Getting Started

Welcome to b8t Documentation. b8t makes it easy to protect your website from bots in minutes. Choose your integration method below or explore our full documentation for advanced options.

Quick Start (JavaScript Snippet):

1. Copy the following code:

<script type="module" src="https://bot.b8t.io/static/index.js"></script>

2. Paste it just before the '</head>' tag of your website.

3. Save and deploy.

Your site is now protected!

Need a plugin? See guides for WordPress, Shopify, or Wix in the Integration Guides section.

FAQ

Integration Guides

Detailed guides for integrating b8t with various platforms.

JavaScript Snippet

Learn how to integrate b8t using the simple JavaScript snippet.

<script type="module" src="https://bot.b8t.io/static/index.js"></script>

Paste this code before the '</head>' tag on every page you want to protect.

WordPress Plugin [Coming Soon]

Step-by-step guide to installing and configuring the b8t WordPress plugin.

1. Go to Plugins > Add New in your WP admin.

2. Search for “b8t Bot Protection.”

3. Click Install, then Activate.

4. Enter your site key (from b8t dashboard).

5. Protection is live!

Shopify App [Coming Soon]

Guide to installing and setting up the b8t Shopify app.

1. Visit the Shopify App Store and search “b8t Bot Protection.”

2. Click Install.

3. Follow on-screen instructions to connect your store.

4. Done!

Wix App [Coming Soon]

Guide to adding and configuring the b8t Wix app.

1. Go to the Wix App Market.

2. Find “b8t Bot Protection.”

3. Click Add to Site.

4. Follow setup wizard.

5. Enjoy automated protection.

SDK Reference

The b8t client-side SDK automatically performs bot detection after being loaded onto your page. It makes the detection result available globally in the browser.

Accessing Detection Results

Once the b8t SDK completes its analysis, the result is stored in a JavaScript object accessible via:

window.botDetectionResult

This object contains the following properties:

• is_bot (boolean): Indicates whether the visitor was classified as a bot (true) or not (false).
• reason (string): Provides a brief explanation or category for why the visitor was classified as a bot (e.g., "Automated browser", "Known malicious IP", "Behavioral anomaly"). This property is only present if is_bot is true.

Example Usage

You can check this variable in your own scripts to take specific actions:

            if (window.botDetectionResult && window.botDetectionResult.is_bot) {
              console.log('Bot detected! Reason:', window.botDetectionResult.reason);
              // Optional: Add custom logic here, like preventing form submission
              // or logging the event for closer inspection.
            } else {
              console.log('Human visitor detected.');
            }
                

Note: The window.botDetectionResult object might not be immediately available upon page load. Ensure your scripts check for its existence or access it after a short delay or within an event listener that fires after the SDK has likely completed its run.

API Reference

Currently, b8t does not offer a public API for direct integration or data retrieval. All bot detection happens automatically via the client-side JavaScript SDK.

The results of the detection are available directly in the browser using the window.botDetectionResult JavaScript object, as described in the SDK Reference section.

Advanced Configuration

b8t is designed for simplicity and ease of use. There are no advanced configuration options required or available at this time.

Simply add the JavaScript snippet or install the relevant plugin/app, and b8t automatically handles bot detection based on our continuously updated models and techniques. There's no need to tune thresholds or manage complex settings.

Analytics & Monitoring

b8t does not provide a dedicated analytics dashboard. We focus on providing accurate bot detection directly on your website.

For monitoring bot activity and understanding its impact, we recommend integrating the b8t SDK results with your existing analytics platform, such as Google Analytics or Google Tag Manager.

