惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

WordPress大学
WordPress大学
Cyberwarzone
Cyberwarzone
The GitHub Blog
The GitHub Blog
云风的 BLOG
云风的 BLOG
P
Proofpoint News Feed
小众软件
小众软件
Recent Announcements
Recent Announcements
博客园 - 三生石上(FineUI控件)
Security Archives - TechRepublic
Security Archives - TechRepublic
W
WeLiveSecurity
Cloudbric
Cloudbric
博客园 - 司徒正美
美团技术团队
N
News and Events Feed by Topic
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
PCI Perspectives
PCI Perspectives
宝玉的分享
宝玉的分享
H
Help Net Security
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Google DeepMind News
Google DeepMind News
Help Net Security
Help Net Security
Last Week in AI
Last Week in AI
S
Schneier on Security
N
News | PayPal Newsroom
B
Blog RSS Feed
L
LINUX DO - 最新话题
T
Troy Hunt's Blog
S
Secure Thoughts
雷峰网
雷峰网
aimingoo的专栏
aimingoo的专栏
L
Lohrmann on Cybersecurity
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
Hacker News - Newest:
Hacker News - Newest: "LLM"
T
Tenable Blog
S
Securelist
L
LangChain Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
I
InfoQ
H
Heimdal Security Blog
Cisco Talos Blog
Cisco Talos Blog
F
Full Disclosure
Y
Y Combinator Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
K
Kaspersky official blog
T
Tailwind CSS Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
阮一峰的网络日志
阮一峰的网络日志
C
Cisco Blogs

Vercel News

Vercel Open Source Program: Winter 2026 cohort How Notion Workers run untrusted code at scale with Vercel Sandbox How we run Vercel's CDN in front of Discourse From idea to secure checkout in minutes with Stripe Building Slack agents can be easy Scaling redirects to infinity on Vercel Advancing Python typing Gamma builds design-first agents with Vercel How Avalara turns pipe dreams into patent-pending with v0 Keeping community human while scaling with agents How OpenEvidence built a healthcare AI that physicians actually trust Security boundaries in agentic architectures Skills Night: 69,000+ ways agents are getting smarter Video Generation with AI Gateway We Ralph Wiggumed WebStreams to make them 10x faster How Stably ships AI testing agents in hours, not weeks How we built AEO tracking for coding agents Anyone can build agents, but it takes a platform to run them Introducing Geist Pixel The Vercel AI Accelerator is back with $6m in credits Making agent-friendly pages with content negotiation The Vercel OSS Bug Bounty program is now available Introducing the new v0 Run untrusted code with Vercel Sandbox, now generally available How Stripe built a game-changing app in a single flight with v0 How Sensay went from zero to product in six weeks AGENTS.md outperforms skills in our agent evals Agent skills explained: An FAQ Testing if "bash is all you need" AWS databases are now live on the Vercel Marketplace and v0 Use Perplexity Web Search with Vercel AI Gateway Introducing: React Best Practices Nick Bogaty joins Vercel as Chief Revenue Officer How Mux shipped durable video workflows with their @mux/ai SDK How to build agents with filesystems and bash How we made v0 an effective coding agent Stopping the slow death of internal tools Building AI-Generated Pixel Trading Cards with Vercel AI Gateway We removed 80% of our agent’s tools AI SDK 6 Our $1 million hacker challenge for React2Shell Cline now runs on Vercel AI Gateway How to prompt v0 Build smarter workflows with Notion and v0 Vercel launches partner certification Inside Workflow DevKit: How framework integrations work React2Shell Security Bulletin | Vercel Knowledge Base Billions of requests: Black Friday-Cyber Monday 2025 Investing in the Python ecosystem AWS Databases coming to the Vercel Marketplace How we built the v0 iOS app Workflow Builder: Build your own workflow automation platform Vercel Open Source Program: Fall 2025 cohort Self-driving infrastructure Vercel collaborates with Google for Gemini 3 Pro Preview launch Vercel: The anti-vendor-lock-in cloud How Nous Research used BotID to block automated abuse at scale How AI Gateway runs on Fluid compute What we learned building agents at Vercel Build and deploy data applications on Snowflake with v0 BotID Deep Analysis catches a sophisticated bot network in real-time Vercel achieves TISAX AL2 compliance to serve automotive partners Bun runtime on Vercel Functions David Totten Joins Vercel to Lead Global Field Engineering Vercel Ship AI 2025 recap You can just ship agents AI agents and services on the Vercel Marketplace Built-in durability: Introducing Workflow Development Kit Zero-config backends on Vercel AI Cloud Introducing Vercel Agent: Your new Vercel teammate Update regarding Vercel service disruption on October 20, 2025 Agents at work, a partnership with Salesforce and Slack Running Next.js in ChatGPT: How to Build ChatGPT Apps Talha Tariq joins Vercel as CTO of Security Just another (Black) Friday Server rendering benchmarks: Fluid Compute and Cloudflare Workers Towards the AI Cloud: Our Series F Collaborating with Anthropic on Claude Sonnet 4.5 to power intelligent coding agents Preventing the stampede: Request collapsing in the Vercel CDN BotID uncovers hidden SEO poisoning How we made global routing faster with Bloom filters What you need to know about vibe coding Scale to one: How Fluid solves cold starts Addressing security & quality issues with MCP tools - Vercel AI agents at scale: Rox’s Vercel-powered revenue operating system Agentic Infrastructure Zero Data Retention on AI Gateway Optimizing Vercel Sandbox snapshots How Waldium made a blog platform work for humans and AI alike How FLORA shipped a creative agent on Vercel's AI stack Agent responsibly Making Turborepo 96% faster with agents, sandboxes, and humans Unified reporting for all AI Gateway usage new.website joins forces with v0 SERHANT.'s playbook for rapid AI iteration Two startups at global scale without DevOps Chat SDK brings agents to your users 360 billion tokens, 3 million customers, 6 engineers Meet the 2026 Vercel AI Accelerator Cohort Build knowledge agents without embeddings
Vercel WAF upgrade brings persistent actions, rate limiting, and API control - Vercel – Vercel
Dan Fein · 2024-10-02 · via Vercel News

4 min read

New Firewall capabilities reduce effects of DDoS attacks and enhance traffic control

At Vercel Ship, we introduced the new Web Application Firewall (WAF), an application-layer firewall that complements our platform-wide firewall. This enables our customers to implement custom or managed rulesets, such as protection against the OWASP Top 10 risks.

