Protection active — 24 / 7

Your website deserves
to feel safe again.

SmartKiller is a lightweight PHP firewall that quietly handles the bad stuff — bots, scrapers, brute-force attempts — so you never have to think about it. Works with or without Cloudflare.

Get SmartKiller free → How does it work?
No monthly fees
One-time setup
PHP + MySQL only
SEO-safe by design
smartkiller.log — live
# SmartKiller v2.1 — request monitor

ALLOWGooglebot/2.1 — whitelisted crawler
ALLOW203.0.113.12 — normal visitor
BLOCKsqlmap/1.7 — malicious scanner
LIMIT198.51.100.4 — rate limit reached
BLOCK192.0.2.55 — known bad IP
ALLOWbingbot/2.0 — whitelisted crawler
LIMIT172.16.0.9 — download cap exceeded
WATCHMonitoring incoming requests
uptime: 99.9%● protection active0 errors
SmartKiller — ©FreddyDeveloper
Common Worries

The things that keep website owners up at night

Hackers and bots aren't a myth. But protecting yourself doesn't have to be complicated. Here's how SmartKiller addresses the fears we hear most often.

🤖

"Bots are hammering my site"

Automated tools constantly scan the web looking for login forms, open files, and vulnerabilities. They're relentless — but predictable.

SmartKiller recognises 30+ scanner signatures and blocks them before they load a single page.
💀

"Someone is brute-forcing my login"

Brute-force attacks try thousands of passwords automatically. Most PHP sites have no defence against this at the application level.

Rate limiting caps requests per IP. Too many attempts and the IP is blocked automatically.
📥

"People are abusing my download links"

Scrapers can exhaust your bandwidth in minutes by downloading files in a loop, running up your hosting bill without warning.

SmartKiller tracks downloads per IP. Abusers get cut off after a limit you set — normal users are never affected.
😟

"I don't want to break my SEO"

The fear of accidentally blocking Google is real. A firewall that sends the wrong HTTP response could get your pages deindexed.

Googlebot and 29 other crawlers are always whitelisted. The block page sends HTTP 429 so search engines never index it.
How It Works

Every request, checked in milliseconds

SmartKiller runs a fast layered check on every visitor before your application does anything. Good visitors feel nothing. Bad ones get stopped quietly.

01

Is this a search bot?

Google, Bing, Yandex and 27 other legitimate crawlers pass through immediately — no rate limits, no friction. Your SEO stays healthy.

02

Is this a known attacker?

Scanners like sqlmap and nikto announce themselves in their User-Agent. SmartKiller spots them and blocks the IP on the spot.

03

What's the history of this IP?

A quick database check tells SmartKiller if the IP is trusted, being watched, temporarily blocked, or permanently limited.

04

Is it requesting too much?

Three independent counters track general traffic, file downloads, and repeated page hits. Limits are accurate without being unfairly strict.

05

Does the URL look suspicious?

Request URLs are matched against patterns that flag common attack probes — things a real visitor would never type.

06

All clear — visitor gets through.

Legitimate visitors experience nothing. No CAPTCHAs, no delays, no friction. SmartKiller is completely invisible to them.

Deployment

Works with or without Cloudflare

SmartKiller protects your PHP code directly — not just the network in front of it. That means it works standalone or as a second layer behind Cloudflare.

Option A

🔒 Standalone — no CDN needed

  • Works on any shared hosting with PHP + MySQL
  • Add two lines to your pages and you're protected
  • All settings in one config.php file
  • No cloud dashboard, no third-party dependency
Option B — Recommended

🛡 Alongside Cloudflare

  • Cloudflare absorbs large-scale network floods
  • SmartKiller handles app-level abuse that slips through
  • One line enables Cloudflare real-IP detection
  • Protection continues even if Cloudflare goes offline
From the Blog

Security explained in plain English

No jargon. No fear-mongering. Just clear, honest guides on how SmartKiller works and what it can do for your site.

Guide

How SmartKiller Protects Your PHP Site — Step by Step

A plain-English walkthrough of every check SmartKiller runs on each visitor, and why each step matters.

Read article →
Comparison

Cloudflare vs. SmartKiller: Do You Need Both?

They protect different things. Here's how to think about which one you need — or why using both makes sense.

Read article →
Deep Dive

Rate Limiting: The Quiet Defence Your Site Probably Doesn't Have

Most sites have no limit on how many times one IP can hammer them. Here's why that's a problem — and how to fix it.

Read article →