Vercel Firewall
Learn how Vercel Firewall helps protect your applications and websites from DDoS attacks and unauthorized access.Vercel Firewall is a set of tools and infrastructure, created specifically with security in mind. It automatically mitigates DDoS attacks with possible dedicated DDoS support for Enterprise teams, enables IP blocking and provides custom rules for additional security and customization.
DDoS Mitigation is available on all plans
Vercel provides automated DDoS mitigation for all deployments, regardless of the plan that you are on. With this automated DDoS mitigation, we block incoming traffic if we identify abnormal or suspicious levels of incoming requests.
Dedicated DDoS support is available on Enterprise plans
For significantly larger, distributed attacks on Enterprise Teams, we work closely with you to ensure your site(s) stay online in the event of an attack. The combination of automated prevention and direct communication from our Customer Success Managers helps ensure your site is resilient to attacks.
Contact our sales team to learn more:
Attack Challenge Mode is available on all plans
Attack Challenge Mode is a way for customers on all plans to ensure more control when under high volume attacks. The Vercel Firewall automatically helps mitigate DDoS attacks, but sometimes you may want an extra layer of control to ensure that all traffic to your site is legitimate.
Vercel WAF is available on all plans
With Vercel WAF, you can customize the Vercel Firewall by restricting access to your applications or websites by blocking specific IP address or applying specific rules that you can customize in the Vercel dashboard.
By creating custom rules, in conjunction with DDoS mitigation, you can further strengthen your security posture and maintain control over who can access your applications and websites.
Transport Layer Security (TLS) fingerprints are available on all plans
For customers with advanced firewall needs, the Vercel Firewall offers the utilization of JA3 and JA4 TLS fingerprints, a sophisticated technology employed to track and identify suspicious traffic. TLS fingerprints uniquely identify user sessions based on details in the TLS protocol initiation process.
This advanced feature provides heightened security measures, especially useful in detecting persistent and covert threats like Botnets or Advanced Persistent Threats (APTs).
To help protect your site effectively, you can configure alerts to be notified of potential security threats and firewall actions. To do so, you can either create a webhook and subscribe to the listener URL or subscribe to the event through the Vercel Slack app.
When Vercel's DDoS Mitigation detects malicious traffic on your site that exceeds 100,000 requests over a 10-minute period, an alert is generated.
To receive notifications from these alerts, you can use one of the following methods:
- Create a webhook and subscribe to the URL to receive notifications
- Follow the configure a webhook guide to create a webhook with the Attack Detected Firewall Event checked and the specific project(s) you would like to be notified about
- Subscribe to the created webhook URL
- Use the Vercel Slack app to enable notifications for Attack Detected Firewall Events
- Add the Slack app for your team by following the Use the Vercel Slack app guide
- Then subscribe to DDoS attack alerts for your
team_id
- Use the command
/vercel subscribe {team_id} firewall.attack
- Use the command
- Review the Vercel Slack app command reference for additional options.
Was this helpful?