Introducing the Ban API and Alt Account Detection

Updates Announcements
#751

@oopsiemachine
Made an implementation of the Roblox Ban API to our community. We handle all bans through our external API, which we then forward to the Roblox Ban API. Our biggest pain points so far has been that we are unable to create/update user restrictions for multiple users at the same time. We have ~10k bans which we had to submit to the API one by one. We also struggle with appeals of alternate accounts that were detected as we cannot see what the originating ban was that caused the alternate account to get banned.

TLDR: Make it possible to update user restrictions for multiple users at once and make it possible to view originating ban for alternate accounts.

8 Likes
#752

This kind of kills most of the hype around alt detection for me. What use is it knowing that a user is a suspected alt without knowing who they’re an alt of? Unless I’m reading it wrong? It just seems like something that isn’t very well thought-out, and I’m honestly very disappointed that this won’t be a feature.

6 Likes
#753

Simply just privacy, I would imagine.

There isn’t really a real need to know who the owner of said alternative account is as long as it is banned anyway.

2 Likes
#754

There is, if someone appeals, and the appealer is an alt of the main account.
You have no idea what main account to unban.
This isn’t a fully thought-through idea.

2 Likes
#755

Then you should ask users to appeal from their main account, no one should be appealing a ban from an alternative account anyway

2 Likes
#756

ALT account detection does not WORK in the slightest for me, Knowing alt bans are based off MAC Address, I tried 4 possible scenarios:

  • Banning my main account, then logging in with my alt (main acc gets banned but i can still join with my alt)
  • Banning my main account, while on my main (It did ban my main account) but once i switched using the account switcher, my alt account is still able to join.
  • Banning my alt account, then logging in with my main (alt account gets banned, but my main account can still join, meaning technically no alts were banned at all)
  • Banning my alt account, logging into my alt account, then switching to my main (alt account still gets banned, yap yap, but my main account however, can still join no problem).

All tests were done in the same network, same device.
To summarize: Alt account detection doesn’t work.

14 Likes
#757

Our testing found the same thing, which I posted above. It seems to not account at all for alt-hopping and only bans once it matches a pattern across multiple days. Which is unfortunate because majority of people with 50+ alts don’t use them regularly and just hop between them to bypass bans. They don’t even need to spoof to get around this, simply logging into another account is enough of a bypass.

4 Likes
#758

well until alt detection is fixed ill stick to banning timezones.

#759

surely you’d be including the pc’s start up time as a metric too right
(there is around 50 million people in my time zone, so uh, you’d be missing out on quite a few players)
also if you use time zone bans i can just click 1 button in a drop down in windows settings lol

#760

Will there be a way to disable this?

#761

You can specify the message the banned user will see with the DisplayReason field.

#762

What kind of signals? Doesn’t seem like the most obvious IP ban was even implemented with this release. What kind of signals already exist? It seems as if there are none. Testing this I’ve yet to encounter an alt actually being detected by your system

3 Likes
#763

I think that exists already. Or they just added it, But you should check out the documentation for the engine part to see how to use it.

Here’s a code sample though, Stolen from the documentation.

local Players = game:GetService("Players")

if shouldBeBanned(player: Player) then
	local banHistoryPages = Players:GetBanHistoryAsync(player.UserId)
	local duration = getNextBanDuration(banHistoryPages)  -- Creator-implemented logic
	local config: BanConfigType = {
		UserIds = {player.UserId},
		Duration = duration,
		DisplayReason = "You violated community guideline #5",
		PrivateReason = "Put anything here that the user should not know but is helpful for your records",
		ExcludeAltAccounts = false, -- Alt accounts seems to not be working currently, As people have complained in this thread.
		ApplyToUniverse = true
	}

	local success, err = pcall(function()
		return Players:BanAsync(config)
	end)
	print(success, err)
end
2 Likes
#764

Will there be a way to disable this?

Disable what? If I may ask. Like, Using an old system to ban users? (Ex: Kick on join)
I think you can still use the old system to ban users, But I would definitely try out the Ban API.

3 Likes
#765

Elaborate, I’m guessing that you mean “How do i remove a Permanent ban from a player?”
I’m pretty sure you’re able to just use the Unban Async to just easily unban them.

#766

Thats for BanAsync not UnbanAsync :+1:

#767

Oh? SIlly me, I must’ve misread it. But yeah, You’re right. It would be useful to have private reasons.
But at the same time, You could possibly hook it up to a datastore or something for now.

1 Like
#768

Haha no problem. Yeah thats the conclusion that I’ve come to, easier to just use a datastore for this very reason.

1 Like
#769

I was going to say this doesn’t exist unless Roblox plans to add it.

1 Like
#770

So cool! Finally a way to ban players without relying on a third party script! It would be so cool if you added a moderation category in the games overviews in the creator hub to see how many people got banned in a given period of time, ban people from website etc…

1 Like