Some time between the 17th and 20th of October our payment system stopped loading within the Dashboard. This was caused by a compatibility issue between our CDN Partners Javascript compression technology and our payment widget.

We managed to fix this problem this morning and we are once again able to take new payments. This bug may have also affected customers trying to cancel a paid plan, if you were trying to do that, you can now do so. This issue did not affect customers who were already subscribed, your payments during this time would have been processed normally.

Thank you to the users who made us aware of this issue this morning, we are very sorry it happened and have taken steps to make sure this doesn't occur again in the future.

An issue that almost all service providers will come up against when they offer any kind of free plan is users finding ways to maximise their use of these free resources well beyond the limits imposed by the service provider. For us this manifests itself in two ways.

1. Users signing up for a registered account multiple times under different email addresses

2. Unregistered users performing queries from a large pool of IP Addresses and/or Proxy Servers/VPN's

For the most part we don't mind if a registered user has two accounts. Perhaps you need one for production and one for your development environment. We do not police users that have 2 accounts, especially if you're under the 1,000 query limits on both accounts.

However we have found recently multiple users signing up for 10 to 15 accounts and load balancing their queries. This essentially means they have a 10,000 to 15,000 daily query limit for free when it should only be 1,000.

Another problem is unregistered users performing queries from Proxy Servers. So instead of making 100 queries per day from a single IP Address they are making thousands of queries per day across hundreds of IP Addresses. In-fact we've seen some users utilising more than 1,000 proxy servers in a single day to load balance their queries.

The thing to keep in mind if you're a user that does this is our API is not an unlimited resource so we cannot let the abuse of our API and the disregarding of our Terms of Service continue.

To this end over the past week we have been contacting registered users that have more than two accounts to let them know we've disabled all but one of their accounts. In these situations we always leave the account that has performed the most queries active while the rest are disabled.

We're also tackling the unregistered user abuse issue by now checking that the IP you're using to contact the API isn't a proxy server. If it is, the query will go unanswered. To be clear, this only affects unregistered users, we do not perform this check if you have registered for an account and are using your API Key to make your queries. We're also not blocking VPN services from making unregistered queries.

So if you wish to contact the API through a proxy server you can still do so, you'll just need to signup for an account and supply your API Key with your queries.

We hope that these changes will not disappoint too many of you. If you're a registered customer and adhering to our Terms of Service you will not notice any change to your service. If you're an unregistered user you may find your queries take a few milliseconds longer while we verify you're not accessing our API from a Proxy Server.

Thanks for reading and have a great day. If you have any questions please feel free to contact us.

Recently we've had customers ask us if our Whitelist/Blacklist feature supports ASN's and if not, when will support be added. Today we've added full support for ASN's to both the Whitelist and Blacklist feature. We've also enhanced the API responses when you perform queries which are affected by either of your custom lists.

So firstly the way you add ASN numbers to be White or Blacklisted is a new ASN format like this: AS1928 So for example here is a screenshot showing some examples:

So to place ASN's you simply follow the format which is AS###### you can place as many ASN's, IP's and Ranges in the White and Blacklists. All will be lifted from the box and you can still place comments besides your entries.

Now we've also altered the JSON result from the API when one of your Whitelists or Blacklists has been utilised for the IP you're checking, this is how that looks:

{
    "node": "HELIOS",
    "ip": "62.205.245.173",
    "proxy": "yes",
    "type": "blacklisted by AS28843",
    "query time": "0.001s"
}

Previously it would only say blacklisted or whitelisted, now it actually will tell you what triggered the type of detection, it can list individual IP Addresses, Ranges or the ASN numbers you've specified.

We hope you enjoy these changes they are a direct result of your feedback.

Recently we've had a lot of enquiries about the usage of our name and logo within customer websites and software so we thought it would be a good idea to make a blog post about our stance.

Firstly we welcome you to tell people that you use our service, it's good for us whenever people are exposed to our branding. So to put it simply feel free to place our name or logo on your products.

We do have a few minor stipulations though. Please do not modify our logo beyond resizing it or changing the colour to monochrome to fit within your products design. Don't use our logo for your application or make our logo bigger than your own logo so that there can be no confusion about the connection between us and your product.

Finally don't make it seem like you are us or endorsed by us or that your software has been made by us, you should always make it clear that we're seperate entities.

