How is this different from Google Analytics?

Google Analytics shows you traffic. Shadow shows you traffic, AI bot activity, what AI platforms say about your brand, AND tells you what to do about all of it. It's analytics + AI intelligence + action steps in one tool.

Do I need to install anything?

For basic monitoring (bot detection, AI perception, readiness score) — nope, just enter your URL. For full visitor analytics (clicks, behavior, sessions), add one script tag. One-click integrations for Vercel, Shopify, WordPress, and more.

Will it slow down my site?

No. The script is under 5KB and loads async. Zero impact on page speed or Core Web Vitals. External monitoring has literally no impact — it watches from the outside.

What AI bots does Shadow detect?

All of them. GPTBot, ClaudeBot, PerplexityBot, Google-Extended, Bytespider, Amazonbot, and dozens more. The Shadow Network means new bots get identified across all users instantly.

What do you mean by "actionable steps"?

Shadow doesn't just show you graphs. It says things like: "ChatGPT has your pricing wrong — add structured data to /pricing to fix it" or "Your bounce rate on /features is 68% — here's why and what to change." Specific, do-it-today recommendations.

Can Shadow block bots?

Shadow is a telescope, not a shield. It shows you who's visiting and what AI says about you. It generates block rules and robots.txt configs you can apply — but it doesn't intercept traffic.

Yes. Shadow never collects PII. IP addresses are hashed after classification. No cookies on your visitors. All Shadow Network data is anonymized. GDPR compliant by design.

How do I access the User-Agent header in Nim Jester?

Use request.headers.getOrDefault("User-Agent", "") inside any before:, after:, or route block. The request object is always in scope within a Jester router. Use toLowerAscii() from strutils to normalise case before matching.

How does halt() work in Jester?

halt() immediately terminates request processing and sends a response. When called in a before: block, it skips all route matching and the after: block. Pass the status code and body directly: halt Http403, "Forbidden". To include response headers in the halt, pass a seq of (key, value) tuples as the second argument.

Does the after: block run when halt() is called?

No — halt() in before: skips both route matching and the after: block. This means X-Robots-Tag headers added in after: will not appear on 403 responses. Include the header directly in the halt() call for blocked responses.

How do I serve robots.txt without blocking it?

Check request.path in the before: block and skip bot detection for /robots.txt. Additionally, setting staticDir in newSettings() causes Jester to serve static files from the public/ directory before route matching — so public/robots.txt is always accessible.

How to Block AI Bots in Nim Jester

Jester is Nim's most popular web framework — a macro-based DSL built on asyncdispatch that compiles to efficient native code. Bot blocking uses Jester's before: hook for early rejection and after: for header injection on passing responses. The key detail: halt() skips the after: block, so the X-Robots-Tag header must be included directly in the halt() call for blocked responses.

1. Bot pattern module

A separate ai_bots.nim module keeps patterns reusable across routes and tests. toLowerAscii() from strutils normalises the header; contains() does plain-text substring matching — no regex overhead needed.

# src/ai_bots.nim
import strutils

const AiBotPatterns* = [
  "gptbot",
  "chatgpt-user",
  "claudebot",
  "anthropic-ai",
  "ccbot",
  "google-extended",
  "cohere-ai",
  "meta-externalagent",
  "bytespider",
  "omgili",
  "diffbot",
  "imagesiftbot",
  "magpie-crawler",
  "amazonbot",
  "dataprovider",
  "netcraft",
]

proc isAiBot*(userAgent: string): bool =
  let ua = userAgent.toLowerAscii()
  for pattern in AiBotPatterns:
    if ua.contains(pattern):
      return true
  false

2. Router with before:/after: hooks

The before: block runs before route matching. halt() sends a response immediately and skips everything else — routes, after:, and further middleware. The after: block adds X-Robots-Tag to all responses that reach a route handler.

