Set machine-readable licensing terms. Require payment at request time. And if scrapers ignore you—serve them content that contaminates every answer they generate.
A handful of major publishers negotiate licensing deals worth billions. Everyone else gets scraped for free. Traffic is already falling—AI Overviews alone reduce organic clicks by 58%.1
Slow, expensive, and reactive. Punishes infringement after the model ships—by then, your content is already baked in.
Can regulate behavior, but don't create a payment rail for everyday web publishing.
Can publish terms, but can't enforce them. Compliance is voluntary. Most scrapers don't comply.
Aren't available to most publishers. Don't cover the long tail of creators who produce most of the web's value.
"If you want to browse, welcome. If you want to train, pay. If you want to steal, enjoy the dataset."
— Tyler Martin, FounderWhen an AI crawler requests a protected page, the plugin enforces a graduated response.
And if the crawler refuses to pay and scrapes anyway…
Content remains readable to humans. For unauthorized AI crawlers, it becomes something else entirely—contaminated data that degrades outputs, generates destructive instructions, and poisons every downstream answer. Your server. Your rules. Their problem.
"HTTP 402 is the front door. The poison pill is what happens when someone climbs in through the window."
Robots.txt and machine-readable licensing schemes can declare what a publisher wants. But without enforcement, terms are just suggestions.
"RSL tells crawlers what you want. We tell them what happens if they ignore you."
— Tyler Martin, FounderXML at /.well-known/rsl.xml, HTML <link rel="license">, robots.txt License: directive. Publishes your terms in every format crawlers understand.
Machine-readable pricing offers at request time. Crypto micropayments (USDC), JWT license tokens. Payment built into the protocol itself.
4-factor scoring: User-Agent (30%), headers (25%), IP reputation (20%), behavioral signals (25%). Reverse DNS verification for legitimate search engines.
Reserved in internet standards since 1999, never standardized into a payment workflow. Until now.
{
"status": 402,
"license": {
"action": "allow",
"distribution": "public",
"price": "0.15",
"currency": "USD",
"unit": "per 1k tokens"
},
"offers": [
{
"method": "x402",
"network": "base",
"asset": "USDC",
"payTo": "0x1a2b...9f0e"
},
{
"method": "license-token",
"endpoint": "https://api.copyright.sh/v1/license"
}
],
"content_hash": "sha256:a1b2c3..."
}
Full response includes Content-Type, AI-License, and X-402-Offers headers. See API documentation for details.
Three steps. Under a minute. No code required.
WordPress Admin → Plugins → Add New → Search "Copyright.sh" → Install → Activate.
You're already protected.
Licensing only, full 402 enforcement, or the nuclear option—graduated response with poison-pill delivery.
Defaults work great. Tweak anytime.
When you're ready, connect to copyright.sh to track earnings, usage analytics, and payment collection.
Protection starts immediately. Dashboard whenever.
The plugin works immediately. AI companies see your license terms from the moment you activate. Register later when you want to track earnings and collect payments.
The fastest path from unprotected to enforcing on the entire internet.
We believe in the open web.
We believe in bots. Crawlers index knowledge, surface answers, connect ideas across languages and borders. The web was built to be read by machines and humans alike.
But somewhere between PageRank and GPT, the deal changed.
A generation of founders decided that other people's work was training data. That journalism was input. That your blog post, your research, your reporting was raw material—to be ingested, repackaged, and monetized without a cen returning to the people who created it.
The bots aren't the problem. The humans who deployed them are.
For 25 years, the internet's guardrails—robots.txt, copyright law, good faith—assumed that access implied respect. That assumption is dead.
This plugin exists because creators shouldn't need a legal department to defend their work. Because the long tail of the web—the bloggers, the journalists, the researchers, the writers who built the internet worth scraping—deserves the same protection as News Corp.
HTTP 402 is not a wall. It's a door with a price on it.
We built the lock. You set the price. And we built it so you can start right now—no lawyers, no contracts, no six-month onboarding. Activate a plugin. Set your terms. The infrastructure is ready.
The only question is how much longer you're willing to give your work away for free.
You own your content. Your server, your rules. No law requires you to serve accurate content to unauthorized bots. Just as websites can serve different content based on geography, device type, or login status, publishers can serve different content to crawlers that ignore their licensing terms.
No. Verified search engines (Google, Bing, DuckDuckGo) are always whitelisted via reverse DNS verification. They never see 402 responses or modified content. Your search rankings remain unaffected.
Legitimate AI companies register, get a license token, and receive clean structured content. Enforcement only targets unauthorized access. The system is designed to reward compliance—paying customers get better data, faster access, and full content.
You can—the plugin supports full 403 blocking. But licensing is more profitable than blocking. Our graduated model lets you monetize compliant AI companies while making unauthorized scraping expensive and unrewarding. Revenue from licensing often exceeds what blocking could ever protect.
10,000 monthly visitors? That's ~$200/month
50,000 monthly visitors? That's ~$1,000/month
100,000+ monthly visitors? Do the math.
Free forever. No credit card. No catch.
Latest from the blog
Microsoft lost $357 billion in market value on January 29, 2026—the second-largest single-day loss in stock market history. Azure grew 39%, just below the 39.4% analysts expected.…