Theme editor



Advanced Traffic Statistics: Live Radar, WAF & AI Security

addon 2.x Advanced Traffic Statistics: Live Radar, WAF & AI Security 1.8.9

No permission to download
In this update, we've introduced an experimental active defense feature (the Honeypot Trap), a significant hardening of the bot verification engine, and a structural fix that attempts to make the add-on compatible with XenForo Cloud by restoring GeoIP resolution on every hosting environment.

NEW — Bot Honeypot Trap

The add-on can now actively hunt bad bots instead of just watching them.

  • Invisible trap link — When enabled, an invisible link is injected into your page footer. Legitimate crawlers (Googlebot, Bingbot, etc.) ignore it thanks to rel="nofollow" and robots.txt; aggressive scrapers that follow every link fall straight into the trap.
  • Instant application-level ban — Any bot caught by the trap is immediately flagged and banned: every subsequent request from that IP receives a 403 Forbidden for a configurable duration (default 60 minutes).
  • Works everywhere, zero configuration — The ban engine uses the XenForo object cache when available (Redis, APCu, Memcached) and transparently falls back to a database check otherwise. It works out of the box on shared hosting and on XenForo Cloud. No server configuration required.
  • Safe by design — Registered users and whitelisted IPs can never be trapped, even if they open the trap URL directly.
  • New Honeypot dashboard panel — A dedicated panel on the statistics page shows bots caught today, catches over the last 7 days, currently active bans, and a live table of the most recent catches with IP, country, ban expiry and hit count.
  • Two new options: Enable Bot Honeypot Trap and Honeypot ban duration (minutes).

Important: after enabling the trap, add this line to your robots.txt so well-behaved crawlers stay clear of it:
Code:
Disallow: /statistiche/Basic/trap
Disallow: /statistiche/trap


And if you want to test the trap yourself, do it from a different IP (e.g. your phone on mobile data) or add your own IP to the whitelist first — otherwise you will lock yourself out for the configured ban duration. The trap makes no exceptions for admins browsing as guests. That's the point.

HARDENED — Bot verification engine

  • Full FCrDNS verification — Spoofed-bot detection now performs Forward-Confirmed reverse DNS: after the reverse lookup, a forward lookup confirms the hostname actually resolves back to the visiting IP. This closes a known technique where attackers set a fake PTR record (e.g. ending in .googlebot.com) to impersonate legitimate crawlers. Verification results are cached for 24 hours, so there is no performance impact.
  • CIDR support in the IP whitelist — The whitelist now accepts full network ranges in CIDR notation, both IPv4 and IPv6 (e.g. 192.168.0.0/16 or 2a06:98c0::/29), alongside single IPs. Perfect for whitelisting Cloudflare or your office network in one line.

FIXED — XenForo Cloud compatibility & GeoIP

  • The bundled MaxMind GeoIP library is now registered through XenForo's native composer autoload system (composer_autoload directive). This resolves the "may not be compatible with XenForo Cloud" error some Cloud users experienced during installation.
  • As a direct consequence, GeoIP country resolution now works on every hosting environment, with no PECL extension required. If your visitor countries were showing as "??", they will start resolving correctly after this update.

PERFORMANCE & RELIABILITY

  • Blocked-traffic statistics now use a dedicated indexed column instead of text pattern matching. Dashboard, widget, threat map and daily reports are noticeably faster on large boards (the upgrade migrates existing data automatically — no action needed).
  • The "View Live Traffic Radar" permission is now correctly registered: moderators and other user groups granted the permission can access the radar as intended. Note: after upgrading, please re-check this permission in your user groups, as it may need to be re-assigned.
  • The threat map no longer alters the global PHP timezone, avoiding potential side effects with other add-ons.

SECURITY

  • CSV exports are now hardened against CSV/formula injection when opened in Excel or other spreadsheet applications.
  • The AI report API key is now sent via HTTP header instead of the request URL, so it can no longer appear in server or error logs.

Upgrade notes

  1. Upload the files and run the upgrade from the Add-ons page as usual. Database changes are applied automatically and the upgrade is safe to run on live boards.
  2. Re-check the "View Live Traffic Radar" permission for your staff user groups.
  3. If you enable the new Honeypot Trap: add the robots.txt line above, and whitelist your own IP before testing.

