Conversation

Almost reaching 300K distinct bot IPs

Sep 24, 2021

Replying to

Do you think the residential proxies in the list has a risk of leading to false positives? I imagine they must be getting cycled regularly to prevent putting real user IPs on there in the long term

Antoine Vastel

@xopek59

Replying to

@_Xetera

Blocking IPs been flagged as residential proxies only on this criteria is indeed risky and can lead to false positives. Indeed, these IPs may be (heavily) shared. That's a criteria you can take into account to block/challenge (e.g. with a CAPTCHA, 2FA on login) traffic.

10:28 AM · Sep 24, 2021Twitter Web App

Replying to

and

The best is to combine this signal with others, e.g. server-side fingerprint, browser fingerprint, behavior, country etc It enables to significantly decrease false positives all while keeping a good level of protection

Replying to

and

Moreover, another important factor is when has the IP been flagged as being a residential proxy. The long the riskier it is to block based on this criteria.

Replying to

That makes sense. It's so hard to figure out what % of detection should be coming from things like proxy lists vs other data like behavior and fingerprints. Wish there was just a silver bullet for it that would always work😤