Automatic Account Deleting

Image description

For as long as there has been data to keep there has been data kept for far longer than necessary. This is no less true than when it comes to technology companies. In-fact today tech companies hold so much information about people they may know you better than you know yourself.

And while we're not a large tech company holding lots of private information we do hold some information generated by our customers. Things like your usage of our service and where you're deploying it, the email address you signed up with and some limited payment information if you purchased a subscription.

These are things that we only really need while you actually use our service which is why we recently introduced a self-deletion feature which enables you to both close your account and erase all the associated data we held about you.

Today we're taking this a step further by automatically removing unused accounts. After 30 days from the creation of your account if you've not used it at all (meaning you never logged into the dashboard or made a single query to the API using your API Key) we will schedule your account for deletion and notify you via email.

When scheduled you'll have 15 days to cancel it but these deletions noted above are for completely unused accounts so there shouldn't be much need to reverse the scheduled deletion as you can still signup again when you do need the service.

In addition to this we will be removing inactive accounts after 1 year from their last moment of activity. So if you've logged into the dashboard or made a single API request even once we consider that activity which would push back any scheduled deletion by a year. Similarly to the unused account deletions when scheduled you'll be notified via email and have 15 days to cancel the deletion.

We're making these changes because we think user privacy and the control of your data has been headed in the wrong direction across the tech industry and we want to do our part to nudge the line in the right direction. It's your data and you should always be in control of it and we should turn back time and make it as if you've never used our service when it's clear you haven't needed it in a while.

Thanks for reading and have a great week.

Detection of iCloud Private Relay

Image description

With the release of iOS 15 by Apple a new feature has been enabled for paid subscribers of their iCloud storage product called iCloud Private Relay and it's essentially a VPN service for the Safari browser on iOS 15 and macOS Monterey.

We've been monitoring the service throughout the beta of iOS 15 and we've determined that Apple is using three content delivery networks as partners for this feature which we've been able to detect without issue. Today we've enabled this detection on our API which means by default users of iCloud Private Relay will now be detected as VPN's when visiting your sites and services.

We know that since this is baked into iOS 15 and macOS Monterey it may become a popular service amongst your users and so you may not want to block users from accessing your sites and services when they use iCloud Private Relay.

Due to this we've added a new custom rule to the dashboards rule library (Big Business -> Allow iCloud Private Relay) which when enabled will allow these users to bypass being detected as VPN's while keeping other VPN services blocked. We will say that since iCloud Private Relay is a paid service and most Apple users do not pay for iCloud you may not deem it necessary to whitelist the service but we've made the rule available to you just in case.

Thanks for reading and have a great week.

Expanded Account Controls

Image description

Today we're introducing a new feature to the customer dashboard which enables you to close your account and erase all the held information we have surrounding your usage of our service.

The reason we've done this is we strongly believe your data belongs to you and just because you've provided us access to some of it doesn't mean you shouldn't be able to revoke that access on your terms.

For many years now you've been able to make a request to our support team to have your account erased but we felt closing an account at a service should always be as easy as it is to open an account and that includes the removal of all your data.

Image description

So within the Dashboard you'll now see a new button in the top right corner of the settings tab as shown above which when pressed will begin the process of closing your account and erasing your data.

From the moment you click that button you'll have 30 minutes to either export your data if you haven't already done so or to cancel the scheduled closure as shown in the screenshot below.

Image description

To be clear this is a full deletion that actually erases your data held on our servers and not just an account disablement. This means you can signup again using the same email address as you used previously because we will have no knowledge of it in our system once the deletion occurs.

It is our hope that we're exceeding the standard set in our industry for not just data portability but account control and data ownership, we truly believe in providing a great frictionless service that doesn't just meet the letter of laws and regulations but the spirit of them too.

We hope everyone is having a great week and thank you for reading!

Custom Rule Importing & Exporting Enhancements

Image description

Today we've added a new button to the Custom Rules interface so that you can download your rules to your local computer on a rule-by-rule basis. This makes it easier to backup and share individual rules as opposed to downloading your entire set of rules which has been the only export method available up to now.