As always, thanks to everyone reporting issues and suggesting features — the Cloud compatibility fix in particular came directly from your reports. If you run into anything, post here or reach out via the support contact.

Enjoy the hunt. 🕷️
Minor bug fixes and compatibility with xenforo 2.3.11
This release brings a massive upgrade to our AI Radar's detection capabilities against modern headless scrapers, along with a critical fix for the geolocation system.

A special thanks to the community (especially user Walter) for the deep code review and invaluable suggestions that made this update possible.

🛡️ SECURITY UPDATES (PRO)
  • Advanced Spoofing Detection: Modern scrapers often fake Google Chrome User Agents to bypass standard security. The Radar AI now checks for HTTP_SEC_CH_UA (Client Hints). If a bot claims to be Chrome but fails to provide valid Client Hints, its Trust Score is instantly destroyed, and it gets blocked.
  • Lazy Scraper Penalty: Added severe Trust Score penalties (-90) for requests with completely empty User Agents, instantly blocking low-effort CLI scripts.
  • Outdated Browser Trap: Requests claiming to be very old versions of Chrome (pre-v110) are now heavily penalized, as these are typical signatures of unmaintained scraping libraries.
🛠️ FIXES & IMPROVEMENTS
  • GeoIP Dependency Fix: Fixed a silent bug where the MaxMind GeoIP reader class was missing from the package. The add-on now natively includes the required Composer library (maxmind-db/reader). Geolocation and country flags will now work instantly and out-of-the-box for all servers, including shared and cloud hosting environments, without requiring manual Composer installations.
This is a targeted maintenance release focusing on the AI Daily Security Report system, ensuring perfect synchronization with your community's local settings.

🛠️ FIXES & IMPROVEMENTS

  • Timezone Synchronization Fix: Resolved an edge-case bug where the date of the AI Daily Report could misalign (shift by one day) depending on the server's UTC time versus the forum's local timezone. The report now accurately reflects the exact 24-hour period based on the specific timezone set in your XenForo options.
  • Native Date Localization: The AI Report no longer uses a hardcoded international date format (YYYY-MM-DD). It now intelligently reads your XenForo Language settings and natively formats the dates inside the generated report according to your community's specific locale preferences.
  • UI Clean-up: Removed redundant date headers in the generated threads for a cleaner, more professional look.
This release focuses on significantly expanding the Radar's ability to recognize the newest web crawlers, particularly those related to AI training, while improving overall add-on stability.

🛡️ SECURITY & DETECTION ENHANCEMENTS
  • Massive Bot Definitions Update: Added over 40 new signatures to the default configurations. The Live Radar can now flawlessly detect and categorize the latest AI data scrapers (such as GPTBot, ClaudeBot, OAI-SearchBot, Bytespider), modern SEO scanners, and network vulnerability bots (like Nuclei or Zgrab).
  • Enhanced Anti-Spoofing: Expanded the DNS verification map. The system will now actively block malicious connections attempting to spoof legitimate AI models or search engine bots.
🛠️ FIXES & IMPROVEMENTS
  • Known Bugs Fixed: Applied various under-the-hood optimizations and resolved minor known bugs in the traffic to ensure maximum stability and zero interruptions during the page load process.

⚠️ IMPORTANT NOTE FOR UPGRADING USERS Because XenForo safely preserves your custom option values during an upgrade, the new bot signatures will not automatically overwrite your existing lists. To take full advantage of the updated AI/Bot detection, please manually copy and paste the new lists below into your add-on options:
  1. Navigate to Admin CP > Setup > Options > Advanced Traffic Statistics.
  2. Replace your existing lists with the ones below.
  3. Save the changes.
Good Bots List:
Code:
Googlebot
Bing
Yahoo
DuckDuckGo
Yandex
Baidu
Sogou
Exabot
Applebot
Samsung
Huawei
Miui
Facebook
WhatsApp
Telegram
Twitter
Pinterest
Discord
LinkedIn
Skype
Viber
Snapchat
Slackbot
Mastodon
Cloudflare
Uptime
Pingdom
StatusCake
PayPal
Stripe
Google-Read-Aloud
AdsBot-Google
Google-Site-Verification
AppleNewsBot



