# Advanced Rule Configuration

<figure><img src="/files/igfl4e3LKrtTbzonpdqT" alt=""><figcaption></figcaption></figure>

### 1. Block VPN

* **What it does**: Blocks visitors using known VPN IP addresses.
* **How**: Uses a 3rd-party service (e.g., Proxycheck) to identify VPN traffic.
* **When to use**: Recommended if you want to stop fraudsters hiding behind VPNs.
* ⚠️ Note: Some legitimate customers also use VPNs, so review analytics before enabling.

***

### 2. Block Proxy

* **What it does**: Blocks visitors using anonymous proxy servers to hide their identity.
* **When to use**: Useful to prevent bot farms or attackers masking their origin.

***

### 3. Block TOR

* **What it does**: Blocks all connections from the **TOR network** (The Onion Router).
* **When to use**: TOR is often used for anonymity in fraud attempts, but may block some privacy-conscious users too.

***

### 4. Smart Device Blocking

* **What it does**: Detects and blocks previously blocked users even if their IP changes.
* **How**: Uses **device fingerprinting** (browser/device identifiers) to recognize returning devices.
* **Benefit**: Stronger than static IP blocking.

***

### 5. Smart Lower Risk Blocking

* **What it does**: Detects risky traffic or orders (based on fraud scoring) and blocks them automatically.
* **How**: Feature combining Shopify’s Fraud Analysis + device/IP information.
* **Use Case**: Automate blocking of repeat high-risk orders.

***

### 6. Allow Apple iCloud Private Relay

* **What it does**: Allows visitors browsing via Apple’s **iCloud Private Relay** service.
* **Why**: Many Safari/iOS users enable this privacy feature, which can appear as masked IPs.
* **Tip**: Keep enabled if you serve many Apple users, to avoid blocking legitimate customers.

***

### 7. Admin Access URL

* **What it does**: Provides a secret URL (e.g., `/admin-access`) that lets store admins bypass all block rules.
* **Why**: Ensures you never accidentally block yourself or your team.
* **How**:
  1. Copy the URL provided in this section.
  2. Store it securely.
  3. Always use it if you get locked out.

***

### Best Practices

* Enable **Block VPN/Proxy/TOR** if you face repeated attacks from anonymous sources.
* Always configure an **Admin Access URL** first to avoid accidental lockouts.
* Use **Smart Device Blocking** for better long-term protection against repeat offenders.
* Keep **iCloud Private Relay** allowed if you have many Apple users.

If you have any questions, feel free to contact us via **Crisp Chat** or email us at [support@mida-app.io](mailto:support@mida-app.io?subject=%5BMIDA%20Support%5D%20Question%20about%20Fraud%20Score\&body=Hi%20MIDA%20Team%2C%0A%0AI%20have%20a%20question%20about%20the%20Fraud%20Score%20feature.%20Please%20assist%20me%20with%20the%20following%3A%0A%0A-%20Shop%20URL%3A%20%0A-%20Issue%20details%3A%20%0A%0AThank%20you!%0A%0A%2D%20Your%20Name).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.mida-app.io/mida-fraud-filter-ip-blocker/rules-management/advanced-rule-configuration.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.