AntiBot: What is the High Reputation Bypass option and how does it work?

Every IP address accessing your site gets its own unique visitor score - the higher the score, the better the visitor i.e. the more likely it's human.

Visitors that have accumulated a high IP reputation and AntiBot score should ideally never be blocked. But, this can happen sometimes. To prevent this, we added a new option: High Reputation Bypass.

This option is a part of the AntiBot Detection Engine (ADE). It prevents visitors with a high reputation scores from being blocked by Shield.

The IP address will still accumulate offenses and will still be subject to Shield’s rules, but, if the number of offenses would normally lead to an IP address being blocked, but the IP reputation is good enough, the block will not be put in-place.

You can think of it like: Shield will see everything your IP does, and it’ll mark offenses against it. Once the IP has accumulated enough offenses and it’s about to block your IP address, it’ll lookup your Bot Reputation Score and if it’s high enough, you wont be blocked.

How does the High Reputation Bypass work?

To answer this questions, best is to use examples...

Example 1: High reputation - not blocked by Shield

Settings:

  • AntiBot min score: 45
  • High Reputation Bypass: 60

The Offense Limit is set to 3.

Visitor has failed to login, triggering the offense. Normally, when they reach the offense limit 3, they'll get blocked by Shield. But, if over that time their IP reputation is good enough, Shield won't block them.

So, if you set the reputation bypass to 60, visitor that gets reputation score higher than 60, they'll not get blocked. Shield will not consider this visitor being a bot. 

Total reputation score for a particular IP can be seen with the IP Analysis section. In this example, visitor's total reputation is 100, which is higher than 60 (set):

This is why they'll never be blocked, even if reaching the offense limit set (3):

IP Rules section will list this IP and you'll see that an IP is on the blocklist because it reached the offense limit 3 but IP is not actually blocked due to high reputation bypass, for example:

Site admins will also see a notice that IP is blocked and they an ignore this because as for visitor above, their IP is "blocked" but it's actually not.

It's important to note here that Shield doesn't "whitelist" your IP if your reputation is high, but it's like being whitelisted since you'll never be blocked. But you're really not whitelisted... you're just never blocked. if you've demonstrated you're a good person (high reputation), Shield pretends it can't see you've made too many offenses.

Important: If site admin changes a minimum score for that setting, then as soon as their IP reputation is lower than that reputation score and they have caused enough offenses, they'll be blocked. 
In this example, if it's about site admin's IP, they reached the offense limit (3), and their reputation was 160, if they are still logged in and try to change setting by putting higher reputation then 160 (i.e. 200), they'll immediately get blocked. Why? Because of offenses.
Too many offenses > you're blocked.
Nothing has changed in the way Shield blocks you. if you don't want to get blocked, you'll need to remove your offenses first

Example 2: Low reputation - blocked by Shield

Settings:

  • AntiBot min score: 95
  • High Reputation Bypass: 200
  • Offense Limit: 3

In this example, visitor triggered the Shield offenses x3 times and get auto-blocked. 

The reason why this happens is because their reputation score was 110, which is lower than set (200).

You can see the all details in your activity log: