Rep.ai
  • 5 Minute Quick Start
  • Controlling the Widget
  • Custom Visitor Identities
  • Listening to Events
  • Examples of Custom Behavior
  • Security and Spam Prevention
  • Virtual Backgrounds
  • How to Identify Contacts who Click Through Emails to Your Site from Email Sequencers
  • Troubleshooting
    • Browser Compatibility
    • Notifications
    • Content-Security-Policy (CSP)
    • Firewalls and VPNs
    • Support
    • Scheduler
  • Integrations
    • Acuity
    • Calendly
    • Chili Piper
    • Clearbit
    • Google Calendar
    • HubSpot
    • Intercom
    • Outreach
    • Salesforce
    • Shopify
    • Slack
    • Microsoft Teams
    • Zapier
    • Zendesk
    • Zoom
    • Outlook Calendar
    • Salesloft
    • Gong
  • API
    • Introduction
    • Authentication
    • Scrub Visitor Data
    • Nightly Data Dumps
  • API Resources
    • Organization
  • ⚠️Experimental
    • Performance
    • Overview
    • Zendesk App
  • Outbound (Dialer)
    • Getting Started with Rep.ai Outbound (Dialer)
    • How to Create and Manage Custom Columns (Properties) in Rep.ai Outbound (Dialer)
    • How to Mark a Number as "Do Not Call" in Rep.ai Outbound (Dialer)
    • FAQs
  • SPOTLIGHT
    • How to set high-intent page preferences for intent scoring
    • How to toggle auto-create companies based on visitor identification
    • CRM Fields for Rep.ai Influence (Contact)
    • CRM Fields for Rep.ai Influence (Account)
  • ANALYTICS
    • Metric definitions
Powered by GitBook
On this page

Was this helpful?

Security and Spam Prevention

PreviousExamples of Custom BehaviorNextVirtual Backgrounds

Last updated 5 months ago

Was this helpful?

To avoid malicious use of your organization's Rep.ai widget, and to prevent your team from wasting time on spam callers, there are a few options that you can configure on the settings .

Domain Allow List

Add a list of all the domains you plan to use the Rep.ai widget on. Any attempts to load the widget on other web pages will be blocked, and you'll never see those clients in the dashboard. Domains are subdomain specific, so connections from app.mycompany.com will be rejected if your allow list only contains mycompany.com. The allow list currently does not support wildcarding.

Development domains

While you can manually specify your development domains along side your public domains, we also include a toggle to allow connections from most common development domains without having to exhaust your available domains. These include:

  • All localhost ports

  • Any IP address (e.g. http://127.0.0.1)

  • Any .local domain

Security page