-
Notifications
You must be signed in to change notification settings - Fork 2
VPNs and false positives
First of all I want to say that I (azalty) am not an expert on this subject.
This page will teach you about false positives in this plugin.
VPNs are detected using the BlackBox API.
VPN is a shortcut, in fact, it detects Corporate IPs and publicly known VPN IPs (according to the API: proxy, hosting, tor IPs).
While 99% of VPN IPs are marked as Corporate and therefore easily recognisable, they are in the same category as true Corporate IPs, like IPs at your workplace.
However, you shouldn't be playing CS:GO at your workplace, right?
Depends. If you think people only use their own internet connection then yea, probably.
My IP is listed as a VPN by NDA (and BlackBox API), but I'm using my own internet connection (from my house)!
There could be multiple reasons:
- You're using a proxy, VPN, and you didn't check correctly
- You're hosting your server locally (example: a test server?), and the exposed IP differs from your actual public IPv4 (Don't know what it is? Write "my IP" on google). This is because if you host your server locally, your local IP will be used, and is detected as a proxy by BlackBox API. Nothing alarming there.
- You have been misflagged by your ISP (Internet Service Provider). Contact them and tell them your IP is identified as a VPN/Corporate IP, they should switch it to residential. (Please check https://whatismyipaddress.com/ and click on your IPv4. If "Type" is "Corporate" then your ISP fucked up)
- If your IP is not "Corporate", it might be a problem with BlackBox API. You can check their GitHub and you could create an issue if you don't mind people seeing your IP and linking it to you (or you can create a throwaway account). Else, I would recommend contacting them privately (for example on Twitter).
I, as a person, would not recommend you to block VPNs because of potential false positives. It could also prevent some potential non-malicious people from joining your server just because they care about their privacy (there could be a lot of legit reasons someone wants to hide their IP).
You should only do it as a last resort if someone is repeatedly annoying you (ban evading..), but do know there are multiple ways to change your IP without using a VPN. (but it'll probably stop them for a while though, since harassing like that is really stupid imo)
Of course, this is only my opinion, and I totally respect yours if it is different. Feel free to do whatever you want, your server, your rules 😃
If you have any suggestions for better APIs to use, please submit them.