AI / Scraper Bots List:
Code:
GPTBot
ChatGPT
ChatGPT-User
OAI-SearchBot
Claude
ClaudeBot
Anthropic
CommonCrawl
CCBot
Bytespider
Diffbot
Imagesift
Perplexity
YouBot
Omgili
Google-Extended
GoogleOther
Applebot-Extended
Amazonbot
FacebookBot
meta-externalagent
meta-externalfetch
cohere-ai
magpie-crawler



Bad / Junk Bots List:
Code:
AhrefsBot
SemrushBot
MJ12bot
DotBot
PetalBot
MegaIndex
BLEXBot
DataForSeoBot
SerpstatBot
ZoominfoBot
Ubervac
Barkrowler
Buck
SMTBot
TraceMyFile
LinkpadBot
ExtLinksBot
ltx71
NetSystemsResearch
Shodan
CensysInspect
python-requests
curl/
Wget/
libwww-perl
Go-http-client
Java/
Scrapy
GuzzleHttp
okhttp
aiohttp
PostmanRuntime
sqlmap
Nikto
Havij
Netsparker
OpenVAS
Nmap
Nuclei
Zgrab
DirBuster
Hydra
Masscan
w3af
IbouBot
trendictionbot
VelenPublicWebCrawler
BitSightBot
HeadlessChrome
BurpSuite



Anti-Spoofing: Verified Bot Map:
Code:
Googlebot : .googlebot.com, .google.com
bingbot : .search.msn.com, .microsoft.com
Yahoo : .crawl.yahoo.net
Yandex : .yandex.com, .yandex.ru, .yandex.net
Baidu : .baidu.com, .baidu.jp
DuckDuckGo : .duckduckgo.com, .search.msn.com, .microsoft.com
DuckDuckBot : .duckduckgo.com, .search.msn.com, .microsoft.com
Applebot : .apple.com, .apple-dns.net
Amazon : .amazon.com, .amazonaws.com
Twitter : .twitter.com, .twttr.com
Pinterest : .pinterest.com
LinkedIn : .linkedin.com
PetalBot : .aspiegel.com, .petalsearch.com, .hwclouds-dns.com
GPTBot : .openai.com
ChatGPT-User : .openai.com
OAI-SearchBot : .openai.com
ClaudeBot : .anthropic.com
Bytespider : .bytedance.com
🛠️ FIXES & IMPROVEMENTS
  • 🌍 Improved GeoIP handling (TOR Network):
    • Fixed a bug where visitors originating from the TOR network (via Cloudflare's "T1" code) would display a broken image instead of a flag.
    • These connections are now correctly mapped to the default "Unknown" icon to maintain a clean UI.
  • 💾 Database Compatibility (MySQL Fix):
    • Fixed a critical installation error (MySQL query error 3988) that occurred on servers with older database collations.
    • Replaced special graphical characters (█) in the phrase system with standard compatible characters (#) to ensure a smooth installation and upgrade process for all users.
  • ⚙️ Versioning:
    • Add-on core updated to version 1.8.3.
✨ NEW KEY FEATURES

🤖 AI Security Analyst (AI Radar)

Automated Daily Reports: Every night at 12:30 AM (UTC), the add-on collects the day's traffic data (humans, legitimate bots, blocked threats) and securely sends it to the AI (based on Google Gemini 2.5 Flash).

Advanced Forensic Analysis: The AI doesn't simply summarize the numbers; it thoroughly examines a sample of the last 200 connections to uncover suspicious patterns, aggressive scraping bots (e.g., HeadlessChrome), unauthorized AI training attempts (e.g., ChatGPT bots), and spoofed user agents.

Intelligent Monthly Log: The AI automatically publishes the report in a private staff room of your choice. The system is intelligent: it creates a single thread for each month (e.g., "Security Log - 03/2026") and appends the daily reports as replies, keeping the forum clean and tidy.

