APG vNext 5.1 brings new features and improvements to help you build a better online community. This release is available for all license holders.
Release Highlights
- New and improved features as detailed in the community announcement
- Performance and stability fixes based on user-reported issues
- Enhanced mobile and responsive design improvements
- Admin panel usability refinements
Upgrading to 5.1
Existing users can upgrade by following the standard upgrade procedure. This release is a drop-in upgrade for users on the previous minor version.
Download
Download the latest version of APG vNext from the download page. Registered users can access the member download area for the full release package.
Deep Dive: Akismet Spam Filtering in APG vNext 5.1
This discussion thread covers the technical implementation details of the Akismet integration introduced in APG vNext 5.1. For communities that were previously relying on manual moderation queues or IP blocklists, Akismet's machine-learning-based classifier is a significant improvement in both accuracy and operational cost.
False Positive Handling
No spam filter is perfect. Akismet occasionally flags legitimate posts — particularly posts from new members with no account history, posts containing URLs, or posts in non-English languages. APG vNext 5.1 handles false positives through the moderation queue:
- Moderators see spam-held posts in Admin Panel → Moderation → Spam Queue
- Approving a held post automatically reports it to Akismet as a false positive, training the model
- Members can be whitelisted by trust level — set "Skip Akismet for members with 10+ posts" in the anti-spam settings to reduce false positives for established contributors
<!-- Trust level exemption configuration -->
<appSettings>
<add key="APG.Akismet.TrustAfterPosts" value="10" />
<add key="APG.Akismet.TrustAfterDays" value="30" />
<add key="APG.Akismet.SkipAdmins" value="true" />
</appSettings>
Monitoring Spam Activity
The spam log (Admin Panel → Reports → Spam Log) shows every Akismet decision with the post excerpt, IP address, Akismet confidence score, and final action taken. Use this log to:
- Identify IP ranges generating high spam volume — add to IP blocklist to save Akismet API quota
- Spot false positive patterns — if legitimate posts from a specific forum are being flagged, whitelist that forum from Akismet scanning
- Track spam trends over time — a spike in spam attempts often precedes a brute-force registration attack
APG vNext 5.1 API Improvements — Technical Details
The REST API in 5.1 moved from a session-cookie authentication model to stateless API key headers, making it suitable for server-to-server integrations where maintaining a session is impractical.
Authentication Header Format
// All API requests require this header:
X-APG-ApiKey: apg_live_xxxxxxxxxxxxxxxxxxxxx
// Optional: specify response format
Accept: application/json
// Rate limit headers returned on each response:
X-RateLimit-Limit: 1000
X-RateLimit-Remaining: 987
X-RateLimit-Reset: 1719792000
Webhook Support (New in 5.1)
APG vNext 5.1 added outbound webhook support, allowing your forum to notify external services when specific events occur:
- New thread created → notify Slack channel or Discord
- New member registered → add to CRM or email list
- Post flagged as spam → alert moderation team in real time
Configure webhooks in Admin Panel → API → Webhooks. Each webhook accepts a URL, secret key for HMAC signature verification, and an event filter.
Configuring Akismet for Best Accuracy
Akismet accuracy depends heavily on the quality of data you send with each check. APG vNext 5.1 automatically sends the member's IP address, user agent, email, username, and post content. However, you can improve accuracy by ensuring these optional fields are also populated:
<!-- Enable full context submission to Akismet for better accuracy -->
<add key="APG.Akismet.SubmitUserIP" value="true" />
<add key="APG.Akismet.SubmitUserAgent" value="true" />
<add key="APG.Akismet.SubmitReferrer" value="true" />
<add key="APG.Akismet.SubmitPostType" value="forum-post" />
<add key="APG.Akismet.BlogURL" value="https://yourforum.com" />
Handling High-Volume Spam Registration Attacks
Akismet checks posts after registration — it does not block registrations themselves. For forums experiencing high-volume fake registrations, complement Akismet with these registration-level defences:
- Email verification: Require verified email before posting. New accounts cannot post until they click the verification link.
- DNSBL check: Check the registrant's IP against a DNS-based blocklist like Spamhaus during registration. APG vNext supports this via the
APG.Registration.DNSBLEnabledsetting. - Honeypot field: APG vNext 5.1 includes a hidden registration field invisible to humans but often filled by bots. Enable with
APG.Registration.HoneypotEnabled=true. - First-post moderation: Queue all posts from accounts with fewer than 5 posts for moderator approval, regardless of Akismet result.
<!-- Defence-in-depth anti-spam stack -->
<add key="APG.Registration.EmailVerification" value="true" />
<add key="APG.Registration.DNSBLEnabled" value="true" />
<add key="APG.Registration.HoneypotEnabled" value="true" />
<add key="APG.AntiSpam.FirstPostQueue" value="5" />
<!-- Queue new member posts until they have 5+ approved posts -->
Akismet API Key Usage and Quota
The Akismet free tier allows 5,000 API calls per month. For active communities, this can be exhausted quickly if every post is checked. Use the trust-level exemption settings (above) to skip Akismet for established members. Paid Akismet plans starting at $10/month remove the quota entirely and are recommended for any forum receiving more than 200 posts per day.
-- Monitor daily Akismet API call volume from your spam log:
SELECT CAST(CheckedAt AS DATE) AS CheckDate,
COUNT(*) AS AkismetCalls,
SUM(CASE WHEN IsSpam = 1 THEN 1 ELSE 0 END) AS SpamDetected,
SUM(CASE WHEN IsSpam = 0 THEN 1 ELSE 0 END) AS HamPassed
FROM apg_SpamLog
WHERE CheckedAt > DATEADD(DAY, -30, GETDATE())
GROUP BY CAST(CheckedAt AS DATE)
ORDER BY CheckDate DESC;
Related Resources
Looking for more help? Browse the support forum or check the Knowledge Base.