How is this different from Google Analytics?

Google Analytics shows you traffic. Shadow shows you traffic, AI bot activity, what AI platforms say about your brand, AND tells you what to do about all of it. It's analytics + AI intelligence + action steps in one tool.

Do I need to install anything?

For basic monitoring (bot detection, AI perception, readiness score) — nope, just enter your URL. For full visitor analytics (clicks, behavior, sessions), add one script tag. One-click integrations for Vercel, Shopify, WordPress, and more.

Will it slow down my site?

No. The script is under 5KB and loads async. Zero impact on page speed or Core Web Vitals. External monitoring has literally no impact — it watches from the outside.

What AI bots does Shadow detect?

All of them. GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Bytespider, Amazonbot, and dozens more. The Shadow Network means new bots get identified across all users instantly.

What do you mean by "actionable steps"?

Shadow doesn't just show you graphs. It says things like: "ChatGPT has your pricing wrong — add structured data to /pricing to fix it" or "Your bounce rate on /features is 68% — here's why and what to change." Specific, do-it-today recommendations.

Can Shadow block bots?

Shadow is a telescope, not a shield. It shows you who's visiting and what AI says about you. It generates block rules and robots.txt configs you can apply — but it doesn't intercept traffic.

Yes. Shadow never collects PII. IP addresses are hashed after classification. No cookies on your visitors. All Shadow Network data is anonymized. GDPR compliant by design.

How do I add a noai meta tag to Ghost?

In Ghost Admin, go to Settings → Code Injection → Site Header. Paste and click Save. This injects the tag into the of every page on your Ghost site. Works on all Ghost plans including Ghost(Pro) and self-hosted.

Does Ghost(Pro) support custom robots.txt?

Not directly. Ghost(Pro) managed hosting doesn't expose the filesystem or theme upload in a way that allows easy robots.txt replacement. Your best options are: (1) use Code Injection for the noai meta tag, which covers cooperative bots, or (2) proxy your Ghost(Pro) site through Cloudflare and add WAF rules for edge-level blocking.

Will blocking AI bots affect Ghost's SEO or Google ranking?

No. Blocking GPTBot, ClaudeBot, CCBot, Google-Extended, and other AI training bots has zero effect on Googlebot or Bingbot. Your Ghost site continues to rank and be indexed normally. Ghost's built-in sitemap, structured data, and canonical URL features are completely unaffected.

How do I add a robots.txt to a self-hosted Ghost theme?

Create a file called robots.txt in the root of your active theme directory (e.g. /var/www/ghost/content/themes/casper/robots.txt or wherever Ghost is installed). Ghost serves theme-root files directly. The file should contain User-agent: * / Allow: / at the top, then individual Disallow rules for each AI bot. Restart Ghost or wait for the next request — no server restart required.

Ghost CMSNew8 min read

How to Block AI Bots on Ghost

Ghost is one of the most AI-crawled platforms on the web — high-quality content, clean HTML, ideal for training data. Here's how to take back control with Code Injection, self-hosted robots.txt, and Cloudflare WAF.

Ghost(Pro) / Managed Hosting

✓ noai meta tag via Code Injection (all plans)
✓ Cloudflare WAF (custom domain required)
✗ No direct robots.txt editing

Self-Hosted Ghost

✓ noai meta tag via Code Injection
✓ Custom robots.txt via theme file
✓ Cloudflare WAF (any domain)
✓ nginx/Apache server-level blocking

Quick fix — paste into Ghost Admin → Settings → Code Injection → Site Header

Works on all Ghost plans. Tells AI training bots not to use your content.

<meta name="robots" content="noai, noimageai">

Method 1: noai Meta Tag via Code Injection (All Plans)

Ghost's built-in Code Injection lets you add custom HTML to your site's <head> on every page. Adding the noai meta tag here is the fastest fix and works on both Ghost(Pro) and self-hosted.

1
Log into Ghost Admin (usually yourdomain.com/ghost).
2
Go to Settings → Code Injection.

In the Site Header field, paste:

<meta name="robots" content="noai, noimageai">

4
Click Save. The tag is live immediately — no rebuild required.

Verify: Visit any page on your Ghost site → right-click → View Page Source → search for noai. The tag should appear in the <head> section.

