Skip to content


Firewall Overview#

The Firewall feature of Peakhour.IO allows you to control incoming client requests based on specific conditions. When a client request matches a firewall rule, the request is either allowed or denied, and no further firewall rules are evaluated.

Firewall rules can be based on a combination of the following fields:

  1. Standard request fields, such as the host name, request method, and IP address of the client.
  2. GeoIP fields, such as the AS number and country code of the client.
  3. User agent fields, such as information about the client's browser or device.
  4. Bot fields, such as whether the client is a verified bot and the verification state of the bot.
  5. Fingerprint ML fields, such as the result of machine learning algorithms applied to the client's request.

You can specify the action to be taken when a firewall rule is matched using the following available actions:

  • firewall.allow: Allows the client request to proceed.
  • firewall.deny: Blocks the client request.

By combining the available fields and actions, you can create firewall rules that match a wide variety of client requests, giving you fine-grained control over the incoming traffic to your application. For more information on the fields and actions available in firewall rules, see the fields reference documentation below:


The following fields are available in the firewall phase: