BotBlocker includes a dedicated API that enables deep, programmable, and highly flexible verification of all incoming visitors. This API allows developers and advanced users to integrate BotBlocker’s security logic into external systems, custom workflows, reverse proxies, load balancers, and specialized automation pipelines. By using the API, you can trigger real-time checks, apply additional filtering, and enforce security rules long before a request reaches WordPress.
The API performs a full server-side validation of the visitor, including BotBlocker’s internal detection layers such as IP analysis, DNS inspection, PTR checks, ASN lookups, user agent profiling, and behavior-based filtering. This guarantees consistent results even when requests bypass the browser or attempt to spoof parameters.
You can integrate the API with firewall appliances, NGINX or Apache rewrite layers, Cloudflare Workers, load balancers, proxies, or external SaaS platforms. This makes it possible to enforce your WordPress security rules on infrastructure levels outside WordPress itself.
All checks performed via the API fully match the logic used inside WordPress. This means you can run the same high-level protection anywhere: on remote servers, in background tasks, or in external applications that pre-screen visitors.
Large installations can call the API from a reverse proxy to block unwanted traffic before it reaches WordPress, reducing resource usage and improving performance.
If you operate a network of sites, you can centralize all traffic verification on a single BotBlocker instance and use its API from each node.
The API can be used inside cron jobs, n8n workflows, CI/CD pipelines, or custom scripts to trigger IP checks, validate suspicious visitors, or automatically update blocklists.
The API returns unified JSON responses that include visitor status, detailed check results, and actionable fields: allowed, blocked, suspicious, reason, rule source, and additional metadata. This lets your external systems interpret results reliably and apply automated decisions.
The API is lightweight, fast, and optimized for high throughput, making it suitable for enterprise-level traffic and batch processing scenarios.
