Payload inspection
Look inside query strings, request bodies, paths, methods, and headers before traffic reaches application code.
Forgeon Web Firewall filters malicious HTTP traffic with managed rules, custom policies, payload inspection, header checks, and origin-safe decisions before requests reach your runtime.
Threats blocked
18.9k
Rules active
124
Origin hits saved
72%
Inspection wall
request → rules → verdict
POST /api/login
The request contains a classic boolean SQL injection pattern targeting an authentication endpoint.
96
risk score
Request simulator
Web Firewall looks at more than an IP address. It inspects route, method, headers, query string, body shape, payload signatures, and route sensitivity before forwarding traffic.
request.replay
POST /api/login
content-type: application/json
{"email":"admin' OR '1'='1", "password":"test"}Inspection pipeline
normalize → match → decide → record
Decode URL, headers, method, body shape, and route context so the request can be inspected consistently.
Compare request fields against managed signatures, custom rules, route policies, and suspicious payload patterns.
Allow, log, challenge, rate-limit, or block before the request reaches your runtime or origin service.
Attach firewall events to logs and observability so blocked traffic has a visible trail.
Layer 7 protection
Network-level blocking is not enough for modern apps. Web Firewall looks at application-layer patterns: routes, payloads, headers, methods, and attack signatures that target your actual endpoints.
Rule engine
Use managed protections for common threats, then add your own route policies for admin paths, webhooks, auth flows, APIs, and expensive runtime endpoints.
Managed protection rules
Start with common web attack protections for SQL injection, XSS, path traversal, command injection, bad methods, and suspicious payloads.
SQL injection signatures
body + query
blockCross-site scripting
body + params
challengePath traversal probes
url path
blockCommand injection markers
body
blockFirewall event stream
click an event to inspect
Firewall trail
Every decision should be visible: which request matched, which rule fired, what action happened, and whether the request was blocked, challenged, logged, or forwarded.
selected event · 12:40:02
Route /api/login produced action block after rule inspection.
Protection surface
Look inside query strings, request bodies, paths, methods, and headers before traffic reaches application code.
Start with battle-tested patterns for common web attacks instead of writing every rule from scratch.
Give sensitive endpoints stricter treatment than public pages, previews, or static routes.
Stop suspicious traffic at the edge of your app so runtime services do not pay the price.
Web Firewall
Inspect web traffic, block common attacks, protect sensitive routes, shield origin, and keep hostile requests away from the code that runs your product.
request → inspect → rule match → verdict