Skip to content

Magento / Adobe Commerce

Finding your Site ID

Log in at dash.botfighter.dev → your Site ID is shown at the top of the dashboard.

Self-hosted Magento / Adobe Commerce

Add the snippet to your theme's default layout so it renders on every storefront page — one edit, not per-page.

  1. In your theme (e.g. app/design/frontend/<Vendor>/<theme>/), open Magento_Theme/layout/default.xml (create it if it doesn't exist).
  2. Add a before.body.end block:
xml
<!-- app/design/frontend/<Vendor>/<theme>/Magento_Theme/layout/default.xml -->
<page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
    <body>
        <referenceContainer name="before.body.end">
            <block class="Magento\Framework\View\Element\Template" name="botfighter.snippet" template="Magento_Theme::html/botfighter.phtml" />
        </referenceContainer>
    </body>
</page>
  1. Create app/design/frontend/<Vendor>/<theme>/Magento_Theme/templates/html/botfighter.phtml:
html
<script
  src="https://botfighter.dev/botfighter.js"
  data-site="YOUR-SITE-ID"
  data-api="https://api.botfighter.dev"
  data-honeypot="true"
  defer>
</script>
  1. Clear the cache: bin/magento cache:clean (and cache:flush if using full-page cache).
  2. Visit your storefront and check your dashboard for the first signal.

Adobe Commerce Cloud (managed, Fastly edge)

The steps above work identically — Adobe Commerce Cloud runs the same Magento codebase, deployed through your project's usual Git-based pipeline.

Want real blocking, not just detection?

This page installs the JavaScript snippet (detection only). Since Magento gives you full server access, the PHP integration works here too — a real 403 before content is served, one edit to your bootstrap.


Need help? Check the dashboard for your live signal feed.