Skildring
Voho bot manager hardens WordPress against the new wave of AI-driven crawlers—including stacks associated with OpenClaw—that attempt to scrape, snapshot, and probe your content through non-interactive, headless browsing pipelines.
When a high-risk automation session is identified, the plugin terminates the request with HTTP 403, returns a concise English denial page, and persists structured telemetry (UTC timestamp, client IP, requested URL, and an intercepted flag reserved for richer policy engines) inside {prefix}voho_bot_manager_intercepted_log.
Operational visibility
- Dedicated Voho Bot Manager admin hub with paginated history.
- Timestamps rendered in your configured WordPress timezone so responders can correlate events quickly.
- View log shortcut on the Plugins screen for one-click access.
Roadmap-aware positioning: automated threat actors evolve weekly; Voho bot manager ships iterative detection upgrades so your perimeter keeps pace with emerging AI browsing agents without waiting for a full rewrite.
OpenClaw and similar names refer to widely discussed AI browsing ecosystems; Voho bot manager is an independent security tool and is not affiliated with any third-party vendor.
Installasjon
- Upload the
voho-bot-managerfolder to/wp-content/plugins/. - Activate Voho bot manager through the Plugins menu in WordPress.
- Open Voho Bot Manager in the admin sidebar (or use View log on the plugin row) to review intercepted requests.
On activation the plugin creates the {prefix}voho_bot_manager_intercepted_log table automatically.
Vanlege spm.
-
How does this help against OpenClaw-style AI crawlers?
-
The plugin blocks the non-human automation paths these agents rely on, answers with HTTP 403, and logs each attempt so you can audit abuse, tune upstream controls, and brief stakeholders with concrete evidence.
-
Will it catch every crawler on the internet?
-
No defensive layer can promise universal coverage. Voho bot manager focuses on the high-risk automation families behind modern AI scrapers and continuously expands detection as new behaviours appear.
-
Does the plugin work with caching or CDN layers?
-
If a cache or proxy serves a response without executing WordPress/PHP for matching requests, interception must happen at that layer instead. Otherwise behaviour is unchanged.
-
What data is stored?
-
Each intercepted request stores UTC time, client IP (or the first value from
X-Forwarded-Forwhen present), full requested URL, and a boolean intercepted flag.
Omtalar
There are no reviews for this plugin.
Bidragsytarar og utviklarar
“Voho bot manager” is open source software. The following people have contributed to this plugin.
Contributors
Omset “Voho bot manager” til ditt eige språk.
Interested in development?
Les kjeldekoden, sjekk SVN-lageret eller abonner på utviklingsloggen med RSS.
Endringslogg
1.2.0
- Server-side blocking uses automation User-Agent patterns (e.g. python-requests, Go-http-client, curl, HeadlessChrome) while allowlisting common search/index crawlers (Google, Bing, Yandex, Baidu, etc.). Filters:
voho_bot_manager_search_bot_allowlist,voho_bot_manager_automation_ua_patterns,voho_bot_manager_should_block_request.
1.1.0
- Split codebase into
includes/for maintainability; forbidden HTML lives intemplates/forbidden.php. - Public forbidden screen at
/voho-bot-forbidden/(flush permalinks after update) with plain-URL fallback. - Front-end script
assets/js/bot-check.jsdetects common automation signals in the browser and redirects to the forbidden screen (logged whenvoho_js=1).
1.0.5
- Themed HTTP 403 page: loads the active (and parent, if child) theme stylesheet, uses block-theme CSS variables when present, and returns JSON errors for REST/JSON requests.
1.0.4
- Harden input handling (
wp_unslash, sanitization), usewpdb::prepare()identifier placeholders for custom table queries, and document direct DB usage for Plugin Check.
1.0.3
- Show log timestamps in the site timezone with an explanatory note.
1.0.2
- Top-level admin menu and View log plugin action link.
1.0.1
- Admin log viewer with pagination.
1.0.0
- Initial release: AI crawler mitigation, HTTP 403 enforcement, database log on activation.