Documentation
Introduction Dashboard
Widget Public Pages

Security

Monitor visitor trust scores, review flagged visitors, configure risk detection rules, and protect your site from suspicious activity — all from a single dashboard.

Overview

The Security dashboard gives you a real-time view of how trustworthy your visitors are. Every visitor receives a trust score (0–100) calculated from a set of built-in risk rules that analyze behavior, location changes, bot patterns, and more. Visitors who fall below configurable thresholds are automatically flagged for review or banned.

Key Concepts

Trust Score

Every visitor starts at a score of 50. As Yaplet detects risk signals — such as country changes mid-session, bot-like behavior, or blacklisted attributes — the score decreases. Positive signals (like returning visitors or verified accounts) increase the score. The result is a single number that summarizes how trustworthy a visitor is:

Score RangeLabelMeaning
70–100TrustedNormal, low-risk visitor
40–69ModerateSome risk signals detected
20–39RiskyMultiple risk signals — manual review recommended
0–19CriticalHigh-risk visitor — likely malicious or automated

Review Statuses

Visitors can have one of four statuses:

  • Normal — No manual action taken, trust score speaks for itself
  • Pending Review — Automatically flagged because their trust score fell below the review threshold
  • Whitelisted — Manually marked as trusted by your team
  • Blacklisted — Manually marked as blocked

What's Inside

Overview Dashboard

See key stats at a glance — flagged visitors, blacklisted count, average trust score, score distribution, and top risk signals.

Visitors

Browse all visitors with their trust scores, review statuses, and risk signals. Filter by score range, status, or search by name/email.

Review Queue

A focused view of visitors whose trust score dropped below the review threshold. Quickly whitelist or blacklist each one.

Rules

View and customize the 23 built-in risk detection rules. Adjust the weight of each rule or disable rules that don't apply to your use case.

Settings

Configure global thresholds for the review queue and auto-ban, and enable or disable security monitoring entirely.

How It Works

The security system evaluates visitors automatically in the background:

  1. The Yaplet widget collects events (page views, clicks, errors, session data) from your site
  2. Each event is evaluated against the active risk rules
  3. Triggered rules adjust the visitor's trust score by their configured weight
  4. If a visitor's score drops below the review threshold, they're added to the review queue
  5. If it drops below the auto-ban threshold, they're automatically blocked
Security monitoring works with the same widget events already being collected. No extra code or SDK changes are needed — just enable it from the Security Settings page.
Previous Web AnalyticsNextOverview Dashboard