How can I prevent spam attacks?

SuperTokens offers bot detection and attack protection features to help prevent malicious activities like email bombing, credential stuffing, and other automated attacks on your authentication system.

Attack Protection Suite

The Attack Protection Suite is SuperTokens' comprehensive solution for detecting and preventing bot attacks. This system analyzes over 40 different signals that could indicate suspicious activity, including:

• Impossible travel patterns

• Brute force attempts

• Credential stuffing attacks

• Suspicious IP addresses

• Other anomalous behavior patterns

The system surfaces the highest risk login attempts to you, allowing you to take appropriate action to protect your application.

How It Helps

This protection can help prevent various types of attacks, including:

• Email bombing attacks where attackers create thousands of fake accounts

• Toll fraud through automated account creation

• Credential stuffing attempts

• Other automated malicious activities

By integrating these protections, you can avoid unexpected billing spikes caused by bot-generated users and maintain the security and integrity of your authentication system.

Getting Started

The feature is not available out of the box since it requires special configuration based on your setup. Please get in touch with our team at support@supertokens.com for further details.

To get a more detailed perspective on how it works you can go through our documentation.