AI News HubLIVE
站内改写3 min read

Caddy Defender Plugin: return garbage responses for AI crawlers

Caddy Defender is a Caddy middleware that blocks or manipulates requests from AI crawlers and cloud services using IP range filtering and multiple response backends, such as returning garbage data to pollute training sets.

SourceHacker News AIAuthor: hamburgererror

Uh oh!

There was an error while loading. Please reload this page.

Notifications You must be signed in to change notification settings

Fork 20

Star 554

BranchesTags

Open more actions menu

Folders and files

NameName

Last commit message

Last commit date

Latest commit

History

316 Commits

316 Commits

.github

.github

.idea

.idea

benchmarks/random

benchmarks/random

cache

cache

development

development

docs

docs

examples

examples

matchers

matchers

ranges

ranges

responders

responders

.dockerignore

.dockerignore

.gitignore

.gitignore

.golangci.yaml

.golangci.yaml

CONTRIBUTING.md

CONTRIBUTING.md

Dockerfile

Dockerfile

FEATURED

FEATURED

LICENSE

LICENSE

README.md

README.md

SECURITY.md

SECURITY.md

config.go

config.go

config_test.go

config_test.go

go.mod

go.mod

go.sum

go.sum

middleware.go

middleware.go

middleware_test.go

middleware_test.go

mkdocs.yml

mkdocs.yml

plugin.go

plugin.go

Repository files navigation

The Caddy Defender plugin is a middleware for Caddy that allows you to block or manipulate requests based on the client's IP address. It is particularly useful for preventing unwanted traffic or polluting AI training data by returning garbage responses.

Features

IP Range Filtering: Block or manipulate requests from specific IP ranges.

Embedded IP Ranges: Predefined IP ranges for popular AI services (e.g., OpenAI, DeepSeek, GitHub Copilot).

Custom IP Ranges: Add your own IP ranges via Caddyfile configuration.

Multiple Responder Backends:

Block: Return a 403 Forbidden response.

Custom: Return a custom message.

Drop: Drops the connection.

Garbage: Return garbage data to pollute AI training.

Redirect: Return a 308 Permanent Redirect response with a custom URL.

Ratelimit: Ratelimit requests, configurable via caddy-ratelimit.

Tarpit: Stream data at a slow, but configurable rate to stall bots and pollute AI training.

Installation

Using Docker

The easiest way to use the Caddy Defender plugin is by using the pre-built Docker image.

Pull the Docker Image:

docker pull ghcr.io/jasonlovesdoggo/caddy-defender:latest

Run the Container: Use the following command to run the container with your Caddyfile:

docker run -d \ --name caddy \ -v /path/to/Caddyfile:/etc/caddy/Caddyfile \ -p 80:80 -p 443:443 \ ghcr.io/jasonlovesdoggo/caddy-defender:latest

Replace /path/to/Caddyfile with the path to your Caddyfile.

Please see the online documentation for other methods of installation.

Configuration

Caddyfile Syntax

The defender directive is used to configure the Caddy Defender plugin. It has the following syntax:

defender { message ranges url }

: The responder backend to use. Supported values are:

block: Returns a 403 Forbidden response.

custom: Returns a custom message (requires message).

drop: Drops the connection.

garbage: Returns garbage data to pollute AI training.

redirect: Returns a 308 Permanent Redirect response (requires url).

ratelimit: Marks requests for rate limiting (requires Caddy-Ratelimit to be installed as well ).

tarpit: Stream data at a slow, but configurable rate to stall bots and pollute AI training.

: An optional list of CIDR ranges or predefined range keys to match against the client's IP. Defaults to aws azurepubliccloud deepseek gcloud githubcopilot openai.

: A custom message to return when using the custom responder.

: The URI that the redirect responder would redirect to.

For more information about the configuration, refer to the configuration page on the website.

Quick Start

The documentation website has info that includes the configurations of the plugin, code examples, and more.

For a quick start, follow the Getting Started guide to protect your server using the Caddy Defender Plugin.

For examples, check out docs/examples.md

Embedded IP Ranges

The plugin includes predefined IP ranges for popular AI services. These ranges are embedded in the binary and can be used without additional configuration.

Service Key IP Ranges

Alibaba Cloud aliyun aliyun.go

VPNs vpn vpn.go

AWS aws aws.go

AWS Region aws-us-east-1, aws-us-west-1, aws-eu-west-1 aws_region.go

DeepSeek deepseek deepseek.go

GitHub Copilot githubcopilot github.go

Google Cloud Platform gcloud gcloud.go

Oracle Cloud Infrastructure oci oracle.go

Microsoft Azure azurepubliccloud azure.go

OpenAI openai openai.go

Mistral mistral mistral.go

Vultr vultr vultr.go

Cloudflare cloudflare cloudflare.go

Digital Ocean digitalocean digitalocean.go

Linode linode linode.go

Private private private.go

All IP addresses all all.go

Disabled by default (require manual inclusion at build time)

Service Key IP Ranges

Tor Exit Nodes tor tor.go

ASN (Autonomous System Numbers) asn asn.go

More are welcome! for a precompiled list, see the embedded results

Contributing

We welcome contributions! To get started, see CONTRIBUTING.md.

License

This project is licensed under the MIT License. See the LICENSE file for details.

Acknowledgments

The inspiration for this project.

bart - Karl Gaissmaier's efficient routing table implementation (Balanced ART adaptation) enabling our high-performance IP matching

Built with ❤️ using Caddy.

Star History

About

Caddy module to block or manipulate requests originating from AIs or cloud services trying to train on your websites

defender.jsn.cam/

Topics

security

ai

filter

waf

caddy

web-security

blocker

caddyserver

ip-blacklist

caddy-plugin

blockers

ip-filtering

chatgpt

ai-blocker

Resources

Readme

License

MIT license

Contributing

Contributing

Security policy

Security policy

Uh oh!

There was an error while loading. Please reload this page.

Activity

Stars

554 stars

Watchers

4 watching

Forks

20 forks

Report repository

Releases 9

v0.10.1

Latest

May 14, 2026

+ 8 releases

Sponsor this project

Uh oh!

There was an error while loading. Please reload this page.

Learn more about GitHub Sponsors

Packages 0

Uh oh!

There was an error while loading. Please reload this page.

Uh oh!

There was an error while loading. Please reload this page.

Contributors

Uh oh!

There was an error while loading. Please reload this page.

Languages

Go 99.7%

Other 0.3%