GhostGuard silently analyses every session and email connection — blocking bots, scrapers, credential stuffers, and mail abusers before they reach your application. Zero friction for real users.
GhostGuard covers the full attack surface — not just form spam, but scrapers, session hijackers, credential stuffers, and mail abusers.
Scoring happens entirely server-side. The client never sees a score, a threshold, or any detection logic — there is nothing to reverse-engineer from the browser.
A <2KB async script loads with your page. It gathers timing signals and browser probes — no key values, no form content, no PII.
Every 30 seconds a JSON bundle posts to your private endpoint. Async, non-blocking, and completely invisible to visitors.
The Python scoring brain analyses all signals with weighted algorithms — typing variance, mouse curvature, fingerprint checks, event jitter. Produces a score of 0–100.
Three lines at the top of any sensitive page. The GhostGuard client silently exits with 403 if the session is a bot. Real users never notice.
Every blocked session, every mail connection scored, every ban logged — with score, verdict, reasons, and full timestamp.
GhostGuard's architecture separates collection, scoring, and enforcement into isolated layers. The customer website never touches scoring logic — it only calls a remote decision endpoint.
The collection endpoint validates the API key and origin. Writes session and signal data to the database. Fires the scoring engine asynchronously — zero blocking for the visitor.
730-line scoring brain runs 6 weighted analysers: typing cadence, mouse dynamics, session timing, browser fingerprint, event jitter, and cross-tenant reputation.
Score and verdict stored in sessions table. Full explanation JSON saved to session_verdicts with per-signal confidence values.
Guard check reads verdict, checks ban list, applies threshold. Returns allow/block. Auto-bans bot sessions to ban_list for future requests.
GhostGuard extends its scoring engine to SMTP connections — catching spam campaigns, phishing, and mail-bombing before they reach your users or your contact forms.
Legitimate mail servers have natural variance across EHLO, MAIL FROM, RCPT TO, and DATA phases. Bots complete the entire handshake in under 100ms with zero variation.
Checks Received chain length, Date header skew, Message-ID entropy, MIME boundary randomness, and the full SPF/DKIM/DMARC authentication chain.
Subject line entropy detects obfuscated spam subjects. HTML-to-text ratio near 1.0 is a bulk-template signal. Excessive unique link domains indicate phishing campaigns.
Tracks per-sender rate in real time. More than 20 messages per minute from a single source triggers immediate suspicious scoring regardless of other signals.
Drop MailSensor into your PHP mail handler. Record signals from any inbound message in four lines and get a scored verdict before you process it.
GhostGuard builds a cross-tenant reputation graph from anonymised observations. IPs, /24 networks, and browser fingerprints seen across multiple accounts carry compounding risk weight — without ever sharing identifiable data between subscribers.
| Capability | GhostGuard | reCAPTCHA v3 | Turnstile | Generic WAF |
|---|---|---|---|---|
| Score never exposed to client | ✓ Server-only | ✗ JS-exposed | ✗ | ✓ |
| Self-hosted / your data | ✓ Your server | ✗ Cloudflare | ~ Varies | |
| Email threat scoring | ✓ | ✗ | ✗ | ~ Limited |
| Behavioural biometrics | ✓ 16 signals | ~ Google-only | ✗ | ✗ |
| Tunable per-domain rules | ✓ | ✗ | ✗ | ~ |
| PHP 3-line integration | ✓ | ✗ | ✗ | ✗ |
| No third-party data sharing | ✓ | ✗ Cloudflare | ~ | |
| Transparent visitor badge | ✓ Built-in | ✗ | ✗ | ✗ |
Every plan includes the full 24-signal engine and both web and email protection. You only pay for scale.
All plans include a 14-day free trial. Billed in USD. Cancel anytime.
GhostGuard continuously analyses your traffic and generates threshold and weight recommendations with confidence scores. You approve, simulate, or dismiss — nothing changes in production without your action.
We teach cryptographic best practices at PrivacyHash. GhostGuard is held to the same standard — no third-party data sharing, no surveillance, no hidden tracking.
14-day free trial. Full Pro features. No credit card required.