Note: This feature is disabled by default and can be configured using the new options in the admin panel (requires a free Google AI Studio API key). (PRO feature)

NOTE: AI prompts and generated thread titles are managed through XenForo's native Phrase system. This allows the report to be instantly translated into any language simply by editing the phrase from the Admin panel (the AI will automatically respond in the requested language).

🛡️ "Hard Drop" Anti-DDoS and Anti-Scraping System

A new active security mechanism has been introduced. Connections classified as serious threats are no longer simply ignored or logged; they are now "hard dropped" at the server level. This significantly reduces database load and protects the forum from resource overload. (New feature available in options)

Query Optimization: Improved daily traffic extraction queries to support high-traffic forums without impacting Cron load times.

Fixed a minor bug that caused incorrect text to appear in the 7-day chart in the widget and in the Pro user-only stats
Hello everyone!We are incredibly proud to announce the release of Advanced Traffic Statistics 1.8.1, nicknamed "The Hunter".

This update focuses heavily on real-time threat unmasking, database performance for Large Boards, and giving you more control over your Live Radar.

🔥 What's New in 1.8.1:

  • [Added] Smart Signature Extractor: The Live Radar now features a dynamic algorithm that unmasks advanced bots and scrapers (such as HeadlessChrome or AI crawlers) hiding behind fake browser data. "Unknown Bots" are now a thing of the past!
  • [Added] Interactive Radar Filters: We've introduced a new dropdown menu right above the Live Radar. You can now filter real-time traffic on the fly (Humans Only, Bots Only, Blocked, or Spoofed) and adjust the display limit (up to 500 rows to ensure optimal server performance).
  • [Optimized] 504 Timeout Fix for Large Boards: The default IP log retention has been safely reduced from 30 to 7 days. This drastically cuts down database bloat, resulting in lightning-fast dashboard loading times and entirely preventing 504 Server Timeouts on high-traffic forums.
  • [Fixed] Chart Accuracy: Spoofed bots (fake Googlebots, etc.) are now instantly stripped of their disguises and correctly excluded from the "Good Bots" charts.
  • [Fixed] CSV Export: The CSV export tool has been completely rewritten to perfectly match the new Smart Radar logic and formatting.
🏆 The "Hunter" Community Challenge!Now that the Radar is smarter than ever, we want to see it in action!Install the 1.8.1 update, let it run, and share a screenshot of your Live Radar catching a sneaky bot or a blocked threat in the discussion thread. Let's see who catches the worst offender!

Thank you all for your continuous feedback and support. Update now and secure your board!
This major update focuses heavily on Privacy (GDPR compliance), system stability, and giving you more control over your data. We highly recommend all users upgrade to this version.

What's New in 1.8.0:

  • [Privacy & GDPR] 100% Local Assets (No CDN): We have moved all external resources locally! The Interactive Map libraries (ECharts) and all country flag icons (SVGs) are now hosted directly on your server. The add-on makes zero external CDN requests, guaranteeing absolute privacy for your visitors and making your dashboard load instantly even if external networks go down.
  • [Fix & Stability] Strict UTF-8 DB Enforcement: Fixed a critical MySQL query error [1366] caused by aggressive bots (e.g., Baidu) injecting malformed or non-UTF-8 characters into the User-Agent strings. The traffic logger now strictly sanitizes and enforces UTF-8 encoding on all incoming data before it hits your database, preventing query crashes.
  • [Fix] Map Visibility Bug: Fixed a logic issue where the interactive map was not displaying for registered members and guests even when the correct viewing permissions were enabled.

Important Upgrade Note: Because we have added new local image and script directories, please make sure you upload the entire contents of the new styles/statistiche folder to your server to ensure the map and flags display correctly.
This update focuses on resolving some visual issues, fixing a few bugs, and introducing a new control for managing public features. We recommend all users upgrade to this version.

Changelog / Release Notes:
  • Added: New option in the admin panel settings that allows you to set a specific permission for viewing the interactive map.
  • Fixed: Fixed the layout for the full-screen page when using the forum's light style.
  • Fixed: Corrected and improved some translation strings.
As always, before proceeding with the update, we highly recommend performing a full backup of your forum.

For any issues or bug reports, please do not hesitate to contact us or reply directly to this thread.


Back
Top Bottom