To assist you in adding our branding to your product we've provided our logo here: https://proxycheck.io/images/proxycheck.io-logo.png it does feature a transparent background and it's 547 x 559 pixels in size. Please rehost the image instead of linking directly to it.

Thanks for reading and have a great day!

Last year when we added our Code Examples page we started off by offering a basic PHP script which you could insert into your webpages. We later expanded it with a proper function and opened a GitHub account.

Since then we've been looking at ways to expand the types of software that work with our API, our open approach to including third party developer clients and third party code on our example page has been a great way for us to increase the exposure of our API and to allow our customers to use the API more easily.

Earlier this year we added several more Minecraft plugins to the Examples page, four in-fact. And those plugins have resulted in many new people using our API.

Two weeks ago we further expanded the examples page by giving it a new interface that allows us to share many more code examples. One of the latest ones we've added is a C# console app assembly example written by a third party developer.

In exchange for writing that example he received a paid tier account for a period of five years with the volume of queries he needs for his software. We love doing deals like this because it benefits both parties. He had already written the integration code for his own software and simply by sharing it, he has secured access to our API for several years.

We want to do more of these kinds of deals and so if you have some code examples for C++, C, JAVA or Node.js please let us know about them, we would love to give you a paid account in exchange for sharing your code, plugin, class or function with us and not only will we feature it on our website but you'll receive full credit and we're more than happy to link to your personal website, GitHub projects and Twitter account.

We've spoken previously about third party software that integrates our API and our stance is still the same, you can integrate the API however you wish in any software you release and you are free to monetise the software you make, you don't owe us a penny of your revenue. We make our money by selling access to our API and so for us the client software is not a profit centre. We can prove our stance by actions as we do advertise a paid Minecraft plugin on our examples page which was written by a member of the Minecraft community and is not affiliated with us in any way.

So if you have the skills to make some great client software that you want to give away for free or sell at a profit, to you we say, hitch your wagon to our star, let us worry about maintaining an always accessible and accurate proxy detection API while you make great software.

Thanks for reading this blog post, if you would like to talk with us about anything discussed here please email us at [email protected] we read every response and you'll always receive a reply from us.

When you operate a data driven service such as proxycheck.io you will come up against an issue where you need to decide at what point data has become old and irrelevant.

For us that means how long should we consider an IP Address bad before we remove it from our database. In the past we would cache an address for a period of 90 days since we last saw it operating as a proxy or compromised server.

But this presents an issue in that addresses are often repurposed and bad services running on compromised servers get cleaned up constantly. So this means it's not always best practice to hold IP data as long as we have been.

So we're extending the duties of our inference engine to not only discover new IP Addresses acting as proxy servers but also to go through our old data and verify that the IP Addresses there are still bad.

This means we're now holding IP's for a minimum time of 15 days down from 90 days. The inference engine will make assessments every day from the moment we first add an IP to our database and then slowly discard Addresses where it has a 100% confidence rating they're safe again.

We believe this will cut down on false positives allowing more of your legitimate users to access your services without being blocked unduly just because they received a previously abused IP Address. This change has been active for a while on our development platform and after positive and accurate results we've engaged the system on our live data.

Thanks for reading this change and as always have a great day.

Today we're introducing three plans targeted towards enterprise customers. This brings our total paid plan offering to twelve subscriptions.

You may be wondering why do we need so many plan options? Well we don't want to force customers into purchasing plans which offer two or three times more queries than they're actually going to use so we have three budget plans for hobbyists, three medium plans for entry-level developers, three business sized plans and now three enterprise sized plans.

And just because these plans are intended for Enterprise customers that doesn't mean they can't be good value. In-fact it's cheaper to take any of these larger plans than it is to use different accounts and purchase multiple smaller plans.

For example our largest plan prior to today cost $29.99 per month for 2.56 Million daily queries. If you double that plan to 5.12 Million queries it should cost $59.98 but we're only charging $49.99 so a 16.7% decrease in per query cost. This cost saving is the same for the new 7.68 Million and 10.24 Million daily query packages when compared to purchasing three or four 2.56 Million query packages.

And we've still been able to keep our highest query package under $100 .. if only by a penny. All three of these new packages are available as not just monthly plans but yearly plans too and when you pay for a year up front you still receive the same 20% discount we've been offering on our prior plans.

So we hope this will help some of you that have been enquiring about some very big requests, especially those of you operating ad networks which are constantly being undermined by click fraud. We've had a great many enquires about larger packages and these three are in-line with the custom package sizes we most commonly get asked for, by offering them officially it cuts down on the time we spend setting up custom plans and standardises pricing for everyone to view at their convenience.