Image description

Above we've included an image of the new control buttons you'll see on each of your rules with the highlighted portion being the new rule specific export button.

We've also altered how importing works, prior to today importing would replace any rules already held within your account with the new imported rules. We've now changed this so any imported rules (whether it's a single rule or many rules) will be added to the bottom of your rule list. This change will not just enable easier backup and deployment of specific rules across multiple accounts but will also make the sharing of rules between customers and our support staff easier as well.

In addition to these changes we've also made some improvements to our dark mode and added some rules to the rule library based on common scenarios we've been asked by customers to assist them in creating. We're now up to 45 rules in the library and if you have an idea or need some assistance in making a rule please don't hesitate to contact us.

Thanks for reading and we hope you're all having a great week.

Service Disruption This Morning

Image description

Today between 1:30 AM and 1:45 AM GMT we suffered degraded performance resulting in many requests to the API going unanswered. This was due to a large DDoS attack against our infrastructure which caused all of our servers to intermittently fault. The traffic we received was the same as 6 hours worth of queries but sent over just a few minutes.

Our Anti-DDoS CDN (Content Delivery Network) was able to mitigate the attack starting around 12 minutes into the attack and by the 15th minute normal service was fully restored while the attack was ongoing for another 15 minutes until 2:00 AM GMT or so.

We apologise for any disruption caused by the attack, we usually have our Anti-DDoS detection at our provider set to be quite conservative due to our users often coming under large scale attacks themselves that could trigger our protection if they were to make a large number of queries to us in a short time span. This is why it took a few minutes before the protection activated and restored our service availability to normal.

Next week we'll be going through the activation parameters of our DDoS mitigation and see if we can tune it further for more immediate activation when an attack begins without triggering under normal circumstances.

Thanks for reading and have a wonderful weekend.

Introducing Dark Mode

Today we're pleased to announce the introduction of an often requested feature, dark mode. For a long time now we've been wanting to deliver dark mode and we've even converted several pages to a dark appearance in the past to see how that would look and ultimately we decided to move forward with a full commitment to this feature.

Image description

We first thought about doing it after the popular PVB plugin for WordPress which integrates our API gained support for dark mode. But as our site is very complicated we knew it would take a lot of time and effort to do it correctly. The most difficult part was of course the customer dashboard which code wise is a behemoth of complexity with many unique user interface elements that required special consideration.

And of course we didn't want to just make some of the site dark, it had to be a full transformation and that meant going through some frankly ancient code and bringing it up to par. Even screenshots within our api documentation pages and the preview images on our homepage needed to be remade in both light and dark versions and then automatically change when the user switches between themes.

Choosing the right colour palette for every page was also difficult and we'll continue to tweak things as we did with our default light theme so any colours that look a little off will likely be corrected in time as we go through our normal iterative design process.

We know some of you have been using browser plugins to darkify websites like our own which didn't offer a native dark mode, we welcome you to disable those and check out what we've been able to do with a tailored approach. Hopefully it won't disappoint the dark mode enthusiasts among you.

So that's todays update, to activate dark mode simply click the little two-toned circle button found in the top right of all pages. And if you are already using the dark mode available within your operating system then our site will detect and use dark mode by default unless you override it by using the provided button.

Thanks for reading and we hope everyone is having a wonderful week.

Dashboard UI changes + new custom rule output modifiers

Image description

Earlier this month we made some enhancements to the dashboard UI to help you more easily identify if a burst token is currently in use and by how much the token is boosting your daily query allowance. Below is a screenshot showing how this looks when a token is active.

Image description

This feature is very important to us as it helps you to know if it's time to upgrade your plan or not. Making sure you understand how often your tokens are active and how your plan allowance is being affected helps you make an informed decision about your plan and hopefully save you money by staving off unneeded upgrades until they become necessary.

The other change we've made is on the paid options tab. We used to have a very large cancellation area on this tab which was so big that many customers didn't scroll down to find the other paid options such as updating your card details when your previous card expires, accessing invoices and looking at other paid plans they may want to consider upgrading or downgrading to.

