> For the complete documentation index, see [llms.txt](https://aibotkit.gitbook.io/documentation/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://aibotkit.gitbook.io/documentation/chatbot-editor/security-settings.md).

# Security Settings

AI Bot Kit gives you simple but powerful security controls to protect your chatbot from unwanted interactions. You can block specific words from being processed and prevent entire IP addresses from accessing your bot.

{% hint style="info" %}
**Plan Requirement:** Security settings are available on the **Essential** and **Business** plans. Free and Basic plan users will see a locked card with an upgrade prompt.
{% endhint %}

***

## Where to Find Security Settings

1. Log into your [AI Bot Kit dashboard](https://app.aibotkit.io).
2. In the left sidebar, click **Security**.
3. You'll see two cards: **Banned Words** and **Banned IPs**.

<figure><img src="/files/ni0Itdo7BbwdjY5oqBCT" alt=""><figcaption></figcaption></figure>

***

## Banned Words

Use Banned Words to prevent your chatbot from responding to messages that contain specific terms. This is useful for:

* Blocking profanity or inappropriate language
* Preventing discussions on topics outside your bot's scope
* Maintaining brand safety

### How to Add Banned Words

1. In the **Banned Words** card, click into the text field.
2. Type the words you want to block, separated by commas.
   * Example: `spam, scam, promo, discount code`
3. Click **Save**.

<figure><img src="/files/KnMzy6SPlp4kfIZzLEAD" alt=""><figcaption></figcaption></figure>

### What Happens When a Banned Word Is Used

When a visitor sends a message containing any banned word, your chatbot will **not process the message**. Instead, it replies with your configured fallback message (set in **SETUP → Instructions**):

> "This message contains banned content"

The conversation is still saved in your dashboard so you can review it, but no AI response is generated and no message quota is used.

### Tips for Banned Words

* **Be specific.** Banning generic words like "free" might block legitimate questions. Use phrases like "free money" or "get rich quick" instead.
* **Case-insensitive.** Banned words work regardless of capitalization (`Spam` and `spam` are treated the same).
* **Partial matches count.** If you ban "scam", messages containing "scammer" or "scammed" will also be blocked.
* **Review regularly.** Check your conversations periodically to see if banned words are triggering too often or missing new unwanted terms.

***

## Banned IPs

Use Banned IPs to completely block specific IP addresses from interacting with your chatbot. This is useful when:

* Someone is spamming your bot
* You want to restrict access to specific geographic regions
* You've identified malicious traffic

### How to Add Banned IPs

1. In the **Banned IPs** card, click into the text field.
2. Type the IP addresses you want to block, separated by commas.
   * Example: `192.168.1.100, 203.0.113.45`
3. Click **Save**.

<figure><img src="/files/KnMzy6SPlp4kfIZzLEAD" alt=""><figcaption></figcaption></figure>

### What Happens When a Banned IP Visits

Visitors from a banned IP address will see an error message instead of your chatbot:

> "This IP is not allowed."

The widget will not load, and no conversations or leads are recorded for that IP.

### How to Find an IP Address

If someone is misusing your chatbot and you want to block them:

1. Go to your chatbot's **Conversations** tab.
2. Look for the unwanted conversation.
3. The visitor's IP address is shown in the conversation details panel on the right.
4. Copy the IP and paste it into your Banned IPs list.

### Tips for Banned IPs

* **Use sparingly.** IP bans affect everyone on that network (e.g., an entire office building might share one public IP).
* **Dynamic IPs change.** Most home internet connections have dynamic IPs that change over time. A banned IP might eventually be assigned to a legitimate user.
* **VPNs bypass bans.** Determined users can use VPNs to get a different IP address. Banned IPs are a first line of defense, not a complete solution.
* **Test before banning.** Make sure you have the correct IP — banning your own IP will lock you out of your own chatbot.

***

## Security Best Practices

| Practice                            | Why It Helps                                         |
| ----------------------------------- | ---------------------------------------------------- |
| Start with a small banned word list | Too many banned words can frustrate legitimate users |
| Monitor conversations weekly        | Spot new spam patterns early                         |
| Combine with human takeover         | For borderline cases, take over instead of blocking  |
| Keep banned IP list short           | Focus on repeat offenders, not one-time spam         |
| Set a clear fallback message        | Let users know why their message was blocked         |

***

## Troubleshooting

**I added a banned word but it's not working**

* Make sure you clicked **Save** after editing the list.
* Remember that banned words only apply to new messages — existing conversations are not retroactively filtered.
* Check that the word isn't being modified by the user (e.g., "sc\@m" instead of "scam").

**I accidentally banned my own IP**

* Log into your dashboard from a different network (e.g., mobile data instead of Wi-Fi).
* Go to Security and remove your IP from the banned list.

**The security section is locked**

* Security is a paid feature. Upgrade to **Essential** or **Business** plan to unlock it.

***

## Related Topics

* [SETUP: General](/documentation/chatbot-editor/step-1-general.md) — Configure your fallback message
* [Live Chat & Human Takeover](/documentation/chatbot-editor/live-chat.md) — Take over conversations manually
* [Conversation History](/documentation/chatbot-editor/conversation-history.md) — Review visitor interactions


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://aibotkit.gitbook.io/documentation/chatbot-editor/security-settings.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.