# Admin area

Using the admin interface and managing screening results, settings, and logs.

# Dashboard

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Home** — the operational overview of the module.

![Dashboard — statistics, sanctions sources, mass check, and database tools](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-qpql3fzh.png)

## Statistics cards

| Card | Meaning |
| --- | --- |
| Clients total | All clients in WHMCS. |
| Clients checked | Clients that have at least one screening result. |
| Matches | Clients currently matching sanctions lists — the red alert on top links straight to the filtered list. |
| Clean | Clients checked with no findings. |
| Entries: Canada / EU | Number of sanctions list entries in the local database. |

## Sanctions sources panel

Shows the time of the last list synchronization. **Sync sanctions lists now** downloads the enabled OpenSanctions mirrors immediately (the daily cron does the same automatically).

## Last mass check panel

Shows the last mass check time and the number of checks **pending in the queue**. **Check all clients now** starts a mass check:

- with **Queue the mass check** enabled (default) the clients are added to the queue and the cron processes them within minutes;
- with the queue disabled the check runs in your browser in batches with a progress bar.

## Database panel

**Check database tables** verifies all module tables and creates any missing tables or columns (useful after a module update). It is non-destructive — nothing is ever dropped — and displays a per-table report (`created` / `altered` / `unchanged`).

<!-- sync:ef6e8f096a826eea -->

# Screening results

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Clients** — every client that has been screened, with the full match details.

![Screening results — filters, match details with OpenSanctions links, tickets, verification](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-65j0v28g.png)

## Filters

**All / Matches / Clean / Verified** — one click switches the view. *Matches* is where the daily review happens; *Verified* lists clients an admin has marked as reviewed false-positives.

## Columns

| Column | Meaning |
| --- | --- |
| Client | Name and company, linked to the client profile. |
| Status | `MATCH` (red) / `CLEAN` (green); a green `VERIFIED` badge appears next to it for verified clients (hover it to see who verified and when). |
| Score | The highest match percent (see [How the matching engine works](../06-automation-and-cron/01-matching-engine.md)). |
| Matches | Every matched list entry: source (`ca_dfatd`, `eu_fsf`, `csl:…`, `blocked_country`), matched name, score. The external-link icon opens the **OpenSanctions entity profile** so you can see exactly who the client was compared with. |
| Ticket | The support ticket opened for this match. |
| Checked At | Time of the last check. |

## Row actions

- **Recheck** — re-screens the client immediately (always real time, never queued).
- **Mark as Verified** — appears on matched clients; see [Client profile panel & verification](03-client-profile-panel.md).
- **Remove Verification** — appears on verified clients.

<!-- sync:5b842628f2572e91 -->

# Client profile panel & verification

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


On every admin client page (Summary, Profile, Services, Invoices, …) the module injects a compact panel with the current screening state. Everything on it works via AJAX — no page reloads.

## When the client matches

![Client profile — MATCH badge with the best match, Check Now, Mark as Verified, View All Data](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-vauq9qo1.png)

The panel shows the `MATCH` badge with the number of matches, the **best-scoring matched name with its percent**, a link to the opened ticket, and the check time.

- **Check Now** — re-screens the client immediately; when matches are found, the details modal opens automatically.
- **Mark as Verified** — the false-positive workflow (see below).
- **View All Data** — the full details modal.

## View All Data

![View All Data — status, score, and every match with an OpenSanctions link](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-cxvlfoch.png)

Each local-list match links to its **OpenSanctions entity profile** (aliases, birth dates, sanction programs) — open it to visually confirm whether your client is really the listed person. When Fraud Check is enabled, the same modal also shows the raw FraudRecord / IPQualityScore data.

## Verification (false positives)

A clean client can share a surname with a listed person and would be flagged on every re-check. After reviewing the details, click **Mark as Verified**:

![Client profile — VERIFIED badge next to the match state](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-exqr0odu.png)

A verified client:

- is **skipped by all automatic checks** — cron, mass check, registration, and order triggers;
- gets **no tickets, status changes, or group moves**, even from a manual re-check;
- can still be re-checked manually at any time;
- **loses the verification automatically when the client changes profile data** — the check then runs again in full.

The module records **who** verified the client — first name, last name, login, and email of the admin are stored as a snapshot (not a reference), so the information survives even if the admin account is later deleted:

![View All Data on a verified client — who verified, when, and what it means](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-epkkr2el.png)

**Remove Verification** puts the client back under automatic screening. Every verify/unverify action is written to the module log and the WHMCS activity log.

## Fraud Check on the panel

With Fraud Check enabled the same panel shows the FraudRecord score, IP fraud score, and email leak status with their own **Fraud Check Now** and **Send Report** buttons — see [Configuration → Fraud Check](09-config-fraud-check.md).

<!-- sync:dc1761d78b86b68e -->

# List entries browser

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → List Entries** — everything the module downloaded from the OpenSanctions mirrors, so you can verify what exactly your clients are compared against.