To fix this we've rewritten this section. A lot of the extraneous text has been removed and things have been kept more clear and concise. We always want you to be able to easily cancel a plan on your own without needing to talk to anybody, we strongly believe you should always be able to cancel something with an even greater ease than with how you signed up for it and we believe we're continuing to offer that as shown in the screenshot below.

Image description

And finally we've added two new output modifiers to the custom rules feature. These allow you to forcibly log or forcibly disable logging for something that matches your conditions within a rule. This was a requested feature, prior to now we only ever logged positive detections made by our API or that were altered by your rule to become positive. For instance, changing a proxy: no result to a proxy: yes result.

But sometimes you want to log something that you don't want to be set as a proxy, VPN or other positive kind of detection. Sometimes you want to allow a visitor, not detect their address as something bad and still log them using our system instead of your own local database or analytical service.

As we've received a request for this feature and we think it could be useful to most customers we've added two modifiers which can force on or force off logging regardless of the detection type. These entries will appear in your positive log as type: rule entries.

Image description

Above is an example of how to setup such a rule to log connections from Paris that are Wireless in nature. You can add these logging outputs to any kind of rule even if you've already added other output modifiers like changing a connection type or modifying a risk score. This makes these new modifiers very flexible and can be added to any rule you've already previously created.

That's it for this update and we hope you're all having a great week.

Custom Rule Limit Increases

Image description

Today we've increased the active custom rule limits for all paid accounts and we would like to tell you why we did this and how it affects you. Firstly the new rule limits apply to all accounts. You don't need to start a new subscription or make any additional payments to access the higher limits, it's a free upgrade on us.

There are a few reasons we did this, firstly we've seen an uptick in rule use since we added the custom rule library in January and in-fact we're now seeing more rules being saved to accounts each week than we did in the first 6 months of launching the custom rule feature.

Secondly as custom rules have seen increased usage we've also had a lot more requests for custom rule quantities that go above our plan limits which we do offer but haven't really advertised outside of our blog posts due to the increase in employee time to fulfil those requests.

Thirdly our custom rules started at 6 rules for paid accounts and increased by 3 rules for each larger plan size. This incrementing didn't scale well with our queries per day as it didn't make sense that you could be on a 10,000 per day query plan and have 6 rules but those on our 10.24 million per day plan would have only 39 rules.

So we could have solved the first and second reasons by adding a separate subscription or a paid upsell in the Dashboard. But we felt this would only serve to complicate our product offering. We've always wanted our subscriptions to be easy to understand and as frictionless as possible which is why we only have a single subscription for each plan size and we make it very easy to monitor and cancel your subscription from within the Dashboard.

To solve the third reason we've introduced slightly different scaling. Instead of each plan having 3 more rules than the previous it will now scale by iterating 3 for starter plans, 5 for pro plans, 10 for business plans and 15 for enterprise plans. And in addition to this we've moved down where the limits begin which is now 9 on our first starter plan instead of 6.

This means our first Pro plan now starts at 20 rules instead of 15. Our first Business plan now starts at 40 rules instead of 24 and our first enterprise plan now starts at 75 rules instead of 33. And for our largest customers on our biggest Enterprise plan that now boasts a 105 active rule limit.

As previously you can still create as many rules as you want and the limit only becomes active when you try to activate more than your rule allowance. This brings flexibility for you to save rules for historical purposes or create seldom used rules and keep them around for later. In addition to this we're still offering our extra rules for securing your account with a password and a two-factor authenticator so you can take all of these rule amounts and increase them by two if you've done that.

One last thing to discuss is those of you who have already paid us for a custom rule plan which increased your limits outside of your plan type. If the volume of custom rules you have is still higher than your plan then the subscription will remain but we would have already discounted the price to reflect how many extra rules you're receiving above your normal plan size.

If your plan is now equal to or surpasses your custom rule plan we will have already adjusted your subscription to remove the added cost you were paying for these extra rules and will have refunded your most recent payment for the custom rules you purchased.

So that's everything for today we hope you'll make great use of the extra custom rules, we've been hard at work adding more rules to the library as users have requested interesting and useful rules so don't forget to check those out within the dashboard.

Thanks for reading and have a wonderful week.


Back