Do you have problems with double accounts? Do you want to efficiently prevent your users from having two or more user accounts in your community? Then the Multihunter is exactly what you are looking for!
The Multihunter automatically checks 7 check routines to see if a user is a potential double account. One check alone provides good protection, but the combination of these makes the Multihunter a unique tool for finding double accounts.
As soon as a new user registers in their community, the wcf stores the IP address of the user. The multihunter now compares whether the IP address of the new member has already been registered in the database.
The IP exam
The IP check checks every time you log in whether the IP you are using has already been used by another user. By default, this check is limited to the last 24 hours, because a new IP address is generated after a new user connects to the Internet.
The Cookie Checker
I.d.R every user on the Internet gets a new IP address every 24 hours. This means that a simple IP check would not be able to find a potential double account. For this reason there is the Cookie check, which checks with each login whether the browser has already logged in from a user account.
The Super Cookie/Flash Cookie Check
Similar to the "cookie check", the "super cookie check" stores a cookie on the user's PC to find a double account. The difference to the normal "cookie check" is that this check works across browsers (e.g. IE to Firefox). The only exception at this point is the Google Chrome browser, since it comes with its own Flash Player. Note: Flash is automatically executed natively on a small number of browsers and will disappear into the Internet's history books by the end of 2020.
The Local Storage Check
The LocalStorage check will ultimately set another cookie for the user. Here only no PHP, but HTML5 is used. This innovation of HTML5 almost inevitably resulted in the fifth check routine of the Multihunter.
The Indexed DB Check
In addition to LocalStorages, HTML5 also provided the so-called IndexedDB to store data with the user. The whole thing is actually intended for large amounts of data, but for the sense and purpose of the multihunter this technique is optimal. Thus the seventh check of the multihunter was created to make it even more difficult for double accounts.
The Canvas Examination
Canvas fingerprinting is seen as a "non-erasable cookie successor". Canvas Fingerprinting takes advantage of the effect that the display of text on canvas elements varies depending on the operating system, browser, graphics card, graphics driver, and installed fonts. To create a specific fingerprint for the page visitor at the time the page is viewed, a hidden text is passed to the browser for display. This fingerprint is always the same unless the operating system, browser, graphics card, etc. is changed. This method makes it possible to determine with relatively high accuracy whether the user is the same or not.
advantage: In contrast to all other checks, the database (e.g. cookies) cannot be deleted.
disadvantage: It is possible that there are users with the same operating system, browser, video card, video driver and installed fonts. Depending on the size of the community, this probability increases. However, it is assumed that this topic is about 90% accurate. A closer look does not harm as always.
The unique "User String"
In version 1 of the multihunter, only the user ID was stored in the cookie. Thus there were many a bad guy who falsified this entry and blamed the double account on another user. In version 2 of the Multihunter, this problem no longer exists. Each user receives a unique "user string", which is stored in the respective cookie or super cookie. This makes it almost impossible to blame an innocent user for a double account!
The powerful search
True to the motto that almost every browser is identifiable, the Multihunter offers a comprehensive possibility to search the collected data sets. You want to know who is surfing in your community with a Windows 8 operating system in Firefox version 15.3 and who has installed the Norwegian language? Find this user again, even if he has deleted a new IP address and his cookies!
Unknown data were yesterday
So far, if the multihunter has stored a user with unknown data, these were reported as unknown in the log entry until the end of the time. Through a new update routine, unknown records are automatically updated to the current state.
Not every user has bad ulterior motives. Therefore the multihunter gives you the possibility to whitelist user pairs (these user pairs are only allowed in these accounts) or to specify users who are allowed in each account. In addition, there is the possibility to define users who are allowed into each account, to define individual IP addresses and IP ranges that are not checked, as well as a provider whitelist that is also not alerted. You want to inform your users about the inclusion in the Whitelust? No problem, because the multihunter also provides you with an option for this.
