no authentication is needed to claim?

if you only check ip, impossible, no?

there should be services to detect vpn ips

I think a way is Hardware Detection no?

Certain things about the hardware a user can't change without basically breaking apart their system

there is, they just switch account and use a vpn

i did limit only 1 request per day for every ip address

but they are using a vpn and switching accounts

please ping when reply

yeah @American Shorthair if you only check ip address you can't stop them

that's why I am asking if you have authentication

if you have user_id when they login you can limit, no?

if it's just metamask login + ip change - you can't stop them

you need to find a service to detect vpn ip addresses

yes, as i said they log in to another account

tried, they don't detect most of the vpn

haha then no way!!!!

value their effort man

@American Shorthair Try this service

integrate Cloudflare, its free and good documentation on how to setup. pretty easy

already have it, can you tell me how to make it disable vpn?

Security> WAF > Firewalls rules,

I suppose actually it wont block all vpns, but you could only allow users with specific geolocations,

otherwise you can integrate a third party database of VPN's with Cloudflares ip access rules,

IP2Proxy, is a vpn blocking service,

you could also block specific DNS providers used by VPN services via cloudflare

https://fingerprint.com/ is one of your options if they are not obfuscating hardware. Bare in mind this is an expensive service.

This is a huge area it's not just IP quality. It's a cat and mouse game.

100$/month 🙃