Thank you and have a great day!

Today we updated the proxycheck.io website with an improved stylesheet. You'll find that our white background has now come up a few shades, we've done this so we can essentiate some of our page elements like input boxes, features descriptions and payment options.

No page makes this more evident than our updated dashboard where we've added a shadow to our navigation toolbars and subscription boxes as illustrated below.

You can also see this effect yourself on our pricing page. We're still tweaking the look and feel of proxycheck.io this is our second year in operation and so we're going through everything we did last year and just re-examining how things should look and react.

We hope you like the new look as always we invite your feedback, please email us your thoughts at [email protected] we read and reply to every email we receive.

Have a great day!

In late July we added a new feature to the service where when a customer went over their daily query allowance for five days consecutively they were sent an email to let them know. So far we'e sent quite a few of these emails but we've been wanting to improve how they look and what information they present to users.

Today we've gone through and changed how these emails look, what they say and the information displayed. Now you'll be given a six day query overview so you can more quickly ascertain how many queries you've been making so you can make an informed decision about your usage of the API. Below is what this new email looks like.

You'll notice in this example my account is a free registered account so I currently have a 1,000 daily query allowance. You'll also note I've gone over this allowance today and for the past 4 days as shown in red but five days ago I didn't go over and so that shows in green.

The email is simply informational so that our customers are made aware that the service[s] they're protecting with our API are going unprotected for some part of each of the past five days. They are at no point told they must make any alterations to how they query the API or that they must purchase a paid plan.

If you receive one of these emails please don't be alarmed as your account is not in jeopardy, these emails are simply for your information, we know setting up monitoring for all the API's you use is time intensive so we have developed this to take care of it on your behalf. You can of course disable these emails in your customer dashboard.

We hope you like these changes, we know it's not as flashy as some of our other unveils but these kinds of features are what we consider foundational and thus important enough to share.

Thanks for reading and have a great day.

Since the service went live we've offered two main ways to access our API. As a registered user and an unregistered user. Meaning you could query our API with or without an API Key.

As is often the case with a service like this most users choose not to signup for an API Key. This is mostly due to third party software integrating our API and not requiring users to obtain an API Key. Secondary to this is developers that don't think they'll need more than 100 queries or the other features accessible by being registered.

But of course this presents a problem for our service and our unregistered users. Currently every day almost half (49.7% today) of our unregistered users go over the 100 free queries they are allotted each day. 35% of those users make less than 1,000 queries per day but more than 100. The remaining 15% go over 1,000 queries and the top 5% go over 10,000.

These daily unregistered users outnumber our daily registered users by exactly 6 to 1. So the problem here is two fold.

1. Half of our unregistered users go unprotected for some part of every day.
2. We have no real way to contact these unregistered customers because .. they're unregistered.

So what this means is we cannot inform these unregistered users of when they go over their query allotment so that their services remain protected. And that means we cannot refer those 15% of users that would go over even our 1,000 free queries to a paid plan.

It also means we have to handle millions of daily queries which are not being answered by our API but are hitting our server infrastructure.

So what are we going to do about it? - Well there's many options, take away the unregistered plan would be the most obvious one but we're not going to do that. What we are going to do is make a good faith effort to contact unregistered users that go well into high volume query amounts.

So to be specific only unregistered users will receive emails from us and only if we can track them down based on their querying IP Address. For some it's not so difficult as often the users making the highest queries are using dedicated hosting which point to a specific domain.

If we're not able to contact some of the high volume unregistered users (and we're really talking about unregistered users who are making 50,000-100,000+ queries per day) then we may block their IP Addresses from accessing our cluster. However this isn't something we're doing currently and not something I believe we'll need to do frequently.

We've already been able to contact a few of our unregistered users that are in that top 5% category of making over 10,000 queries per day with some good results.

The big takeaway from all this though is if you're one of our unregistered users now is a great time to get yourself registered. You not only go from 100 to 1,000 daily free queries but you can monitor your daily and monthly query volumes and get automatic alerts if you go over your daily allotment plus you get a breakdown of your positive detections, query tagging, and white/black list support as part of our customer dashboard.

Thanks for reading, if you have any questions about this or anything else please don't hesitate to contact us at [email protected] we do read and respond to every email. We hope everyone has a great day!