ChatGPT-User is the user agent used when ChatGPT accesses the web through its browsing capability, available to ChatGPT Plus and Enterprise users. Unlike GPTBot which crawls for training data, ChatGPT-User represents real-time web access requested by users during conversations. When a user asks ChatGPT to look up current information, analyze a webpage, or verify facts online, this user agent is used to fetch the content. The bot respects robots.txt and will not access sites that explicitly block it. This browsing feature enables ChatGPT to provide up-to-date information beyond its training cutoff date, making it particularly valuable for current events, recent developments, and real-time data verification. Website owners should consider that blocking this bot prevents ChatGPT users from accessing and discussing their content in conversations, potentially limiting their reach to AI-assisted research and discovery.
User Agent String
Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ChatGPT-User/1.0; +https://openai.com/bot)
How to Control ChatGPT-User
Block Completely
To prevent ChatGPT-User from accessing your entire website, add this to your robots.txt file:
⚠️ AI Training Notice
This bot may collect and use your website content for AI model training. Consider whether you want your content used for this purpose before allowing access.
Detection Patterns
Multiple ways to detect ChatGPT-User in your application:
Basic Pattern
/ChatGPT\-User/i
Strict Pattern
/^Mozilla/5\.0 AppleWebKit/537\.36 \(KHTML, like Gecko; compatible; ChatGPT\-User/1\.0; \+https\://openai\.com/bot\)$/
Flexible Pattern
/ChatGPT\-User[\s\/]?[\d\.]*?/i
Vendor Match
/.*OpenAI.*ChatGPT\-User/i
Implementation Examples
// PHP Detection for ChatGPT-User
function detect_chatgpt_user() {
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
$pattern = '/ChatGPT\\-User/i';
if (preg_match($pattern, $user_agent)) {
// Log the detection
error_log('ChatGPT-User detected from IP: ' . $_SERVER['REMOTE_ADDR']);
// Set cache headers
header('Cache-Control: public, max-age=3600');
header('X-Robots-Tag: noarchive');
// Optional: Serve cached version
if (file_exists('cache/' . md5($_SERVER['REQUEST_URI']) . '.html')) {
readfile('cache/' . md5($_SERVER['REQUEST_URI']) . '.html');
exit;
}
return true;
}
return false;
}
# Python/Flask Detection for ChatGPT-User
import re
from flask import request, make_response
def detect_chatgpt_user():
user_agent = request.headers.get('User-Agent', '')
pattern = r'ChatGPT-User'
if re.search(pattern, user_agent, re.IGNORECASE):
# Create response with caching
response = make_response()
response.headers['Cache-Control'] = 'public, max-age=3600'
response.headers['X-Robots-Tag'] = 'noarchive'
return True
return False
# Django Middleware
class ChatGPTUserMiddleware:
def __init__(self, get_response):
self.get_response = get_response
def __call__(self, request):
if self.detect_bot(request):
# Handle bot traffic
pass
return self.get_response(request)
// JavaScript/Node.js Detection for ChatGPT-User
const express = require('express');
const app = express();
// Middleware to detect ChatGPT-User
function detectChatGPTUser(req, res, next) {
const userAgent = req.headers['user-agent'] || '';
const pattern = /ChatGPT-User/i;
if (pattern.test(userAgent)) {
// Log bot detection
console.log('ChatGPT-User detected from IP:', req.ip);
// Set cache headers
res.set({
'Cache-Control': 'public, max-age=3600',
'X-Robots-Tag': 'noarchive'
});
// Mark request as bot
req.isBot = true;
req.botName = 'ChatGPT-User';
}
next();
}
app.use(detectChatGPTUser);
# Apache .htaccess rules for ChatGPT-User# Block completely
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ChatGPT\-User [NC]
RewriteRule .* - [F,L]
# Or redirect to a static version
RewriteCond %{HTTP_USER_AGENT} ChatGPT\-User [NC]
RewriteCond %{REQUEST_URI} !^/static/
RewriteRule ^(.*)$ /static/$1 [L]
# Or set environment variable for PHP
SetEnvIfNoCase User-Agent "ChatGPT\-User" is_bot=1
# Add cache headers for this bot
<If "%{HTTP_USER_AGENT} =~ /ChatGPT\-User/i">
Header set Cache-Control "public, max-age=3600"
Header set X-Robots-Tag "noarchive"
</If>
# Nginx configuration for ChatGPT-User# Map user agent to variable
map $http_user_agent $is_chatgpt_user {
default 0;
~*ChatGPT\-User 1;
}
server {
# Block the bot completely
if ($is_chatgpt_user) {
return 403;
}
# Or serve cached content
location / {
if ($is_chatgpt_user) {
root /var/www/cached;
try_files $uri $uri.html $uri/index.html @backend;
}
try_files $uri @backend;
}
# Add headers for bot requests
location @backend {
if ($is_chatgpt_user) {
add_header Cache-Control "public, max-age=3600";
add_header X-Robots-Tag "noarchive";
}
proxy_pass http://backend;
}
}
Should You Block This Bot?
Recommendations based on your website type:
Site Type
Recommendation
Reasoning
E-commerce
Limit Access
Protect pricing and inventory data from AI training
Blog/News
Consider Blocking
Your content may be used for AI training without compensation
SaaS Application
Block
No benefit for application interfaces; preserve resources
Documentation
Selective
Allow for public docs, block for internal docs
Corporate Site
Limit
Allow for public pages, block sensitive areas like intranets
