Website Security
Stop Spam, Scrapers &
Bot Traffic.
Protect every form, endpoint, and page from spam bots, content scrapers, and fake traffic — without slowing down real visitors.
< 50ms
Global edge latency
99.9%
API uptime SLA
1 SDK
All signals, one call
The challenge
Fraud patterns that cost Websites businesses the most
Contact form spam
Bots flood contact and lead forms with spam submissions, drowning real enquiries and filling your CRM with junk data.
Content & price scraping
Scrapers harvest your articles, product data, and pricing to feed competitor intelligence tools or train AI models without permission.
Fake analytics traffic
Bot traffic inflates your page view metrics, poisons conversion funnels, and makes A/B tests unreliable — corrupting every business decision.
API abuse & rate bypass
Bots cycle IPs and rotate user agents to bypass rate limits and hammer public APIs, degrading performance for real users.
How it works
One API call. One decision. No extra vendor.
Send the context you have
Pass the IP, email, and user-agent from the form_submit request — no extra data collection needed.
Get allow, challenge, or block
RequestGuard combines IP reputation, email signals, proxy detection, and device fingerprints into one structured decision.
Act in your app
Let low-risk sessions through, show a CAPTCHA on challenge, or block high-risk requests — with full audit trail in your dashboard.
Capabilities
Purpose-built signals for Websites
Form & endpoint protection
Score every form submission with IP reputation, user-agent signals, and request patterns. Block spam bots before they reach your inbox or database.
Scraper & bot detection
Identify datacenter IPs, headless browser fingerprints, and high-velocity request patterns that indicate scraping bots or API abusers.
Proof-of-work CAPTCHA
Challenge suspicious sessions with a proof-of-work puzzle that's invisible to real users but computationally expensive for bots at scale.
Zero-config integration
One SDK, one API call. Works with any framework — Next.js, SvelteKit, WordPress, or plain HTML. No infrastructure to manage.
Integration
Two lines of code. Full fraud coverage.
Send the context you already collect. Get back a structured decision with risk factors — ready to act on without a separate lookup per signal.
import RequestGuard from "@requestguard/js";
const guard = RequestGuard({ apiKey: "rg_sk_live_..." });
const decision = await guard.assess({
ip: req.ip,
email: body.email,
userAgent: req.headers["user-agent"],
event: "form_submit",
});
// decision: "block" — datacenter IP + headless browser signals
if (decision.decision === "block") {
throw new Error("Request blocked");
}
if (decision.decision === "challenge") {
return requireCaptcha();
}Protect your website from bots and scrapers.
Start with 1,000 free protected requests. No credit card required.