VPN & Proxy Blocker
The VPN & Proxy Blocker detects and blocks visitors who are using VPNs, proxies, or other tools to hide their real identity and location. This is essential for enforcing country blocks, since visitors can use VPNs to bypass geo-restrictions.
VPN Blocking
Main Toggle
- Label: “VPN & Proxy Blocking”
- Description: “Block visitors using VPNs and proxies to hide their identity”
When enabled, an advanced settings section expands with additional options.
Advanced Settings
Block All VPN Users
- Label: “Block all VPN users”
- Description: “Enable to block all VPN users. When disabled, only risky VPNs are blocked. Note: This includes trusted VPNs like iCloud Private Relay.”
- Default: Off
When off (recommended), only VPNs flagged as high-risk are blocked. When on, all detected VPN connections are blocked, including iCloud Private Relay and corporate VPNs.
Allow Business VPNs
- Label: “Allow business VPNs”
- Help text: “Recommended: Avoids blocking corporate network users”
- Default: On
When enabled, VPN connections identified as belonging to business/corporate networks are allowed through. This prevents blocking employees of companies who use corporate VPNs for their regular internet access.
A business VPN is identified when the connection is classified as “Business” allocation with “VPN” type by the detection service.
Block Crawlers
- Label: “Block crawlers”
- Help text: “Not recommended: May hurt SEO by blocking Google, Bing, etc.”
- Default: Off
When enabled, known search engine and social media crawlers are blocked. This includes crawlers from Google, Facebook, TikTok, Pinterest, LinkedIn, Twitter, Reddit, and Snapchat.
Warning: Enabling this will prevent search engines from indexing your store, which will negatively impact your SEO and organic traffic.
Bot Blocking
Main Toggle
- Label: “Bot Protection”
- Description: “Block bots, scrapers, and automated threats”
When enabled, an advanced settings section expands with additional options.
Advanced Settings
Enable Strict Blocking
- Label: “Enable strict blocking”
- Help text: “Blocks suspicious traffic more aggressively. May affect some legitimate users on shared networks.”
- Default: Off
This controls the protection level:
- Regular mode (default) — Standard detection thresholds. Suitable for most stores. Allows more borderline traffic through to minimize false positives.
- Strict mode — Lower thresholds for blocking. Catches more threats but may block some legitimate users on shared or suspicious networks.
How Detection Works
Kedra Shield uses a multi-layered detection approach:
- Cloudflare bot scoring — Used as a first pass to quickly classify obvious bots and obvious humans. This handles 80-90% of traffic without needing further checks.
- ProxyCheck.io — Called for uncertain cases to provide detailed analysis including VPN provider, risk score, connection type, confidence level, and attack history.
What Gets Detected
| Threat Type | Description |
|---|---|
| VPN | Commercial VPN services (e.g., NordVPN, ExpressVPN) |
| Proxy | Web proxies and anonymous proxy servers |
| Tor | Tor network exit nodes |
| Hosting | Traffic from cloud hosting providers |
| Scraper | Known scraping tools and services |
| Compromised | IP addresses from compromised servers or botnets |
Risk Assessment
Each visitor receives a risk score (0-100) and confidence rating. The app uses these to make blocking decisions:
- Low risk, high confidence — Visitor is allowed through.
- Medium risk — Visitor may be challenged or blocked depending on protection level.
- High risk — Visitor is blocked.
- Critical threats — Compromised servers, IPs with attack history, and high-risk scrapers are blocked immediately regardless of protection level.
The confidence rating adjusts thresholds to reduce false positives. Low-confidence detections require a higher risk score before blocking.
Cloud Provider Allowlist
Traffic from major cloud providers used for legitimate services is allowed through by default. The allowlisted providers are:
- Google LLC
- Amazon.com, Inc.
- Amazon Data Services
- Microsoft Corporation
- Cloudflare, Inc.
- DigitalOcean
This prevents blocking services like Google Shopping or Facebook Ads from accessing your store.
Free Plan Limits
- VPN/Proxy blocking: Up to 10 blocks
- Bot blocking: Up to 10 blocks
Each category has its own independent limit. When the limit is reached:
- New threats of that type are no longer blocked.
- Previously blocked visitors remain blocked.
- A quota warning banner appears in the app.
Pro plans have unlimited VPN and bot blocks.
Quota Warnings
The app shows warnings as you approach or reach your limits:
- Near limit (80%): Informational banner showing remaining blocks.
- Limit reached: Warning banner indicating new threats are no longer being blocked, with an upgrade prompt.
- Daily limit (1,000 blocked IPs): If your store exceeds 1,000 blocked IPs in a single day, all security features are temporarily paused until midnight UTC. This is shown as a critical banner.
Recommended Setup
For most stores, the recommended configuration is:
| Setting | Recommended |
|---|---|
| VPN & Proxy Blocking | Enabled |
| Block all VPN users | Off |
| Allow business VPNs | On |
| Block crawlers | Off |
| Bot Protection | Enabled |
| Enable strict blocking | Off (start with regular, switch to strict if needed) |
Next Steps
- Location Blocker — Use alongside VPN blocking to prevent geo-bypass.
- ASN Blocker — Block entire network providers like AWS or specific ISPs.
- Bot Blocker — More details on bot-specific protection.