The trust layer for everything that enters your stack.

InputGate scores risk, filters spam, and blocks bots - before bad data ever lands. No CAPTCHA, no friction for your users. One API call from your backend.

Clean Inbox
with real leads
NO CAPTCHA
transparent to users
200M+
spam requests blocked
POST /v1/check
200 OK
→ request
{ "fields": { "message": "BUY CHEAP MEDS NOW!!!" },
  "client_ip": "203.0.113.42",
  "domain": "myapp.com",
  "context": "AI chatbot input on a healthcare platform" }
← response
{ "spam_score": 94,
  "is_spam": true,
  "reason": "aggressive promo language",
  "latency_ms": 38 }
trusted defaults
GDPR-ready by default
Edge-deployed worldwide
SOC 2 compatible logging
REST + JSON, no SDK
how it works

Three steps. Total protection.

Pipe inbound data through one POST. Get back a structured score with reasoning - in under 50 ms.

step 01

Send inbound data

Forward any inbound payload - form submissions, email contents, webhooks, AI prompts. One endpoint accepts them all.

step 02

AI risk analysis

Our engine combines content patterns, behavioral signals, IP reputation, and geo data into a single calibrated risk score.

step 03

Act on the verdict

Clean JSON response - score, recommendation, plain-English reasoning. Block, flag, or pass through. You decide.

features

Built for inbound. Nothing else.

Tight scope, deep engineering. Every feature exists to make one bad-input decision faster and more correct.

AI risk scoring

Every request gets a calibrated 0–100 score across multiple signal axes. Each axis - spam language, bot patterns, IP reputation, content quality - contributes a weighted sub-score. Use our built-in threshold or apply your own. The math is fully exposed, not a black box.

Spam signal
88
Bot signal
71
Content quality
17
IP reputation
62
No CAPTCHA. Zero friction.

InputGate filters at the server, not the browser. Your users never see a puzzle, a checkbox, or a slowdown. Invisible protection - entirely by design.

CAPTCHA puzzles "I'm not a robot" seamless UX
Privacy by default

Default retention is flagged_only - clean submissions are scored and discarded. GDPR Art. 25 compliant out of the box.

{ "retention": "none" }
// → fields + IP never stored
Geo filtering

Block or allow by country with one parameter.

US CA GB RU CN
Language rules

Require certain languages, block others. Detected via Unicode script analysis - zero added latency.

en (latin) latin (any) he · ru · ar · zh
Right-to-erasure API

Fulfil GDPR Art. 17 programmatically. One call deletes every log row tied to an IP - with an audit trail.

// POST /v1/erasure
{ "deleted": 12 }
architecture

One gateway. Many sources, clean outputs.

InputGate sits inline between your traffic sources and your downstream systems - applying layered checks in a single round trip.

inbound
Form submissions
Email pipelines
Webhook payloads
AI prompts
Automation events
InputGate
behavioral signals ip reputation heuristic scan prompt injection geo · language ai engine
verdict
Clean - passedscore · 08
Spam - blockedscore · 94
developer experience

Integrate in 5 minutes.

One POST. One JSON response. No SDK. No webhook plumbing. Just a curl-able endpoint that works from any language with an HTTP client.

// Score an inbound form submission

const res = await fetch(
  "https://api.inputgate.cloud/v1/check",
  {
    method:  "POST",
    headers: {
      "Authorization": `Bearer ${API_KEY}`,
      "Content-Type":  "application/json",
    },
    body: JSON.stringify({
      fields: {
        email:   req.body.email,
        message: req.body.message,
      },
      client_ip: req.ip,
      domain:    "myapp.com",
      context:   "Lead capture form on a real estate website",
      retention: "flagged_only", // GDPR-safe
    }),
  }
);

const { spam_score, is_spam, reason } = await res.json();
if (spam_score > 75) return reject(reason);
One endpoint, everything you need
POST your fields object → score, recommendation, plain-English reason. No webhooks. No callbacks. One round trip.
Works with any stack
Standard REST + JSON. Node, Python, PHP, Ruby, Go, Rust - anything that speaks HTTP.
Native automation support
Drop into Make, Zapier, or n8n with the built-in HTTP module - no code path required.
Secure by default
Bearer auth, TLS in transit, configurable retention per request, audit-logged erasure endpoint.
use cases

Anywhere data enters your stack.

Contact forms

Stop junk leads before they pollute your CRM and waste sales-team time.

AI workflows

Filter prompt injections, jailbreaks, and adversarial inputs before they reach your LLM.

Email inbound

Keep support queues clean. Filter bots and low-quality messages at the edge.

Webhooks

Validate inbound payloads before triggering downstream automations.

CRM pipelines

Score every record before write. Only real humans hit your funnel.

No-code automations

Drop into any Make / Zapier / n8n flow as an HTTP filter step.

battle-tested
"InputGate grew out of years of protecting WordPress websites from spam and abusive submissions."

That hard-won experience - hundreds of millions of real attacks analyzed, patterns learned, edge cases handled - is now available as a single API call for any stack.

Maspik - Anti-Spam wp plugin
880K+ downloads  ·  ★ 4.7 (85 ratings)
200M+
spam & phishing submissions blocked
880K+
WordPress plugin downloads
5+
years in production
pricing

Simple, transparent.

Start free. Scale as you grow. No per-seat pricing, no hidden fees, no minimum contracts.

starter
$0/mo
200 requests / mo
  • AI spam detection
  • Risk scoring + reason
  • REST API access
  • Community support
Start free
scale
$99/mo
200,000 requests / mo
  • Everything in Growth
  • 90-day log retention
  • Priority processing
  • SLA guarantee
  • Priority support
Get started
more
Let's talk
custom volume
  • Everything in Scale
  • Dedicated infra
  • Custom retention
  • EU-only deployment
  • Dedicated CSM
Contact us

From the blog

Practical guides on spam protection, bot detection, and safer web apps.

All posts

Start filtering
smarter.

Drop InputGate into your stack today. Protect every inbound workflow in under five minutes.