when it says “punish for 15min”, this just means that they will not be able to log in for 15min. But after the 15 min, does their IP counter reset?
Here’s a detailed explanation Jason gave me:
Jason Caldwell said:
No, it just ends the punishment period; that’s all.
The IPs only reset every 30 days by default.
If you reach the max IPs and a punishment period kicks in; it locks everyone out. If someone else comes in with an existing IP on file, they will get in. If they come in with yet another new IP, it pushes the limit again (because the counter does not reset); and the punishment period kicks in again.
Look at it like this:
Username: johndoe22 (this is what we are guarding)
Max IPs for this Username are set to 5 unique IPs every 30 days.
IP 123.456.789.1 logs in under this Username.
IP 123.456.789.2 logs in under this Username.
IP 123.456.789.3 logs in under this Username.
IP 123.456.789.4 logs in under this Username.
IP 123.456.789.5 logs in under this Username.
Everything is OK so far.
IP 123.456.789.6 logs in under this Username.
~ Now EVERYONE is locked out of the account (this new IP and all previous IPs too).
If the punishment period is 1 hour, after one hour if one of the first five IPs attempts to access; they will get in. If someone new attempts to access this Username; they are ALL locked out for another 1 hour period.
Another important point to make, is that it’s not actually every 30 days (collectively). It’s 30 days per IP. So if IP 123.456.789.1 accesses the site on March 1st, they drop off the list (i.e. they are reset) 30 days later. This works independently for each IP address that is tracked.
In addition, there is a throttle switch connected to this behavior; which will automatically increase or decrease the 30 day drop-off rate; based on the number of abuses we track; or a lack of abuses. There is a behavioral pattern in the code. When we say 30 days; that’s really a baseline which s2Member® throttles from. It is designed to be VERY difficult to circumvent.