Documentation

GhostGuard developer docs

Everything you need to integrate, configure, and get the most out of GhostGuard's bot and email threat intelligence platform.

📚
PHP library
Three-line integration. Download the client, add your API key, protect any page.
🔗
REST API
Full API reference. Query sessions, manage bans, stream live feed, and more.
📰
Webhooks
Push scored events to your SIEM, CRM, or logging pipeline in real time.

Quick start — 10 minutes to production

Step 1. Create your account and get your API key from the dashboard. Your first key is generated automatically on registration.

Step 2. Add the JS collector to every page you want to protect, just before </body>:

<!-- Paste the snippet from your dashboard Install guide -->
<script src="https://ghostguard.privacyhash.com/gg.js?key=GG-YOUR-API-KEY"></script>

Step 3. Download your pre-keyed PHP client file from the Install guide tab in your dashboard, upload it to your server root, then add three lines to any PHP page you want to protect:

require_once __DIR__ . '/gg-client.php';
$gg = new GhostGuard('GG-YOUR-API-KEY');
$gg->protect();
🛡 Fail-open by default. If GhostGuard is unreachable due to a network issue, the PHP client allows the request through. Your site never goes down because of GhostGuard.

How scoring works

The JS collector gathers up to 24 behavioural and fingerprint signals over a 2–10 second window. These are beaconed to GhostGuard's collection endpoint, where a Python scoring engine analyses them asynchronously and writes a session score (0–100, higher = more human) back to the database.

When your PHP client calls the protection method, GhostGuard reads the stored score and returns a decision: allow or block. Bot sessions receive a silent 403 — no error page that reveals detection, no redirect, no CAPTCHA.

Score rangeVerdictAction
0 – 34botSilent 403 + auto-ban to ban_list
35 – 64suspiciousLogged and monitored, request allowed
65 – 100humanAllowed

Default thresholds. Configurable per-account and per-domain from your dashboard.

Remote decision architecture

Your customer website never includes GhostGuard's internal platform files. The PHP client file you download makes a single HTTPS POST to the GhostGuard guard API with your API key and the visitor's session ID. GhostGuard evaluates and responds — that's the entire integration surface.

// What the PHP client sends
POST https://ghostguard.privacyhash.com/api/check

{
  "api_key": "GG-YOUR-API-KEY",
  "sid": "visitor-session-id",
  "ip": "visitor-ip",
  "ua": "visitor-user-agent",
  "host": "your-domain.com",
  "url": "/checkout.php"
}

// Response
{ "ok": true, "decision": "allow", "score": 91, "verdict": "human" }

Need help?

Email support@privacyhash.com — we respond within one business day on all plans, same day on Pro and Enterprise.