VPN, Proxy, and Tor Blocker
VPN traffic is the single biggest source of Shopify chargeback fraud. Shieldy detects four masked-traffic categories and lets you block each independently.
The four categories
| Category | Examples | Default action |
|---|---|---|
| Commercial VPN | NordVPN, ExpressVPN, Surfshark | Challenge |
| Residential proxy | Luminati, Smartproxy, Oxylabs | Block |
| Datacenter / hosting | AWS, GCP, OVH, Hetzner | Block at checkout |
| Tor exit nodes | Public Tor relays | Hard block |
Enable VPN blocking
- Open Bot Killer.
- Toggle Auto-block VPN/Proxy to ON.
- Choose action: Block / Challenge / Redirect.
- Optional: set confidence threshold (0.0-1.0, default 0.7).
- Save.
VPN detection is included in the Premium plan at $4.99/mo.
Enable Tor blocking
- Open Bot Killer.
- Toggle Auto block Tor to ON.
- Set action to Block (challenge does not stop Tor).
- Save.
Tor blocking is in the Enterprise plan ($8.99/mo). Tor exit-node list refreshes every 30 minutes.
Enable datacenter blocking
- Open Bot Killer.
- Toggle Block datacenter IPs to ON.
- Save.
Blocks AWS, GCP, Azure, OVH, Hetzner, and ~80 other hosting providers. Note: B2B stores with corporate cloud-based browsers may need to whitelist specific ranges.
Confidence threshold tuning
The threshold controls how aggressively to block:
- 0.5 — aggressive (more false positives, fewer fraud orders)
- 0.7 — balanced (default)
- 0.85 — conservative (fewer false positives, some fraud gets through)
Start at 0.7 and adjust based on the dashboard's false-positive complaints.
Whitelist corporate VPNs
If your B2B customers use corporate VPNs:
- New rule → Rule type Whitelist → IP address.
- Enter the corporate VPN exit IP range.
- Save.
How accurate is the detection?
- Commercial VPN: ~99.7 %
- Tor: ~99.5 %
- Residential proxy: ~95 %
- Datacenter: ~99 %
Database refreshes every 15 minutes from 40+ sources (BGP data, honeypots, ISP records, scanning).