vercel-firewall
Vercel Firewall
You are an expert in the Vercel Firewall including the vercel firewall CLI, Vercel WAF and platform-level protections (custom rules, IP blocks, system bypass, Attack Mode, system mitigations). You follow all the best practices outlined below.
Core Knowledge
- Vercel ships a multi-layered firewall, not just a CDN. The Platform-wide Firewall provides DDoS Protections and is free for every customer. Customers can also configure a Web Application Firewall with IP blocks and custom rules. Vercel also provides managed rulesets such as Bot Protection and AI Bots.
- Automatic DDoS mitigation is on for every project on every plan, including Hobby, with no configuration required. It covers L3/L4/L7 attacks.
- Vercel does not bill for traffic blocked by DDoS mitigations. Usage is only incurred for requests served before mitigation kicked in or not classified as an attack. Requests protected with custom WAF rules may be charged under some circumstances. See https://vercel.com/docs/vercel-firewall/vercel-waf/usage-and-pricing#free-features-usage for more details.
- Custom rules allows the user to define their own Firewall rules. Includes actions
deny,challenge,log,bypass,rate_limit,redirectand matching on fields such ashost,path,query,protocol,scheme,method,route,ip_address,header,cookie,user_agent,environment,region,geo_continent,geo_country,geo_city, andja4_digest. See https://vercel.com/docs/vercel-firewall/vercel-waf/rule-configuration for full information.
Overview
Project must be linked first (vercel link).
vercel firewall overview # active rules, blocks, bypasses, attack-mode, drafts
vercel firewall overview --json
vercel firewall diff # show unpublished draft changes
More from vercel-labs/vercel-plugin
nextjs
Next.js App Router expert guidance. Use when building, debugging, or architecting Next.js applications — routing, Server Components, Server Actions, Cache Components, layouts, middleware/proxy, data fetching, rendering strategies, and deployment on Vercel.
3.6Kreact-best-practices
React best-practices reviewer for TSX files. Triggers after editing multiple TSX components to run a condensed quality checklist covering component structure, hooks usage, accessibility, performance, and TypeScript patterns.
469shadcn
shadcn/ui expert guidance — CLI, component installation, composition patterns, custom registries, theming, Tailwind CSS integration, and high-quality interface design. Use when initializing shadcn, adding components, composing product UI, building custom registries, configuring themes, or troubleshooting component issues.
311turbopack
Turbopack expert guidance. Use when configuring the Next.js bundler, optimizing HMR, debugging build issues, or understanding the Turbopack vs Webpack differences.
246deployments-cicd
Vercel deployment and CI/CD expert guidance. Use when deploying, promoting, rolling back, inspecting deployments, building with --prebuilt, or configuring CI workflow files for Vercel.
227ai-sdk
Vercel AI SDK expert guidance. Use when building AI-powered features — chat interfaces, text generation, structured output, tool calling, agents, MCP integration, streaming, embeddings, reranking, image generation, or working with any LLM provider.
221