Thanks for the feedback, completely agreed. We are redoing the entire docs page to give more info on all responses plus some other generic stuff/updates.
Regarding only one risk type per IP. We set the severity to the max level logged in our system. If it's a 3, 4 and 5 based of attack type, frequency of attack, method of collection, etc it'll be the highest severity logged. We might look at integrating this differently in v2.
Thanks for all the great feedback everybody. We are still looking at pricing. Obviously with all the signups today we will honor original pricing forever if we do decide to make any changes in the future.
We never considered it I guess. Like someone else already mentioned there are other options out there but their prices are insanely ridiculous. Starting at $10 /month the three of us devs/creators feel like a competitive price will keep big and small customers happy hopefully long-term.
So in the past we talked about this kind of integration. Our only concern would be user generated content. Our users can 100% trust that if an IP is in our system and logged as a level 5 risk level, that that the originating IP hacked one of our nodes and was caught in the process.
Obviously we are concerned that a user that doesn't like (example IP) 4.2.2.1 for whatever reason might create 10 accounts and log this IP as malicious so we would need to tag it as user-generated before we turn it on. But we are considering it
It's my fault. I'll try to find a way to get this data and eventually adjust my code to not include non-exit relays or at least recategorize them as a lower severity.
There are a lot of IPs out there. Unlike Pokemon we can't catch them all. It varies but we run less than 50 honeypot nodes in 15 different countries (because I pay for them out of the kindness of my heart each month as we are not yet profitable) right now that would collect this kind of data. Our goal is if we get more people to signup we will add more nodes. Obviously more nodes = more data.
I'm Ryan, one of three devs that built FraudGuard.io. Honestly we have a lot more work to do specifically in spam. With that being said, spam is the least requested collector so far by our users. Just to share in beta we asked some of our heavy users and about 90% of our users preferred our focus was on honeypot collection, spam was less than 2%.
So heres how it works now. We do not rely on external sources at this time. The reason why, because our traffic is so high that no external source at least that we've found will serve our users traffic.
For example stopforumspam.com limits API requests to 20,000 per day. I haven't checked our stats today but during our beta (which ended yesterday) we served more than 20,000 API requests per hour. So even with huge cache durations set its very hard to rely on outside sources so instead we run all our own spam collectors, using our own domains, etc.
I'm Ryan, one of three devs that built FraudGuard.io. The answer is basically price. We do EVERYTHING ourselves and try to keep price extremely fair. We have plans that start at $10 /month and we also have a small free-for-life plan too.
Thats the best answer. The secondary part is we want a simple way for any dev off the street to integrate with api.fraudguard.io in 5 minutes. Imagine you are a small company and you want to limit back office access to you CMS to only IPs outside of Germany. That takes just a couple minutes. Or you want to allow back office access to you CMS from everywhere but you want to decrease the session timeout to only 30 minutes if the originating IP is a tor node or public proxy, etc.
We just got out of beta (literally last night) but so far thats the majority of use cases that we've seen so far.
Regarding only one risk type per IP. We set the severity to the max level logged in our system. If it's a 3, 4 and 5 based of attack type, frequency of attack, method of collection, etc it'll be the highest severity logged. We might look at integrating this differently in v2.