Bot Detection power-up

Overview

This power-up automatically checks whether each incoming request comes from a bot (e.g., referral spam, automated scripts). When enabled, it adds two headers to every request:

• X-Device-Bot (returns true or false).
• X-Device-Bot-Score (a score ranging from 1 to 100, with 100 indicating a high likelihood of bot traffic).

Next, by creating a Request Header variable for these headers in your sGTM container, you can use the bot detection signals to filter out unwanted or suspicious hits. For instance, you can prevent GA4 or other tags from firing if the request is identified as bot traffic.

Benefits of Bot Detection

• Cleaner analytics data - spammy bot traffic can inflate metrics, leading to inaccurate conversion rates, referral reports, and audience insights. If you filter out these hits, your analytics reports will reflect more accurate and reliable data based on real users.
• Enhanced security and fraud prevention - malicious bots can drive fraudulent clicks or artificially inflate traffic. Blocking suspicious requests at the server level helps protect your marketing budget from wasted ad spend.
• Ease of setup and maintenance - implementing robust bot detection often requires custom coding or third-party solutions. But the Bot Detection power-up seamlessly integrates with your existing Stape’s sGTM services, allowing you to enable, configure, and maintain bot filtering in a single platform.

How to set up the Bot Detection power-up

1. Log in to your stape.io account.

2. Select your sGTM container on the dashboard.

3. Click Power-ups, then click the Use button next to the Bot Detection panel.

4. Toggle the Bot Detection switch.

5. Click Save changes.

6. The Bot Detection power-up has been configured on Stape. Here is an example of how to use the power-up’s data to filter the bot traffic in Google Tag Manager:

1) Create a Variable on the sGTM container with the type Request Header and enter the name X-Device-Bot.

2) Use this variable as an additional condition in your GA4 trigger configuration on the server (or any other triggers where you want to limit the impact of bot traffic).

Testing Bot Detection

To verify that the Bot Detection power-up works correctly: open the server Google Tag Manager container preview → go to the Request tab → click on Incoming HTTP Request → click Show More in the Request Headers section. If you see the X-Device-Bot headers, everything is working properly.