# src/server.nim
import jester, strutils
import ai_bots

router myRouter:
  # Runs before every route — check for AI bots first
  before:
    if request.path != "/robots.txt":
      let ua = request.headers.getOrDefault("User-Agent", "")
      if isAiBot(ua):
        # halt() skips routes AND after: — include X-Robots-Tag here
        halt(
          Http403,
          @[("X-Robots-Tag", "noai, noimageai"),
            ("Content-Type", "text/plain")],
          "Forbidden"
        )

  # Runs after every matched route — add X-Robots-Tag to passing responses
  after:
    response.headers["X-Robots-Tag"] = "noai, noimageai"

  get "/":
    resp "<h1>Hello</h1>"

  get "/health":
    resp Http200, "OK"

  # Explicit route: robots.txt bypasses before: check above,
  # but staticDir also serves it automatically from public/
  get "/robots.txt":
    resp Http200, readFile("public/robots.txt")

let settings = newSettings(
  port        = 8080.Port,
  staticDir   = getCurrentDir() / "public",  # serves public/robots.txt before routes
  reusePort   = true,
)

runForever(myRouter, settings)

3. Nimble dependency and compilation

# myapp.nimble
requires "nim    >= 2.0.0"
requires "jester >= 0.5.0"

# Compile:
#   nimble build -d:release
#
# Or run directly:
#   nim c -d:ssl -d:release -r src/server.nim

4. public/robots.txt

Setting staticDir in newSettings() causes Jester to serve files from public/ before route matching. public/robots.txt is always reachable regardless of User-Agent. The explicit path check in before: is a belt-and-suspenders guard for the route handler variant.

# public/robots.txt
User-agent: *
Allow: /

User-agent: GPTBot
Disallow: /

User-agent: ClaudeBot
Disallow: /

User-agent: CCBot
Disallow: /

User-agent: Google-Extended
Disallow: /

5. Async routes

Jester runs on asyncdispatch by default. The before: hook and halt() are async-safe — no changes needed when route handlers use await.

# Async variant using asyncjester / asynchttpserver style
import asyncdispatch, jester, strutils
import ai_bots

# Jester natively uses asyncdispatch — the before: block is async-safe.
# No changes needed: halt() works identically in async context.

router asyncRouter:
  before:
    if request.path != "/robots.txt":
      let ua = request.headers.getOrDefault("User-Agent", "")
      if isAiBot(ua):
        halt(Http403,
             @[("X-Robots-Tag", "noai, noimageai")],
             "Forbidden")

  after:
    response.headers["X-Robots-Tag"] = "noai, noimageai"

  get "/api/data":
    let data = await fetchSomeData()  # await works inside route blocks
    resp $(%* {"data": data})

runForever(asyncRouter)

Key points

halt() skips after: — include X-Robots-Tag in the halt() call itself for blocked responses. The after: block only runs for requests that reach a route handler.
Header access: request.headers.getOrDefault("User-Agent", "") — Jester uses Nim's stdlib HttpHeaders type. Header names are case-insensitive.
Case normalisation: toLowerAscii() from strutils — prefer this over toLower() for ASCII-only input (faster, no Unicode overhead).
halt() signature: halt(code, headers, body) where headers is seq[tuple[key, val: string]]. Use @[("Key", "Val")] literal syntax.
staticDir: Files in public/ are served before before: runs — use this for robots.txt, favicons, and other assets that should always be public.
Compilation flags: Always use -d:release for production — enables optimisations and removes bounds-checking overhead.

Framework comparison — compiled/systems languages

Framework	Middleware hook	Short-circuit	Header access
Nim Jester	`before:` block	`halt(Http403, headers, body)`	`request.headers.getOrDefault()`
Rust Actix-web	`wrap_fn` / `Service`	`HttpResponse::Forbidden()`	`req.headers().get()`
Go Gin	`Use(middleware)`	`c.AbortWithStatus(403)`	`c.GetHeader("User-Agent")`
Crystal Kemal	`before_all`	`halt(env, 403)`	`env.request.headers[...]?`
Haskell WAI	`Middleware` type	`responseLBS status403`	`lookup hUserAgent headers`

Nim Jester's before:/after: pair is conceptually closest to Crystal Kemal's before_all/after_all. Both are compiled languages with async runtimes and macro-based DSLs. The key Jester-specific detail is that halt() completely bypasses after:, unlike Kemal where halt() skips after_all but not filter inheritance.

Dependencies

Only jester and Nim's stdlib strutils. No regex library needed — plain contains() substring matching is sufficient and eliminates a dependency. Install via Nimble:

nimble install jester