Bot intelligence record

VaultPress

Usually allow

Use the VaultPress identifier to separate Automattic security scanning or verification traffic from normal visitor requests in server logs.

Security Security Verified Bot Confidence: Medium Verified: Yes robots.txt: No

User-Agent Pattern

Automattic
VaultPress

Robots.txt Snippet

Copy-ready 
User-agent: VaultPress Disallow: /

Handling Guidance

No

This bot is usually safe to allow when the request source is verified and the traffic matches your site policy.

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Record Details

Structured data
Operator
Automattic
Family
Automattic
Type
Security
Purpose
Security
Identity type
Verified Bot
Confidence
Medium
Last verified
2026-04-01
Last checked
2026-05-20
Source type
Verified Directory
Spoofing risk
User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

Notes

VaultPress is listed in the Botcrawl directory as a security scanner from Automattic. The primary identifier for log review is VaultPress.

Identification

  • User-agent pattern: VaultPress
  • Family: Automattic
  • Type: Security
  • Kind: Scanner

Common use

Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.

Verification and handling

Confirm the user-agent against server logs and use published operator documentation, IP ranges, reverse DNS, or other trust signals when available.

Directory guidance marks the risk level as Safe and the blocking decision as No. Do not rely on the user-agent string alone because user-agent strings can be copied or spoofed.

Robots.txt handling: No.

Evidence and Source

  • Validate the identifying user-agent or signature against the operator documentation before creating hard allow rules.
  • Match `VaultPress` as a case-insensitive substring in HTTP user-agent logs. Do not treat a user-agent match alone as proof of identity for allow-listing.
  • Security scanning, malware checks, abuse prevention, compliance review, or vulnerability monitoring.
  • User-agent strings can be spoofed. For allow-listing or low-friction rules, pair the published identifier with operator documentation or cryptographic verification when available.

https://vaultpress.com/

Same family: Automattic

Tumblr Neutral

Tumblr

On Tumblr, post authors can paste a URL in their post, and we'll "unfurl" that URL into a pretty Link "Block" for their post by making a request to the URL and parsing the response.

Automattic Automattic Scraper Scraping
Verified robots.txt: No Block: Depends Verified Bot
jetmon Safe

Jetpack

Uptime monitor for users of WordPress.com/Jetpack — https://jetpack.com/support/monitor/.

Automattic Automattic Monitoring Monitoring
Verified robots.txt: No Block: No Verified Bot

Similar purpose: Security

YahooMailProxy Neutral

YahooMailProxy

Yahoo Mail Proxy is a content fetch proxy that retrieves the page content of URLs that are embedded within emails sent to Yahoo Mail users. Having the content displayed through the proxy.

Yahoo Yahoo Security Security
Verified robots.txt: No Block: Depends Verified Bot
XY-Archive-Compliance Neutral

XY Archive Compliance Bot

XY Archive Compliance Bot is a security scanner from XY Archive Compliance used for security checks, malware review, or abuse prevention.

XY Archive Compliance XY Archive Compliance Security Security
Verified robots.txt: No Block: Depends Verified Bot
TermlyBot Neutral

Termly

Termly is a security bot associated with Termly, used for security, verification, or anti-abuse checks.

Termly Termly Security Security
Verified robots.txt: No Block: Depends Verified Bot
Sucuri Safe

Sucuri

The Sucuri bot is part of the Sucuri website security platform. It crawls websites to scan for malware, security risks, and blacklisting status.

Sucuri Sucuri Security Security
Verified robots.txt: No Block: No Verified Bot

WordPress Bot Protection

Bot Blocker for WordPress

Monitor bot traffic, review live activity, and control AI crawlers, scrapers, scanners, spam bots, and fake trusted bots from one clean WordPress dashboard.

Start Free Trial View Details