You trust the multihunter through and through? Have every find blocked immediately. If you don't trust one of the four multi-tests, switch off the corresponding test for the car lock. You want to give your users the opportunity to explain themselves, because it could have been the brother or uncle who was at the respective computer? Give them a time limit until which they are automatically blocked. And as if all that wasn't enough for a simple car lock, you can even enter a text in the ACP that will be displayed as a lock reason, as well as a hint text for recognized double accounts why they will soon be locked automatically.
Double account application
Give your users the opportunity to contact them directly via a suitable form that they plan to use their community with two or more people. This way they save themselves unnecessary searching in advance and offer their users a simple and easy way to sign up for their whitelist!
messages from Trashmails/disposable addresses
A separate database is used to recognize trash mails in order to give them a further indication as to whether a user is a double account. Through a simple but very efficient API every administrator can make sure that the list grows fast. "Share what you have" is the motto here. You enter something, the data will be sent to me via e-mail (can be deactivated via ACP) and I can make your knowledge available to other administrators.
However, I would like to say most emphatically that trash mails also have their right to exist in the age of spam!
Adjustment possibilities in ACP
- Global shutdown of the multihunter
- Set a cookie name for the cookie or super cookie check
- Set a cookie name for the cookie or super cookie check
- Set each test routine automatically to
- The storage of different data can be turned off
- Send me browser data, which the multihunter doesn't know yet, automatically by e-mail to make the plugin even more efficient (by default this option is Deactivated!). There will be no personal data of the users sent, only language codes or the UserAgent string of a user!)
- Choose from 3 IP localization services
- Notification interval of the Multihunter notifications
- "Double account request" can be deactivated
- Set which user group is to receive the warning messages
- Which user group should be able to see the profile boxes, about possible double accounts and the last log entries?
- which user group should be able to see the profile boxes?
- Who is allowed to see the log entries in the ACP?
- Which administrators are allowed to edit the whitelist?
What this plugin not cann
The plugin will not be able to tell if an avoidable double account is one person or really 2 different people. At this point you are still asked as administrator. The Multihunter will always be just a tool that gives you tips where you should take a closer look. Also keep in mind at all times that any user can overcome any technical hurdle.
However, here the crucial question arises: Who has more stamina? A person who has to eliminate every trace with every login or a multihunter?
The product offered here can be operated in WoltLab Suite Core 5.2 (WSC 5.2).
Support for all my products can be found on YoureCom.de. This enables me to process all my customers' requests in a bundled and timely manner. Please understand that requests coming from other sources cannot be processed.
None of my products has a visible copyright notice that you or your users would be annoyed about. Only the source code contains the usual information which will not bother you or your users.
If you still have open questions, you can always open a new topic in my forum in the category "Questions before buying" and I will try to answer everything to your satisfaction so that even the last uncertainties can be resolved.
- 585.73 kB
- 3 Downloads
Fixes a bug related to PHP 7.4
Fixes a bug related to whitelist notifications
New user group right to deactivate/activate the profile tab "last log-in bearer" also for the owner
Version 5.2.0 pl 2
- 83.2 kB
- 16 Downloads
Fixes a bug that could happen when updating to WSC 5.2
Fehler bei Installation
- 5.2.0 pl 2
Hallo, ich habe das Forum von 3.1 auf 5.2 geupdatet und mir dazu nun auch das neue Plugin für 5.2 gekauft. Leider hängt die installation bei 4% fest und die Webseite bekommt ein Error, bis ich das fehlerhafte Plugin wieder deinstalliert habe. Gibt es dazu schon Infos?
Reply from Marcel Beckers ():
Support zu allen meinen Produkten finden sie auf YoureCom.de. Dies ermöglicht es mir, alle Anliegen meiner Kunden gebündelt und zeitnah bearbeiten zu können. Bitte haben Sie Verständnis dafür, dass Anfragen, die über andere Quellen kommen, nicht bearbeitet werden können.