Integrating with Google Analytics (gtag.js)

You can send the bot detection result as a custom event to Google Analytics. Add the following script snippet to your page after your Google Analytics setup code and after the b8t SDK script tag:

            <script>
              // Function to send bot detection event to Google Analytics
              function sendBotDetectionToGA() {
                if (typeof gtag === 'function' && typeof window.botDetectionResult !== 'undefined') {
                  gtag('event', 'bot_detection', {
                    'event_category': 'Security',
                    'event_label': window.botDetectionResult.is_bot ? window.botDetectionResult.reason : 'Human',
                    'value': window.botDetectionResult.is_bot ? 1 : 0, // 1 for bot, 0 for human
                    'non_interaction': true // Recommended to avoid affecting bounce rate
                  });
                } else {
                  // Retry after a short delay if gtag or result is not ready
                  setTimeout(sendBotDetectionToGA, 500);
                }
              }
            
              // Call the function initially
              // Ensure b8t script has loaded first. A simple delay might work,
              // but more robust solutions involve checking for window.botDetectionResult.
              setTimeout(sendBotDetectionToGA, 1500); // Adjust delay as needed
            </script>
                

You can then create custom reports or segments in Google Analytics based on the 'bot_detection' event or associated parameters.

Integrating with Google Tag Manager (GTM)

1. Create Data Layer Variables: In GTM, create two Data Layer Variables:

• `isBot`: Variable Name `is_bot`
• `botReason`: Variable Name `reason`

2. Push Data to Data Layer: Add this script after the b8t SDK script tag on your page:

            <script>
              window.dataLayer = window.dataLayer || [];
              function pushBotResultToDataLayer() {
                if (typeof window.botDetectionResult !== 'undefined') {
                  window.dataLayer.push({
                    'event': 'botResultAvailable',
                    'is_bot': window.botDetectionResult.is_bot,
                    'reason': window.botDetectionResult.is_bot ? window.botDetectionResult.reason : undefined
                  });
                } else {
                  // Retry after a short delay
                  setTimeout(pushBotResultToDataLayer, 500);
                }
              }
              // Call the function after a delay
              setTimeout(pushBotResultToDataLayer, 1500); // Adjust delay
            </script>
                    

3. Create a Custom Event Trigger: In GTM, create a trigger named "Bot Result Available" that fires on the Custom Event `botResultAvailable`.

4. Configure Your Tag: Create or modify your Google Analytics tag (or any other tag) to fire using the "Bot Result Available" trigger. You can now use the `{{isBot}}` and `{{botReason}}` variables in your tag's fields (e.g., as custom dimensions or event parameters).

Troubleshooting & FAQs

Security & Compliance

We take security and data privacy seriously. Here’s an overview of our practices:

• Network Security: All network communication related to bot detection uses end-to-end encryption (HTTPS/TLS).
• Infrastructure Security: Our backend infrastructure leverages Cloudflare's CDN and security services, which are SOC 2 accredited.
• Code Security: The client-side SDK code employs minification, obfuscation, and WebAssembly (WASM) compilation techniques to deter reverse engineering and tampering.
• Data Minimization: We do not collect any Personally Identifiable Information (PII). Only data relevant to detecting bots (e.g., browser properties, behavioral patterns, IP reputation) is collected.
• Data Usage: Collected bot detection data is used solely for the purpose of improving and providing the bot mitigation service.
• Data Retention: Bot detection related data is retained for a maximum of 30 days.
• Data Storage: Any data stored on our backend is encrypted at rest.
• Access Control: We adhere to high industry standards for internal access and permission policies to protect system integrity.
• Testing & Verification: Our solution undergoes rigorous testing against simulated bots and real devices on device farms across various browsers before deployment.
• Compliance Reviews: We conduct routine internal reviews for compatibility with GDPR and CCPA principles. However, please note that b8t does not currently hold formal GDPR or CCPA accreditation. We recommend consulting with your own legal counsel to ensure your implementation meets your specific compliance needs.
• Legitimate Bots: We identify and allow known legitimate bots from search engines and social media platforms.

Changelog & Updates

The b8t SDK is automatically updated via our CDN. We continuously refine our detection models and techniques behind the scenes to stay ahead of evolving bot threats. Major feature updates or changes potentially affecting integration will be communicated through appropriate channels.

Last structural update: April 30, 2025

Community & Support

Have questions or need assistance?

• Check our Troubleshooting & FAQs section for common issues.
• Visit our [Community Forum Link - if you have one] to connect with other users.
• Report issues or suggest features on our [GitHub Repository Link - if applicable].
• For direct support, please use the contact methods available on our main website.