Accept-Language Header: Basic Bot Detection in BotBlocker

BotBlocker’s core free functionality uses Accept-Language header analysis as a lightweight, fast, and reliable way to weed out automated bots. This check runs automatically – no extra settings or geo-language mapping required.

How Accept-Language Checking Works

Most browsers send a standard Accept-Language header (like en-US, ru, de-DE). Bots and scripts often skip this step or fill the header with garbage. BotBlocker blocks requests if:

• The Accept-Language header is completely missing
• The header is set to *, an empty string, or looks random (e.g. xxx-XX, ,,, junk data)
• The format is syntactically invalid for standard language codes

This method stops a huge share of spam and scraping bots before they reach WordPress.

Why This Check is Effective

• Nearly all real browsers send a proper Accept-Language value
• Most simple bots don’t, so early filtering catches them instantly
• No manual configuration is required
• The check is fast and happens before WordPress core loads, reducing resource waste

How to Use Accept-Language Filtering

Just activate BotBlocker. No need to tweak language maps or add custom rules. The filter runs by default, protecting your site automatically.

FAQ

Can it block real visitors?
Almost never. All modern browsers set Accept-Language by default. Only some rare CLI tools or misconfigured scrapers are affected.

Does this slow down the site?
No, the check is extremely fast and adds zero noticeable delay.

BotBlocker Advanced Protection