Vercel Firewall

Vercel Firewall is a set of tools and infrastructure, created specifically with security in mind. It automatically mitigates DDoS attacks and Enterprise teams can get further customization for their site, including dedicated support and custom rules for IP blocking.

Vercel provides automated DDoS mitigation for all deployments, regardless of the plan that you are on. With this automated DDoS mitigation, we block incoming traffic if we identify abnormal or suspicious levels of incoming requests.

For significantly larger, distributed attacks on Enterprise Teams, we work closely with you to ensure your site(s) stay online in the event of an attack. The combination of automated prevention and direct communication from our Customer Success Managers helps ensure your site is resilient to attacks.

Contact our sales team to learn more:

Attack Challenge Mode is a way for customers on all plans to ensure more control when under high volume attacks. The Vercel Firewall automatically helps mitigate DDoS attacks, but sometimes you may want an extra layer of control to ensure that all traffic to your site is legitimate.

With Vercel WAF, you can customize the Vercel Firewall by restricting access to your applications or websites by blocking specific IP address or applying specific rules that you can customize in the Vercel dashboard.

By creating custom rules, in conjunction with DDoS mitigation, you can further strengthen your security posture and maintain control over who can access your applications and websites.

For customers with advanced firewall needs, the Vercel Firewall offers the utilization of JA3 and JA4 TLS fingerprints, a sophisticated technology employed to track and identify suspicious traffic. TLS fingerprints uniquely identify user sessions based on details in the TLS protocol initiation process.

This advanced feature provides heightened security measures, especially useful in detecting persistent and covert threats like Botnets or Advanced Persistent Threats (APTs).