silentCAPTCHA: What is the High Reputation Bypass option and how does it work?

Every IP address accessing your site gets its own unique visitor score - the higher the score, the better the visitor i.e. the more likely it's human.

Visitors that have accumulated a high IP reputation and silentCAPTCHA Bot Minimum Score should ideally never be blocked. But, this can happen sometimes. To prevent this, we added a new option: High Reputation Bypass.

This option is a part of the silentCAPTCHA AntiBot system. It prevents visitors with a high reputation scores from being blocked by Shield.

The IP address will still accumulate offenses and will still be subject to Shield’s rules, but, if the number of offenses would normally lead to an IP address being blocked, but the IP reputation is good enough, the block will not be put in-place.

You can think of it like: Shield will see everything your IP does, and it’ll mark offenses against it. Once the IP has accumulated enough offenses and it’s about to block your IP address, it’ll lookup your Bot Reputation Score and if it’s high enough, you wont be blocked.

To configure High Reputation Bypass option in Shield, you may go to Shield Security > Security Zones > Bots & IPs zone. When you click Configure next to the silentCAPTCHA component, a configuration sidebar window will open up for you. Here, you'll see all options for the silentCAPTCHA AntiBot technology, including High Reputation Bypass.

Access to High Reputation Bypass option

How does the High Reputation Bypass work?

To answer this question, it’s easiest to use an example of the "High reputation - not blocked by Shield."

Configuration:

The Offense Limit is set to 3.

Visitor has failed to login, triggering the offense. Normally, when they reach the offense limit 3, they'll get blocked by Shield. But, if over that time their IP reputation is good enough, Shield won't block them.

So, if you set the reputation bypass to 60, visitor that gets reputation score higher than 60, will not get blocked. Shield will not consider this visitor being a bot. 

Total reputation score for a particular IP can be seen with the IP Analysis dialog.

Site admins will also see a notice that an IP is blocked. They can ignore this notice because, similar to the visitor mentioned above, the IP is marked as 'blocked' due to reaching the offense limit, but it isn't actually blocked.

It's important to note here that Shield doesn't "whitelist" your IP if your reputation is high, but it's like being whitelisted since you'll never be blocked. But you're really not whitelisted... you're just never blocked. if you've demonstrated you're a good person (high reputation), Shield pretends it can't see you've made too many offenses.

Note: If site admin changes a minimum score for that setting, then as soon as their IP reputation is lower than that reputation score and they have caused enough offenses, they'll be blocked. 
Nothing has changed in the way Shield blocks you. if you don't want to get blocked, you'll need to remove your offenses first