Bot Blocker Privacy Policy

This Privacy Policy applies to the WordPress plugin Bot Blocker published by botcrawl.com. This policy explains what data the plugin may collect, how that data is used, and how it is handled. This policy is specific to the Bot Blocker plugin and does not replace the general Botcrawl website privacy policy.

Summary

  • The plugin is designed to detect, log, monitor, rate limit, and block bot traffic inside WordPress.
  • The plugin may store bot-related request data in your WordPress database depending on your settings.
  • The plugin does not send bot logs or visitor data to botcrawl.com.
  • The plugin does not include advertising, analytics, profiling, or data selling features.
  • Some optional features, such as geolocation, may use a third party service if enabled by the site administrator.

What data the plugin may collect

Bot Blocker is a server-side WordPress plugin. Depending on how the site administrator configures it, the plugin may collect and store information related to incoming requests that appear to be automated, suspicious, or bot-related.

This may include:

  • IP address information, including full IP address, masked IP, or hashed IP depending on plugin settings
  • User agent string
  • Requested URL path
  • Action taken by the plugin, such as allow, log, rate limit, temporary block, or block
  • Bot classification data, such as whether traffic matched a known bot family or category
  • Verification state, such as whether a claimed trusted bot was verified, failed verification, or remains unverified
  • Timestamp and event counters
  • Optional query string logging, if enabled by the site administrator
  • Optional referrer logging, if enabled by the site administrator
  • Optional geolocation fields, if enabled by the site administrator

What the plugin does not do by default

  • It does not transmit bot logs or visitor traffic data to botcrawl.com.
  • It does not include ads, analytics scripts, or cross-site tracking features.
  • It does not sell or rent user data.

How the plugin uses this data

Bot Blocker uses stored request information for security and site administration purposes. This includes:

  • Detecting and classifying bot traffic
  • Applying allow, log, rate limit, temporary block, or block actions
  • Maintaining manual allow and block lists
  • Displaying bot activity in the live monitor and logs inside WordPress
  • Supporting review, troubleshooting, and bot traffic analysis by the site administrator

What data may be stored in WordPress

When logging is enabled, Bot Blocker may store bot event records in the site’s WordPress database. Depending on configuration, this may include IP-related information, user agent, request path, action taken, event count, verification state, and optional query string, referrer, and geolocation details.

The plugin may also store:

  • Plugin settings
  • Manual allow and block list entries
  • Temporary lock and rate limit data
  • Cached bot verification or geolocation data for performance and repeated request handling

Optional query string and referrer logging

Bot Blocker can optionally log query strings and referrers if the site administrator enables those settings. These fields can sometimes contain personal or sensitive information depending on how a website is used. For that reason, these features should only be enabled when needed.

When query string logging is enabled, the plugin is designed to redact certain sensitive parameter names before storage where possible.

Optional geolocation

Bot Blocker can optionally enrich bot event logs with approximate geolocation data. If geolocation is enabled by the site administrator, the plugin may send the visitor IP address to a third party geolocation service in order to retrieve country, region, city, latitude, and longitude information.

If geolocation is disabled, this lookup does not occur.

Trusted bot verification

The plugin may perform technical verification checks on traffic that claims to come from trusted or well known bots. This may include DNS-based verification or related technical validation steps performed by the plugin or the WordPress server environment. These checks are used only to determine how traffic should be classified and handled.

Third party services

If geolocation is enabled, the plugin may use the following third party service:

  • ipwho.is, for IP geolocation lookups

That service may process the IP address used for the lookup according to its own policies. Botcrawl does not control third party privacy practices.

Who can access the data

Bot Blocker data is intended for access by authorized WordPress administrators or users with sufficient permissions on the site where the plugin is installed. Botcrawl does not automatically receive this data simply because the plugin is installed.

Data sharing and selling

Botcrawl does not sell, rent, or share plugin-collected data for advertising purposes. Any data stored by the plugin remains under the control of the site operator, except where optional third party features such as geolocation are enabled by that operator.

Data retention

Bot Blocker includes retention and cleanup behavior for logs and temporary lock data. Actual retention depends on how the site administrator configures the plugin and how long the plugin remains installed. Site administrators are responsible for choosing retention periods appropriate for their legal, operational, and privacy requirements.

WordPress privacy tools

Bot Blocker is designed to support WordPress privacy-related tooling where applicable. However, because bot logs are security and traffic records rather than user account profiles, site administrators should review how the plugin is used and whether stored data should be retained, exported, or erased in their environment.

Children’s privacy

This plugin is not directed at children and is intended for use by website owners and administrators managing WordPress sites.

Security

Bot Blocker is designed to help website operators identify and control bot traffic inside WordPress. Stored plugin data remains within the site’s own WordPress environment unless the site administrator enables optional third party features such as geolocation lookups.

Changes to this policy

We may update this policy if the plugin changes. The last updated date on this page should be revised to reflect the most recent version.

Contact

If you have questions about this privacy policy, contact: support@botcrawl.com