![List Entries — live search, source filter, pagination](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-zrpzorie.png)

- **Search** — live search by name, alias, country code, or entity ID (400 ms debounce).
- **Source filter** — all sources / Canada (DFATD-SEMA) / EU (FSF); the counter on the right shows the total.
- **Columns** — source badge (CA/EU), entity type (Person / Organization / LegalEntity), primary name, aliases (hover for the full list), birth date, countries, and the import time.
- 50 entries per page with Previous/Next paging.

The data refreshes automatically with the daily cron; **Sync sanctions lists now** on the Home page forces an immediate refresh.

<!-- sync:8aa9fc84baa363ee -->

# Log

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Log** — the audit trail of everything the module does (last 500 entries).

![Log — checks, tickets, verification, synchronization, queue](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-iswcgfwv.png)

| Event | Meaning |
| --- | --- |
| `sanctions_check` | A client was screened: context (manual / register / edit / order / mass / cron), result, number of matches, max score. |
| `ticket_opened` | A support ticket was created for a match. |
| `ticket_skipped` | No ticket was created — the reason is spelled out (an earlier ticket is still open, or no department is configured). |
| `ticket_error` | The ticket API call failed — the full response is logged. |
| `whitelisted` / `whitelist_removed` / `whitelist_reset` | Verification set by an admin / removed by an admin / dropped automatically because the client changed profile data. |
| `client_updated` | Status change / group move applied on a match. |
| `list_sync` | Sanctions lists downloaded (per-source entry counts and errors). |
| `mass_check` | A mass check ran or was queued. |
| `queue_processed` | A cron tick processed a portion of the check queue. |
| `check_error` | A queued or batched check failed for one client. |
| `configuration_saved` / `schema_check` | Settings saved / database schema verified. |

Client numbers link to the client profile.

<!-- sync:b5a2da427b6eb6f9 -->

# Configuration — Sanctions sources

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Configuration → Sanctions sources.** All settings are saved with the green **Save Changes** button; only the license key lives in Setup → Addon Modules.

![Sanctions sources tab — local lists, matching engine, CSL API, blocked countries](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-tqxo3shy.png)

## Local lists (OpenSanctions mirrors)

![Local lists — Canada DFATD-SEMA and EU FSF toggles](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-swhdvwff.png)

Official government sanctions lists mirrored by the [OpenSanctions](https://www.opensanctions.org/) project as clean machine-readable files (~2 MB each). No registration or API key required. The files are imported into your database and matching runs **locally** — no client data leaves your server. Synchronized daily by cron.

## Matching engine

![Matching engine — thresholds for the three matching methods](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-prz4xgsf.png)

| Setting | Default | Description |
| --- | --- | --- |
| Full name match threshold | 85% | Similarity of the whole name required to report a match. |
| Enable trigram matching + threshold | on / 65% | 3-letter-chunk comparison, catches typos and letter swaps. |
| Trigram minimum name length | 6 | Trigrams run only when both names have at least this many letters — short names would match randomly. |
| Enable per-word matching + minimum words | on / 1 | Only the **surname** or a **company word** can trigger a match; a first-name-only hit never flags. Minimum 1 flags surname-only matches (with a lower score); 2 requires first + last name. |
| Word similarity threshold | 85% | How similar two words must be to count as a pair (catches Ivanov / Ivanoff). |

The methods are explained in detail in [How the matching engine works](../06-automation-and-cron/01-matching-engine.md).

## US Consolidated Screening List API

![CSL API — key, endpoint, minimum score](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-flgqv9pq.png)

Real-time fuzzy search against 11 US lists (OFAC SDN, BIS Entity List, State Department). Get a free API key at the [ITA API portal](https://api.trade.gov/apps/store/site/pages/sign-up.html); results below **CSL minimum match score** (default 90) are ignored. Client names are sent to trade.gov over HTTPS.

## Blocked countries

![Blocked countries — comma-separated ISO-2 codes](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-a9jjhfeg.png)

Comma-separated ISO-2 country codes (e.g. `RU,BY,IR,KP,SY,CU`). The country from the client profile is compared against this list; a match is reported with score 100.

<!-- sync:4c2ab8a818987684 -->

# Configuration — Check triggers & queue

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Configuration → Check triggers** — when checks run automatically.