Per-post injection: Ghost also supports post-level code injection. Edit any post → expand the post settings sidebar → scroll to Code Injection → add code in the header field. Use this to protect specific high-value posts while leaving others accessible.

Method 2: Custom robots.txt (Self-Hosted Only)

Self-hosted Ghost serves static files from your active theme directory. Create a robots.txt file in the theme root and Ghost will serve it at yourdomain.com/robots.txt, overriding the default.

Self-hosted Ghost only

SSH into your server. Navigate to your active Ghost theme:

cd /var/www/ghost/content/themes/casper
# Replace "casper" with your active theme name

2
Create the robots.txt file:
```
nano robots.txt
```
3
Paste the following content:

User-agent: *
Allow: /

User-agent: GPTBot
Disallow: /

User-agent: ChatGPT-User
Disallow: /

User-agent: OAI-SearchBot
Disallow: /

User-agent: ClaudeBot
Disallow: /

User-agent: anthropic-ai
Disallow: /

User-agent: Google-Extended
Disallow: /

User-agent: Bytespider
Disallow: /

User-agent: CCBot
Disallow: /

User-agent: PerplexityBot
Disallow: /

User-agent: meta-externalagent
Disallow: /

User-agent: Amazonbot
Disallow: /

User-agent: Applebot-Extended
Disallow: /

User-agent: xAI-Bot
Disallow: /

User-agent: DeepSeekBot
Disallow: /

User-agent: MistralBot
Disallow: /

User-agent: Diffbot
Disallow: /

User-agent: cohere-ai
Disallow: /

User-agent: AI2Bot
Disallow: /

User-agent: DuckAssistBot
Disallow: /

User-agent: omgilibot
Disallow: /

User-agent: webzio-extended
Disallow: /

User-agent: gemini-deep-research
Disallow: /

Sitemap: https://yourdomain.com/sitemap.xml

4
Replace yourdomain.com in the Sitemap line with your actual domain. Save the file (Ctrl+O in nano, then Ctrl+X).
5
Verify: visit https://yourdomain.com/robots.txt. No Ghost restart needed.

Theme updates wipe custom files: If you update or change your Ghost theme, the theme folder is replaced and your custom robots.txt will be deleted. Either keep a backup, use a child theme, or re-add the file after updates. Alternatively, host the robots.txt outside the theme via nginx (see below).

Safer alternative: serve robots.txt from nginx

This approach is update-proof — the file lives outside the Ghost theme and gets served by nginx before Ghost even sees the request.

1. Create the file anywhere on your server, e.g. /etc/nginx/static/robots.txt

2. Add this block to your Ghost nginx site config (inside the server {} block, before the location / block):

location = /robots.txt {
    alias /etc/nginx/static/robots.txt;
    add_header Content-Type text/plain;
    access_log off;
}

3. Run nginx -t && systemctl reload nginx. Theme updates will never affect this.

Method 3: Cloudflare WAF (Ghost Pro & Self-Hosted)

The most robust method — especially for Ghost(Pro) users who can't edit robots.txt directly. Routes traffic through Cloudflare's edge network, blocking AI bots before they reach your Ghost server.

Ghost(Pro) + Cloudflare setup

1.Add your domain to Cloudflare (free plan). Change nameservers at your registrar to Cloudflare's.
2.In Cloudflare DNS, add a CNAME for www pointing to your Ghost(Pro) subdomain (e.g. yoursite.ghost.io) with the orange cloud proxy enabled.
3.Set SSL/TLS to Full in Cloudflare — Ghost(Pro) provides its own certificate.
4.In Ghost Admin → Settings → General → update your site URL if needed.

