Blog Attacks

How to Block Bytespider (TikTok's AI Crawler)

Bytespider crawls your site for Bytedance's AI systems. Learn how to block it with robots.txt and IP ranges, and the key data sovereignty concerns.

Jun 20, 2026 • 6 min read

Mike Kutlu Client-Side Security Consultant

How to Block Bytespider (TikTok's AI Crawler)

Bytespider is the web crawler operated by Bytedance, the parent company of TikTok. It collects web content for AI training across Bytedance's product portfolio. Unlike most major AI training crawlers, Bytespider attracted significant public attention in 2023 when reports emerged that it was ignoring robots.txt directives on a number of sites. That compliance history makes it a higher-priority blocking target than most other declared AI crawlers, including ones like the crawler behind ClaudeBot that carry stronger compliance reputations.

What Is Bytespider?

Quick answer: Bytespider is Bytedance's AI training crawler. It is used to collect web content for training AI models that power products across Bytedance's portfolio, including TikTok. It uses a declared user-agent string but drew public scrutiny for reportedly bypassing robots.txt restrictions on some sites in 2023.

Bytespider uses a user-agent string in the Bytespider family, with references to Bytedance's crawler documentation. Like other AI training crawlers, it is an HTTP-based tool that makes GET requests, reads page content, and does not execute JavaScript in a real browser context.

The key difference between Bytespider and crawlers like GPTBot or ClaudeBot is the compliance history. Reports from security researchers and site owners in 2023 documented instances of Bytespider ignoring robots.txt disallow rules. Bytedance has since updated its crawler practices, but the incident established a different baseline of trust compared to US-based AI crawlers with stronger compliance reputations.

How to Block Bytespider with robots.txt

Quick answer: Add Bytespider to your robots.txt. Given its past compliance issues, treat robots.txt as a starting point rather than a complete solution. Supplement it with IP-level blocking for sites where crawler access needs hard enforcement.

To block Bytespider from your entire site:

User-agent: Bytespider
Disallow: /

Given the documented compliance history, this alone may not be sufficient if Bytespider resumes the crawling behaviour seen in 2023. IP-level blocking provides the enforcement layer that robots.txt cannot guarantee. The same logic applies to any well-behaved declared crawler you add alongside it, such as the Common Crawl bot CCBot.

IP-Level Blocking for Bytespider

Quick answer: Bytedance publishes Bytespider's IP ranges in its crawler documentation. Denying these ranges at your firewall or CDN provides enforcement independent of robots.txt compliance. For organisations with data governance or competitive concerns about Bytedance access, IP blocking is the more reliable approach.

IP-level blocking steps:

Locate Bytedance's current published IP ranges for Bytespider from their official documentation
Add these to your firewall, CDN edge rules, or reverse proxy configuration
Set a review cycle, quarterly is sufficient for most organisations

The IP blocking approach catches Bytespider regardless of whether it reads your robots.txt, which addresses the core concern raised by the 2023 compliance reports.

Data Sovereignty Concerns

Quick answer: Bytedance is a Chinese company operating under Chinese law. Content collected by Bytespider may be subject to the same data access framework that applies to other Chinese technology companies operating under Chinese jurisdiction. For regulated industries or organisations with explicit geopolitical data policies, this carries specific compliance relevance.

The concern here mirrors the reasoning behind blocking DeepSeekBot. It is not a claim of specific data misuse: it is a statement about jurisdictional exposure. Organisations that have explicit policies about data transfer to certain jurisdictions, or that handle content subject to regulatory requirements, have documented reasons to treat Bytedance-operated crawlers differently from crawlers operated by US-based companies.

Government contractors, financial services firms, healthcare organisations, and technology companies with competitive IP concerns have been active in adding Bytespider to their crawler blocklists on this basis.

Competitive Intelligence Risk

Quick answer: Beyond training data, Bytespider's crawl of retail, media, and tech sites creates competitive intelligence risk for Bytedance's product roadmap. TikTok Shop and Bytedance's e-commerce ambitions make detailed product catalogue and pricing data from competitors commercially valuable, not just training-data useful.

This is the second-order concern that makes Bytespider different from purely research-oriented AI crawlers. Bytedance operates TikTok Shop and has significant e-commerce infrastructure ambitions. A crawler that systematically collects product pricing, inventory, and catalogue data from retail sites serves both training and competitive intelligence purposes simultaneously.

For retailers, media companies, and any site with proprietary product or content data, this dual-use nature of Bytespider's collection is worth factoring into the blocking decision.

Browser-Layer Detection: What robots.txt Leaves Uncovered

Quick answer: Blocking Bytespider addresses Bytedance's declared training crawler. The 2023 compliance controversy shows that even declared crawlers can operate outside their stated parameters. Undeclared Bytedance-adjacent agents operating in real browser sessions are entirely invisible to header-based and rule-based detection tools.

Bytespider's compliance history makes browser-layer monitoring especially relevant for organisations blocking it. If the declared crawler bypassed robots.txt in the past, any future undeclared agent browsing your site in a real browser session leaves nothing to inspect at the network layer. The gap is architectural, not something you can configure away, and it is the same gap that lets undeclared AI content scrapers slip past rule-based controls.

cside observes the behavioural signals inside browser sessions that distinguish automated sessions from human visitors: interaction timing, fingerprint consistency, navigation patterns, and JavaScript execution characteristics. In cside's controlled testing, traditional tools missed AI agents operating inside real browser sessions in 81 out of 100 scenarios.

cside AI agent detection dashboard

Consider what a Bytedance-adjacent undeclared agent looks like at the browser layer. A session opens a retail category page in a full browser, renders JavaScript, and begins extracting product pricing and inventory data. The IP is clean, the user-agent is a current Chrome build, and the session presents a valid TLS fingerprint. Nothing at the network layer triggers an alert.