![Check triggers tab — triggers, queue, periodic mass check](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-6fqkyfob.png)

## Check triggers

![Triggers — registration, profile update, checkout, and the queue toggle](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-oik0vnz5.png)

| Setting | Description |
| --- | --- |
| Check on client registration | Screen every new client (`ClientAdd`). |
| Check on client profile update | Re-screen when the client changes profile data (`ClientEdit`). This also drops the *Verified* flag — see [verification](03-client-profile-panel.md). |
| Check on order checkout | Screen on every order checkout. |
| **Run trigger checks on the next cron (queue)** | Applies to the three triggers above ONLY. Instead of checking during the client's request — which can be slow and cause timeouts when external APIs are enabled — the client is added to the queue and checked by the cron within a few minutes. **Manual checks always run in real time.** |

## Periodic mass check

![Periodic mass check — frequency, scope, queue, batch size](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-ljf3nhxl.png)

| Setting | Default | Description |
| --- | --- | --- |
| Periodic mass check (cron) | Disabled | Disabled / Daily / Weekly / Monthly re-check of the client base. Sanctions lists change constantly — a weekly or monthly re-check is recommended. |
| Clients to check in mass check | Active only | Active clients only, or all clients. |
| Queue the mass check | **on** | The mass check (Home-page button and the schedule) adds clients to the queue; the cron drains it in portions. Recommended for large client bases. |
| Queue items processed per cron run | 50 | Portion size per cron tick (~5 minutes). Lower it when the CSL API is enabled. |

Verified clients are excluded from the mass check automatically. How the queue works internally is described in [Cron automation & check queue](../06-automation-and-cron/02-cron-and-queue.md).

<!-- sync:bb418cbbaf4de598 -->

# Configuration — Actions on match

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Configuration → Actions on match** — what happens when a check finds a match.

![Actions on match tab — ticket settings and client actions](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-nxlucsla.png)

## Support ticket

![Ticket settings — department, subject, message with merge fields](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-9symnfc5.png)

| Setting | Description |
| --- | --- |
| Open a support ticket | Master toggle. **One ticket per client**: while a sanctions ticket is open, repeated checks do not create duplicates. If the ticket was closed and the client still matches later, a new ticket is opened. |
| Support department | Where the ticket is created. |
| Ticket subject / message | Your own templates with merge fields: `{client_id}`, `{client_name}`, `{client_company}`, `{client_email}`, `{client_country}`, `{matches}`, `{date}`. |

A real ticket produced by the module — `{matches}` expands into the full list with sources, scores, and the method that matched:

![Sanctions ticket example](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-v6nuzatt.png)

## Client actions

![Client actions — status change and group move](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-0qlaxzpr.png)

| Setting | Description |
| --- | --- |
| Set client status | Optionally set the client to Active / Inactive / Closed on a match. Leave empty to keep the status unchanged. |
| Move client to group | Optionally move the client into a chosen client group (handy for a "Sanctions review" group). Leave empty to keep the group. |

Both actions are applied on every check that finds a match — but **never** for [verified](03-client-profile-panel.md) clients. Every action is written to the log (`client_updated`, `ticket_opened`, `ticket_skipped` with the reason).

<!-- sync:a587934c7d54bb54 -->

# Configuration — Fraud Check

### PUQ Sanctions Checker module **[WHMCS](https://puqcloud.com/link.php?id=77)**
##### [Order now](https://puqcloud.com/whmcs-addon-puq-sanctions-checker.php) | [Download](https://download.puqcloud.com/WHMCS/addons/PUQ_WHMCS-Sanctions-Checker/) | [Community](https://community.puqcloud.com/)


**Addons → Sanctions Checker → Configuration → Fraud Check** — the built-in fraud screening via FraudRecord and IPQualityScore.

![Fraud Check tab — services, master toggle, triggers](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-8tqeganr.png)

## Services

![FraudRecord and IPQualityScore — registration links and API keys](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-ilsyj0ik.png)

- **FraudRecord** ([register free](https://fraudrecord.com/register)) — a shared database of abuse reports from hosting providers. Client data is **hashed locally** before it is sent, so no plain-text personal data leaves your server. Create a reporter profile to get an API key.
- **IPQualityScore** ([create account](https://www.ipqualityscore.com/create-account)) — scores the client's IP for proxy/VPN/fraud risk and checks whether the email address appears in leaked databases. The free plan includes monthly lookup credits.

## Master toggle and triggers

![Fraud check master toggle and its own triggers](https://doc.puq.info/uploads/images/gallery/2026-07/embedded-image-zqptyrrg.png)

| Setting | Description |
| --- | --- |
| Fraud check enabled | Master toggle; at least one service with an API key must be enabled. |
| Fraud check on registration / profile update / order checkout | The same trigger events as the sanctions checks, controlled separately. With the [check queue](07-config-check-triggers.md) enabled for triggers, fraud checks are queued too. |

## Where you see the results

The [client profile panel](03-client-profile-panel.md) shows `Fraudrecord: 0-0-0 | Fraud IP: 0% | Fraud Email: NO` badges (red = findings), a **Fraud Check Now** button, and **Send Report** — a form (fraud type, level 1–10, free text) that submits an abuse report to FraudRecord and/or IPQualityScore. Raw API responses are available in the **View All Data** modal.

<!-- sync:a6b72a4adb12f588 -->