Add the WAF blocking rule

1Cloudflare → your domain → Security → WAF → Custom Rules → Create rule.
2Click Edit expression and paste:

(http.user_agent contains "GPTBot") or
(http.user_agent contains "ClaudeBot") or
(http.user_agent contains "anthropic-ai") or
(http.user_agent contains "Google-Extended") or
(http.user_agent contains "Bytespider") or
(http.user_agent contains "CCBot") or
(http.user_agent contains "PerplexityBot") or
(http.user_agent contains "meta-externalagent") or
(http.user_agent contains "DeepSeekBot") or
(http.user_agent contains "MistralBot") or
(http.user_agent contains "xAI-Bot") or
(http.user_agent contains "Diffbot") or
(http.user_agent contains "cohere-ai") or
(http.user_agent contains "AI2Bot") or
(http.user_agent contains "DuckAssistBot") or
(http.user_agent contains "omgilibot") or
(http.user_agent contains "webzio-extended") or
(http.user_agent contains "gemini-deep-research")

Set action to Block. Ghost never sees the request.

All 25 AI Bots to Block

User agents for the robots.txt file and WAF rule:

GPTBot

ChatGPT-User

OAI-SearchBot

ClaudeBot

anthropic-ai

Google-Extended

Bytespider

CCBot

PerplexityBot

meta-externalagent

Amazonbot

Applebot-Extended

xAI-Bot

DeepSeekBot

MistralBot

Diffbot

cohere-ai

AI2Bot

Ai2Bot-Dolma

YouBot

DuckAssistBot

omgili

omgilibot

webzio-extended

gemini-deep-research

Why Ghost sites are prime AI training targets

Ghost produces clean, semantic HTML with minimal cruft — exactly what LLM training pipelines prefer. Ghost newsletters, membership content, and long-form articles are high-signal training data. CCBot (which feeds GPT, Gemini, Llama, and most open-source models) and Diffbot (which sells to AI companies) both actively index Ghost sites. If you're publishing original writing, your Ghost content is almost certainly in multiple AI training datasets already. The steps above prevent further collection.

Will This Affect Ghost SEO?

Safe to block

✓ Google Search rankings unaffected
✓ Bing rankings unaffected
✓ Ghost's automatic sitemap unaffected
✓ Ghost newsletter delivery unaffected
✓ Social sharing (Open Graph) unaffected

Consider before blocking

⚠ OAI-SearchBot → removes from ChatGPT Search
⚠ PerplexityBot → removes from Perplexity citations
⚠ DuckAssistBot → removes from Duck.ai answers
Ghost publishers with strong brand content may value AI search citations. Decide deliberately.

Frequently Asked Questions

Can you edit robots.txt on Ghost?↓

Self-hosted Ghost: yes — create robots.txt in your active theme's root folder (e.g. /var/www/ghost/content/themes/casper/). Ghost serves it directly. Ghost(Pro): no direct editing — use Code Injection for noai tags and Cloudflare WAF instead.

I'm on Ghost(Pro) — how do I block AI bots?↓

Two options: (1) Code Injection — Ghost Admin → Settings → Code Injection → Site Header → paste the noai meta tag. Works immediately, covers cooperative bots. (2) Cloudflare WAF — proxy your Ghost(Pro) domain through Cloudflare and add a WAF rule matching AI bot user agents. This blocks bots that ignore meta tags and gives you server logs showing blocked requests.

Will the robots.txt in my Ghost theme survive theme updates?↓

No — theme updates replace the entire theme folder. To make it update-proof: serve robots.txt via nginx alias (add a location = /robots.txt block in your nginx config pointing to a file outside the theme), or keep a backup and re-add after updates. The nginx approach is recommended for self-hosted production sites.

Does Ghost have member-only content protection from AI bots?↓

Ghost's member-only content is rendered server-side and gated by login. However, Google-Extended and CCBot can still access the metadata, preview text, and any publicly visible portions. The robots.txt and noai tag prevent bots from accessing the public portions. For member-only content, the Cloudflare WAF gives the most complete coverage since it blocks before Ghost renders anything.

Can I block AI bots only on certain Ghost content (e.g. premium posts)?↓

Not natively — the noai tag in Code Injection applies sitewide. For per-post control, use Ghost's post-level Code Injection: edit any post → expand settings sidebar → Code Injection → add the meta tag in the header. This is manual per-post work. The robots.txt Disallow rules apply to paths, not content types, so full-site blocking is usually simpler.

Is your site protected from AI bots?

Run a free scan to check your robots.txt, meta tags, and overall AI readiness score.