MIT

Self-host — the free engine

Free

Free for one gateway, forever. The commands below install the same engine running across this site — no demo build, no SaaS, nothing calls home.

Download the latest release v7.0.0 published 2026-06-01
All assets & checksums →
macOS · Apple Silicon 26.4 MB macOS · Intel 28.7 MB Windows · x64 27.7 MB Windows · Arm 26.0 MB Linux · x64 28.6 MB Linux · Arm 26.8 MB

Direct one-click downloads — GitHub redirects each link to the latest matching asset. Verify with SHA256SUMS.txt.

Native binary · or embed (auto-detected; click to switch)
Full getting-started guide →
  1. 1.
    Install (Homebrew)
    brew install scottgal/stylobot/stylobot
  2. 2.
    Run (foreground — shows the live CLI detection table)
    stylobot 5080 http://localhost:3000

    Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

  1. 1.
    Install (Chocolatey or winget)
    choco install stylobot
    winget install Mostlylucid.StyloBot
  2. 2.
    Run (foreground — shows the live CLI detection table)
    stylobot 5080 http://localhost:3000

    Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

  1. 1.
    Install (apt, Cloudsmith-signed)
    curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash
    sudo apt update && sudo apt install stylobot
  2. 2.
    Run (foreground — shows the live CLI detection table)
    stylobot 5080 http://localhost:3000

    Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

  1. 1.
    Add the NuGet package to your ASP.NET Core app
    dotnet add package mostlylucid.botdetection
  2. 2.
    Wire it up in Program.cs
    builder.Services.AddStyloBot();
    app.UseStyloBot();

    Detection runs in-process — no proxy hop. The ASP.NET UI SDK package ships the dashboard view components your app can mount at any route. TypeScript SDK is available for non-.NET frontends — see the getting-started guide.

  1. 1.
    Download from GitHub Releases

    Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

  2. 2.
    Verify provenance + extract
    gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal
    tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot
  3. 3.
    Run (foreground — shows the live CLI detection table)
    ./stylobot 5080 http://localhost:3000

    Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Docker — any OS
Bundled gateway + dashboard (the free engine in one container)
  1. 1.
    Run
    docker run -p 8080:8080 scottgal/stylobot-all:latest
  2. 2.
    Open the dashboard
    http://localhost:8080/_stylobot

    This is the FOSS engine, no licence required. stylobot-gateway ships the proxy-only image; stylobot-sidecar is a 36 MB AOT detector your app calls directly.

What's in the free engine

  • ✓ 49 detectors voting on every request
  • ✓ Local dashboard with read-only config editor
  • ✓ SQLite persistence out of the box
  • ✓ Optional Ollama / LlamaSharp local LLM escalation
  • ✓ ASP.NET monitoring middleware (read-only)
  • ✓ TypeScript + ASP.NET dashboard UI SDKs
  • ✓ Zero PII — HMAC-SHA256 hashed signatures
  • ✓ Nothing calls home, MIT licensed
All install paths →

Commercial tiers

Starter is per-domain. Pro bundles 5 domains. Enterprise is unlimited. All paid tiers include everything Self-host has.

30-day trial Try any tier free for 30 days. Tune your policies, export your config, keep what you tuned. Renew, or drop to the FOSS binary against your exported JSON.

Coming soon

Starter

$100 / domain / month
  • ✓ PostgreSQL + pgvector persistence
  • ✓ Hot-reload config editor
  • ✓ 5 per-endpoint policy overrides
Suggested use

One stylobot gateway, one domain. Indie ops, early-stage SaaS, a single login-protected app. Buy multiple Starter licences if you run independent gateways for unrelated sites.

Coming soon

Pro

$250 / month
Includes 5 domains
  • ✓ Everything in Starter
  • ✓ Unlimited policy overrides
  • ✓ Fleet management (multi-gateway)
  • ✓ Compliance reports
Suggested use

Small portfolio. A handful of brands, an agency hosting client sites, or a multi-tenant SaaS up to five deployments behind one fleet.

Coming soon

Enterprise

From $1,000 / month
Unlimited domains
  • ✓ Everything in Pro
  • ✓ SSO / SAML
  • ✓ Custom packs
  • ✓ Multi-region
Suggested use

Multi-region or regulated stack. Per-region gateways, SSO-gated dashboard, a custom platform pack against your own threat model.

Monitoring packs

Monthly add-ons. Read access ships in FOSS where applicable; paid unlocks live management.

Available now

ASP.NET pack

The read side ships in FOSS. The paid pack unlocks live hot-reload of endpoint and policy config and the management UI in the dashboard. Pay what you want.

$ / month $25 / year

Cancel any time. You set the price.

Coming Q3 2026

WordPress pack

Plugin signatures, REST/XML-RPC abuse patterns, login-page rate gates. Built for WordPress installs that face credential stuffing and content scraping.

Coming Q4 2026

Magento pack

Cart-fraud rules, checkout-flow protection, and storefront abuse detection. Built for e-commerce stores dealing with ATO and gift-card fraud.

What's in each tier

Capability FOSS Starter Pro Enterprise
Detection engine (49 detectors)
Local dashboard (read)
SQLite persistence------
Postgres + pgvector persistence--
Hot-reload config editor--
Policy overrides--5unlimitedunlimited
Fleet management----
Compliance reports----
ASP.NET monitoring (read)
ASP.NET monitoring (live management)--packpackpack
WordPress pack--packpackpack
Magento pack--packpackpack
SSO / SAML------
Custom packs------
Supportcommunityemailslackdedicated SRE

FAQ

What's in FOSS vs paid?
The engine and the dashboard read are in FOSS. Hot-reload writes, fleet management, compliance, and packs are paid. See /open-source for the full FOSS feature list and the comparison table above.
How do packs work?
Packs are stack-specific bundles of detectors, policies, and live-management UI. The ASP.NET pack has a name-your-price model starting at 99c/mo because its read half is already in FOSS; new stacks (WordPress, Magento) ship as full packs.
What if my licence expires?
When the JWT expires, the licensed binary flips itself into FOSS mode: it exports your current config to JSON, switches to SQLite local writes, disables the hot-reload management endpoints, and keeps serving traffic via the FOSS detection engine. Renew to bring the paid stores back on the next restart, or drop the plain FOSS stylobot binary in against the exported JSON. Nothing is blocked because of an expired licence.
Can I trial it, tune it, and then run FOSS?
Yes, that's a deliberate path. Take the 30-day trial. Use the hot-reload config editor to tune your policies and detector thresholds against your real traffic. Export the result. When the trial JWT runs out, the binary flips into FOSS mode against the same config and keeps running. For a small operator who needs the paid tools to dial things in but doesn't need ongoing fleet management or compliance reporting, that's the right shape.
How is the paid version delivered?
Every licence + pack buys a specific AOT-compiled binary built with the features you bought. No dynamic plugin loading, no FOSS binary that "unlocks" from a key file. The sidecar is 36 MB. Paid features never live in the FOSS code path, which is how the FOSS engine stays free and the paid features stay licensed.
Why name-your-price on the ASP.NET pack?
The read half is already free in FOSS. The paid half is the management UI. Set the price at whatever makes sense for your usage.
Detected on this site, right now
R LIVE
Total: Bots: Humans:
Dashboard
See the live dashboard against this site →