Linux 软件免费装

在这里免费安装WordPress以及其他软件

Banner图

HumanGate

开发者 darkai
a22mun
更新时间 2025年12月26日 00:50
PHP版本: 7.4 及以上
WordPress版本: 6.9
版权: GPLv2 or later
版权网址: 版权信息

标签

privacy security ai anti-scraping robots-txt

下载

1.0.0 1.1.0

详情介绍:

HumanGate protects your WordPress site from AI training crawlers, search engine bots, and unauthorized scraping bots. Add global refusal signals (meta tags, HTTP headers, robots.txt), actively block bots (AI crawlers, scrapers, etc.), and deter large-scale bot extraction with lightweight JavaScript challenges—all without CAPTCHAs or heavy databases. Perfect for: How It Works:
  1. Block Search Engines - Optional setting to block all search engines (Google, Bing, etc.) using noindex/nofollow meta tags. This is a separate, clear setting at the top of the plugin configuration.
  2. AI Refusal Signals - Adds AI-specific meta tags, HTTP headers, and robots.txt rules that tell AI crawlers (GPTBot, ClaudeBot, PerplexityBot, etc.) not to train on your content. This works independently from search engine blocking.
  3. Active Enforcement - Optionally block or challenge bots at the HTTP level:
  4. Signals Only (default): Sends refusal signals only
  5. Challenge Mode: Requires JavaScript execution verification for all bots
  6. Block Mode: Returns 403 Forbidden to AI crawlers and other unauthorized bots
  7. Selective Friction - Automatically detects bot scraping patterns and serves invisible JavaScript challenges to any suspicious traffic:
  8. Burst traffic detection (12+ pages in 5 seconds) - catches all bots, not just AI crawlers
  9. Sequential traversal detection (machine-like pagination)
  10. Deep-link access detection (direct access to old content)
  11. Auto-completing challenges (no user interaction required)
  12. Works against all types of bots: AI training crawlers, scrapers, data harvesters, etc.
  13. Emergency Lockdown - Instantly lock down your site with one toggle, returning HTTP 451 responses with optional login-only access.
Design Philosophy: HumanGate doesn't try to perfectly identify machines. Instead, it makes large-scale extraction economically inefficient while keeping the experience invisible to 99% of real human users. No CAPTCHAs, no heavy databases, just lightweight protection.

安装:

  1. Upload the humangate folder to the /wp-content/plugins/ directory, or install through the WordPress admin plugins page
  2. Activate the plugin through the 'Plugins' menu in WordPress
  3. Navigate to HumanGate in the WordPress admin menu to configure settings
Quick Start: The plugin works immediately with default settings (AI Signals Only mode, and search engines blocked by default). For maximum protection or to allow search engine indexing:
  1. Decide on Search Engine Indexing:
  2. By default, HumanGate blocks all search engines (Google, Bing, etc.) from indexing your site.
  3. To allow search engines to index your site, go to HumanGate -> Settings and uncheck "Block Search Engines".
  4. If you want to allow search engines AND use "Block Mode" for AI crawlers, enable "Allow verified search engine bots" in the "Search Engine Blocking" section.
  5. Configure AI Crawler Blocking:
  6. Enable "AI Crawler Blocking" (enabled by default)
  7. Choose your enforcement mode:
  8. Signals Only - Recommended for most sites (sends AI refusal signals)
  9. Challenge Mode - Balances protection with user experience (challenges AI crawlers)
  10. Block Mode - Maximum protection (returns 403 Forbidden to AI crawlers)
  11. Content Type Control (Optional):
  12. Select which post types (posts, pages, custom types) should have blocking applied
  13. Both AI blocking and search engine blocking respect these settings
  14. You can also control this per individual post/page in the editor
  15. Optionally adjust bot challenge thresholds based on your traffic patterns
Customization Options:

屏幕截图:

  • Statistics dashboard with blocked crawler requests, top blocked user agent, top category, and "Blocked by Reason" table with tooltips
  • Content type control section showing per-post-type settings and per-post AI refusal controls

升级注意事项:

1.1.0 Performance improvements and whitelist feature. DNS lookups are now cached for faster response times. New IP and user agent whitelist options allow you to bypass blocking for trusted sources. Recommended update for all users. 1.0.0 Initial release of HumanGate.

常见问题:

Will this break my SEO?

HumanGate includes a clear, top-level setting to "Block Search Engines" which adds noindex/nofollow meta tags. When this setting is enabled (default), your site will NOT appear in Google search results or any other search engine. If you want search engine indexing, disable the "Block Search Engines" setting. You can still block AI training crawlers independently using the enforcement modes. For maximum protection while allowing search engines, disable "Block Search Engines" and use Challenge or Block Mode with "Allow verified search engine bots" enabled. HumanGate uses reverse DNS verification to ensure only legitimate search engine bots (Google, Bing, etc.) are allowed, while blocking all other bots including AI training crawlers, scrapers, and data harvesters.

Does this work with Yoast SEO?

Yes! HumanGate automatically detects SEO plugins (Yoast SEO, Rank Math, All in One SEO, SEOPress, etc.) and appends its AI crawler blocks to your existing robots.txt file. Both plugins work together seamlessly—your SEO plugin manages the base robots.txt, and HumanGate adds AI crawler blocks.

Will this block legitimate users?

No. The bot challenge system is designed to be invisible to 99% of real users. It only triggers on suspicious bot-like patterns (like accessing 12+ pages in 5 seconds). If a legitimate user does see a challenge, it auto-completes in seconds without any interaction required—unlike CAPTCHAs. The system specifically targets bots (AI crawlers, scrapers, data harvesters) while allowing real human visitors.

What's the performance impact?

Minimal. HumanGate uses WordPress transients (not database tables) for lightweight data storage. Search engine bot verification adds 100-500ms per verified request due to reverse DNS lookups, so it's disabled by default. Only enable it if you're using Block Mode and need search engine indexing.

Can I use this with other security plugins?

Yes, HumanGate is compatible with most security and caching plugins. It uses standard WordPress hooks and doesn't interfere with other plugins' functionality. If you're using a firewall plugin, make sure it's not blocking HumanGate's challenge system.

What bots does this block?

HumanGate can block both AI training crawlers and other unauthorized bots. The bot challenge system works against all types of bots, not just AI crawlers—including scrapers, data harvesters, price monitoring bots, and more. For specific AI crawler blocking, HumanGate targets known AI training crawlers including GPTBot (OpenAI), ClaudeBot (Anthropic), PerplexityBot, CCBot (Common Crawl), Google-Extended, Applebot-Extended, and many others. See the plugin settings for the complete list of AI crawlers, and note that the challenge system catches all suspicious bot traffic regardless of user agent.

Can I selectively apply AI refusal to specific post types?

Yes! HumanGate includes granular content type control—you can select which post types (posts, pages, custom post types) should have AI blocking and/or search engine blocking applied. Both settings respect the same content type selection. You can also control this per individual post/page in the editor. For example, if you enable AI blocking but only select "posts" in content type control, it will only apply to posts, not to pages or other content types.

How does the bot challenge system work?

When suspicious bot traffic patterns are detected (regardless of whether it's an AI crawler, scraper, or other bot), HumanGate serves a lightweight JavaScript challenge that runs automatically in the browser. It collects browser entropy (screen size, timezone, performance data) and verifies it server-side. Real browsers pass instantly; bots without JavaScript engines (like curl, wget, Python scrapers) stall or fail. This works against all types of bots, not just AI training crawlers.

更新日志:

1.1.0 1.0.0