What cside observes is different: the agent opens each product detail page in a fixed sequence matching the category listing order, hover events over product images are absent, and the time between page loads is stable to within tens of milliseconds across dozens of requests. No human browsing session produces that combination of signals. cside classifies the session as automated and surfaces it for review before meaningful data has been extracted. For organisations that have added Bytespider to their robots.txt and IP blocklist, browser-layer monitoring closes the gap those controls leave open.

Client-Side Security Consultant Mike Kutlu

Client-side security consultant at cside. 10+ years of experience implementing technology solutions for enterprises (previously at Oracle, Cloudflare, and Splunk). Now helping teams use client-side intelligence to catch & reduce fraud.

Back to top

Don't just take our word for it, ask AI

FAQ

Frequently Asked Questions

Bytespider is Bytedance's AI training crawler. Bytedance is the Chinese parent company of TikTok. Bytespider collects web content to train AI models used across Bytedance's products. It attracted public scrutiny in 2023 for reportedly ignoring robots.txt restrictions on some sites, which sets it apart from crawlers with stronger compliance records.

Add `User-agent: Bytespider` followed by `Disallow: /` to your robots.txt file. Given Bytespider's documented compliance issues in 2023, supplement this with IP-level blocking. Locate Bytedance's published IP ranges and add them to your firewall or CDN deny list for hard enforcement.

Reports from 2023 documented instances of Bytespider crawling pages despite robots.txt disallow directives. Bytedance addressed these issues and updated its crawler practices. The incidents are documented in public security reporting. Whether current Bytespider versions fully respect robots.txt is a matter of ongoing monitoring by the site-owner community.

Bytedance is a Chinese company subject to Chinese law, including data access requirements that can apply to Chinese technology companies. Organisations with regulatory policies that restrict data transfer to specific jurisdictions, or with IP concerns about AI training data origin, have specific compliance reasons to block Bytespider beyond a general crawler blocking policy.

Bytespider is a crawl agent that systematically collects page content for training purposes. It is not representative of users visiting your site from TikTok. TikTok user traffic arriving via links or referrals is standard browser traffic. Bytespider is a distinct, automated system operated at infrastructure level to collect data at scale.

Monitor and Secure Your Third-Party Scripts

Gain full visibility and control over every script delivered to your users to enhance site security and performance.

Book a demo

Start for free

Start free, or try Business with a 14-day trial.

cside dashboard interface showing script monitoring and security analytics

How to Block ClaudeBot on Your Website

ClaudeBot crawls your site to train Anthropic's Claude models. Here is how to block it with robots.txt and IP ranges, and what the block still misses.

How to Prevent Fake Account Creation: Why Browser-Layer Detection Catches What Email Verification Misses

Email verification confirms a mailbox exists. It cannot see the browser. Here is why browser-layer detection catches fake account creation it misses.

Polyfill.io Supply Chain Attack: Complete Timeline, Analysis & Lessons (2024–2026)

A complete, sourced timeline of the Polyfill.io supply chain attack, from the 2024 domain sale to the 2025 Funnull sanctions, and how to remove it today.

Dark cside blog cover with blue pixel background and three checkmarks: why velocity rules miss AI card testers, browser signals that expose them, and blocking payment before checkout

How to Block AI Card-Testing Agents

AI card-testing agents probe payment flows using real browsers. Learn the browser signals that expose them before a transaction completes.

cside security platform classifying multiple AI agent connections — browser-layer agent detection and trust management

How to Choose an AI Agent Detection Solution

A five-step buying guide for CISOs evaluating AI agent detection solutions: architecture, classification, vendor profiles, and POC methodology.

Dark cside blog cover showing a browser interface filtering AI agent traffic into trusted and blocked paths

Best Bot and Agent Trust Management Platforms Compared (2026)

Forrester defines the category. cside, DataDome, HUMAN Security, Kasada, and Arkose Labs compared on detection layer, intent, and agentic coverage.

cside security shield monitoring a browser cursor path — browser-layer AI agent detection

How to Block OpenAI Operator on Your Website

OpenAI Operator browses your site like a real user. Learn how to detect and block it using browser-layer signals and when you should not block it.

DBSC vs Device Fingerprinting: What Chrome's Session Security Does Not Cover

Chrome's DBSC stops stolen-cookie replay, but it is Chrome-only, post-login, and not a device-identity layer. Here is the fraud it leaves open.

Detecting and blocking Perplexity Shopper on your website — cside blog

How to Block Perplexity Shopper on Your Website

Perplexity Shopper browses and buys from retail websites on behalf of Pro users. Learn how to detect its browser-layer signals and govern the traffic.

Illustration of a Claude API request and a returned response that belongs to a different user, flagged 'response does not match request', between Anthropic and cside logos

When an AI API returns another user's response: shared caches and cross-tenant leaks

A Claude API incident appears to have returned other users' responses. Why shared caches cause cross-tenant leaks, and how to build around the risk.