

This is a critical maintenance and stability update that resolves a persistent issue where VPN/Proxy detection would stop working after a period of time.

Highlights:
  • Self-Healing API Mechanism: We identified that XenForo's database-based SimpleCache could cause API error flags to get "stuck," indefinitely disabling VPN checks. We have implemented a new timestamp-based self-healing system. If an API error occurs (timeout, quota limit), the system now automatically recovers and resumes checks after 10-15 minutes without any admin intervention.
  • New Maintenance Tool: Added a "Clear API Cache" option under the Prune Logs page. If you ever suspect the API is stuck, you can clear the health cache manually with one click without uninstalling the add-on.
  • Stability Fixes: Fixed arithmetic errors when comparing IPv4/IPv6 addresses and handled array responses from the API correctly.


Complete Change Log​

  • Critical Fix: Implemented a self-healing mechanism for the API Health Check. The system no longer relies on XenForo's internal cache TTL (which could fail in some environments) but uses explicit timestamp validation to auto-recover from API outages.
  • New Feature: Added "Clear API Cache" option to the Logs > Prune Logs page. This allows admins to manually reset the API status via AJAX without reloading the page.
  • Bug Fix: Fixed ArithmeticError: Bit shift by negative number that occurred when matching IPv4 addresses against IPv6 CIDR ranges (mixed IP version context).
  • Bug Fix: Fixed TypeError: stripos(): Argument #1 ($haystack) must be of type string when handling array responses from ProxyCheck.io (Fixed provider/operator array handling).
  • Improvement: Enhanced iCloud Private Relay detection logic to be stricter, preventing false positives for VPNs containing "Apple" in their name (e.g., "GreenAppleVPN").
  • Improvement: The uninstallation process now performs a deeper cleanup, removing all internal API health and error cache keys to ensure a clean slate upon reinstallation.


Read more about this product...
 
Hello and thank you very much for your work!

One suggestion from me:

You'll remember my proxycheck.io API Request and I switched to a monthly paid at proxycheck.io.

In the settings field, VPN & ASN protection, I've set it here on "First visit"... and added about 140 unwanted countries.

Now I get "only" a 95 % Tests passed... It isn't really a "fault" or faulty setting. It should stay at 100%.... or?

What do you think about it?

Greetz

Mike
 
Mike1706 said:
Dear Guests, welcome! Please, Log in or Register to view hide content!
Click to expand...
Hi Mike,

We agree!

Since paid plans (like the one you use) don't have the API quota limitations of the free tier, marking "First Visit" as a warning was confusing.

We have updated the diagnostic tool in version 1.0.13. It will now correctly mark "First Visit" mode as a valid/green configuration, and your test score will be 100%.

Thanks for the suggestion!
 
Thread owner
A new update is available for [XTR] IP Threat Monitor by Offical.


[XTR] IP Threat Monitor 1.0.14

Update highlights​

This is a critical update that resolves an issue where Apple iCloud Private Relay users were incorrectly blocked as VPNs.

The Problem:
Apple iCloud Private Relay routes traffic through Cloudflare and Akamai infrastructure. When ProxyCheck.io scanned these IPs, it returned provider: Cloudflare instead of provider: Apple. Our previous detection logic searched for "Apple" or "iCloud" in the provider name, which failed to match.

The Solution:
We now use Apple's official IP list directly from
Dear Guests, welcome! Please, Log in or Register to view hide content!
. The add-on:
  1. Downloads Apple's official egress IP ranges
  2. Caches them locally (refreshed every 24 hours)
  3. Checks every VPN-flagged IP against Apple's CIDR ranges
  4. If the IP matches and "Allow iCloud Private Relay" is enabled → never blocked

Recommended Action:
For best results, also enable ProxyCheck.io's built-in whitelist:
  1. Go to ProxyCheck.io Dashboard → Custom Rules
  2. Click "BIG BUSINESS" category
  3. Add the "Allow iCloud Private Relay" rule

This provides two layers of protection — at the API level and at the add-on level.

No database changes. Safe to upgrade on production environments.


Complete Change Log​

  • New Feature: Added Apple iCloud Private Relay IP detection using Apple's official IP list (
    Dear Guests, welcome! Please, Log in or Register to view hide content!
    ). The add-on now downloads and caches Apple's official CIDR ranges (refreshed every 24 hours) and checks VPN-flagged IPs against this list. This ensures iCloud Private Relay users are never blocked, regardless of what ProxyCheck.io reports.
  • Critical Fix: Resolved an issue where iCloud Private Relay IPs were incorrectly blocked even when "Allow iCloud Private Relay" was enabled. The root cause was that Apple routes Private Relay traffic through Cloudflare/Akamai infrastructure, so ProxyCheck.io returned "Cloudflare" as the provider instead of "Apple."
  • New Service: Added ApplePrivateRelayIPs.php service for fetching, caching, and validating Apple's official IP ranges.
  • Improvement: "Clear API Cache" now also clears the Apple Private Relay IP cache, forcing a fresh download of Apple's IP list.
  • Improvement: Enhanced keyword matching for Apple-related providers (added "iCloud", "Apple Computer", AS714, AS6185 as fallback checks).


Read more about this product...
 
Hi,

I am having issues where it looks like Country blocking is not working.

I have it set to block China with CN, however when I look at my analytics and stats, it tells me that China is still my top online active users. This is both under Cloudflare and under my Google Analytics online users in realtime. It is showing 580 online users from China when it should be zero. All the China traffic for my site is malicious junk traffic and I want to eradicate it from hitting any of my stats at all
 
Could you please share details about your current configuration settings? This will allow me to analyze the situation accurately and properly.
 
You must log in or register to reply here.

Users found this thread by following these keywords:

  1. Bing tool
Quick Jump

Legal Notice

As a content provider sharing platform, users of our site at xentr.net are responsible for their own posts, according to Article 8 of Law No. 5651 and Article 125 of the Turkish Penal Code (T.C.K.). All legal complaints regarding XenTR.Net will be reviewed within 3 (three) days after contacting us via the provided contact link, in accordance with the relevant laws and regulations. Necessary actions will be taken, and the site administrators will provide the necessary information.

Currently on our website
115 User Active  (1 member, 114 visitor)
Members online
Threads 4,530
Messages 16,318
Members 1,632
Latest member marcos88
Back
Top