# Botless Core

A WordPress plugin to prevent bots from downloading bandwidth-heavy videos, instead serving an image placeholder.

## Features

- Identifies suspicious bots by user agent
- Replaces video sources with image placeholders for bots
- Tracks bandwidth savings with detailed analytics
- Customizable settings for which videos to protect
- Clean, modern admin interface

## Security Features

The plugin incorporates several security measures:

### Rate Limiting

- **AJAX Requests**: Limited to 10 requests per minute per IP address
- **Bot Log Entries**: Limited to 30 log entries per minute per IP address
- **Admin Users**: Rate limiting is bypassed for administrators to prevent interference with legitimate work

### Data Sanitization

- All inputs are properly sanitized before use
- SQL queries are properly prepared to prevent SQL injection
- URL and text outputs are escaped appropriately

### Access Control

- All admin pages require appropriate user capabilities
- Nonce verification for all form submissions and AJAX requests
- Translation functions properly implemented with text domains

## Installation

1. Upload the `botless-core` folder to the `/wp-content/plugins/` directory
2. Activate the plugin through the 'Plugins' menu in WordPress
3. Configure the plugin settings via the 'Botless' menu in your admin sidebar

## Configuration

Visit the Botless > Video Settings page to configure:

- Which videos to protect (all videos or only those with specific class)
- Default placeholder image
- Whether to protect embedded videos

## Usage

Add the class `botless-vid` to any video elements you want to protect (if using the "specific class" mode).

## License

This plugin is licensed under the GPL v2 or later.

## Credits

Developed by Web Garden Consulting, LLC