Since its release, Vercel’s WAF has blocked billions of malicious requests, demonstrating its resilience and reliability across a wide variety of use cases, from small startups to large enterprise deployments.

Today we're announcing:

  • Persistent actions: Block repeat offenders by applying rules across all matching requests for a customizable duration.

  • Rate limiting: Set request limits on specific endpoints to prevent API abuse while maintaining performance for legitimate users.

  • Firewall API: Programmatically control WAF settings to automate security workflows and integrate with third-party tools.

Link to headingBringing new enhancements to Vercel Web Application Firewall

These improvements further enable Vercel customers to serve desired traffic while taking action against anything else.

Vercel’s Challenge page, originally exclusive to the Vercel WAF, verifies browsers to ensure only legitimate users access applications. This feature is now extended to the broader Vercel Firewall, enhancing automated bot management and DDoS protection across the platform.

A key advantage of Vercel’s WAF is instant rule propagation. While traditional firewalls may take up to 20 minutes to apply updates globally, leaving applications vulnerable, Vercel’s Edge Network propagates rules worldwide in just 300 milliseconds—securing applications immediately.

Why does this matter? Because attackers look for short gaps in security. The ability to enforce rules instantly cuts off their window of opportunity and ensures your security policies are always active, no matter where the request is coming from.

Block AI Bots - Firewall Rule

Add a custom rule to your project's Firewall to detect common AI bots. This rule defaults to 'Log.' Change it to 'Deny' to block these bots.

Add Firewall Rule

Link to headingAdding persistence to rule actions

Previously, each request was evaluated individually, even if similar ones had been blocked moments before. Now, with persistent actions, rules are applied to all matching requests for a customizable duration. This enhancement allows your firewall to remember malicious behavior, blocking it earlier in the lifecycle and preventing requests from consuming Vercel Edge resources unnecessarily.

Persistent actions are critical in defending against repeat offenders. Instead of wasting time and resources on redundant evaluations, Vercel’s WAF blocks threats as soon as they’re identified. This keeps your application efficient and focused on delivering for real users.

Link to headingRate limiting to control request frequency

With the growth of API-first architectures, controlling the flow of traffic is more important than ever. Rate limiting is now generally available in Vercel’s WAF, allowing you to set precise request limits for specific endpoints. This means you can prevent API abuse without disrupting the experience for legitimate users.

Persistent actions can be combined with rate limiting, allowing you to quickly block bad actors once identified, reducing resource strain efficiently.

You can set up both per-endpoint and general API rules for better traffic control. For example:

  • /api/user allows 5 requests per minute

  • /api/* allows 100 requests per minute

Requests containing /api would first be checked against /api/user. If the limit is exceeded, the action (e.g., log, block, challenge, or deny) would be applied immediately. If the request passes, it would then be checked against /api/*, and the action would be triggered if that limit is exceeded.

This layered approach provides precise control over specific endpoints while enforcing broader API limits.

Granular rate limiting configuration to set actions, algorithms, time windows, request limits, and tracking keys, allowing precise control of traffic flow and safeguarding your APIs.Granular rate limiting configuration to set actions, algorithms, time windows, request limits, and tracking keys, allowing precise control of traffic flow and safeguarding your APIs.

Granular rate limiting configuration to set actions, algorithms, time windows, request limits, and tracking keys, allowing precise control of traffic flow and safeguarding your APIs.

Link to headingProgrammatic control with the Firewall API

With the new Firewall API, you can now programmatically control WAF settings, automating your security workflows and integrating with third-party tools. This API lets you automatically adjust rules based on real-time traffic, helping you stay agile as conditions change.

For instance, if you have your own intelligence feeds or anomaly detection systems, you could programmatically create rules without any manual intervention. This level of automation is critical for teams running large-scale applications, providing flexibility and peace of mind.

The API covers the full range of Firewall features, so you can manage your WAF even when you’re not actively monitoring it. This is especially valuable for teams responsible for mission-critical applications that can’t afford downtime.

Link to headingWhy Vercel’s approach is different

What sets Vercel apart is the seamless integration of security with development. Unlike traditional WAF solutions that slow down deployment or require complex setups, Vercel’s WAF fits naturally into your development workflow. Security shouldn’t be a burden—it should work for you, not against you.

Vercel’s WAF is designed for speed and flexibility. Deploy security rules instantly and manage them programmatically. This means your team can focus on what matters: building, deploying, and iterating quickly, while knowing your app is protected from threats.

At Vercel, our goal is a web that’s secure by default. These WAF enhancements are a key part of that vision, ensuring you have the control and protection you need to keep your application fast, secure, and focused on serving real users.

Rate Limit API Requests - Firewall Rule

Add a custom rule to your project's Firewall to rate limit API requests. This rule defaults to 'Log.' Change it to 'Deny' to actually block these requests.

Add Firewall Rule