Block the bad traffic,
with a rule.
Allow or block requests by IP, CIDR, country, path, method or user-agent. A tiny, fast rule engine your edge, middleware or agent calls to decide. The flat-rate alternative to Cloudflare WAF and Vercel Firewall.
One abusive IP or a bot flood shouldn’t need a new deploy to stop
When a scraper hammers /api or traffic from a country you don’t serve spikes, you want to block it now — not ship code. koigrid Firewall lets you add allow/block rules (by IP, CIDR, country, path, method or user-agent) that take effect immediately. Your edge or middleware calls one endpoint to get an allow/block decision; the first matching rule wins, and allow-rules let you carve out your office IP before a broad block.
How koigrid compares
| koigrid | Cloudflare WAF | |
|---|---|---|
| Pricing | Flat rate | Per plan / request |
| IP / CIDR / country rules | Yes | Yes |
| Path / method / UA rules | Yes | Yes |
| Allow-list overrides | Yes (priority) | Yes |
| Decision API for your edge | Yes | Partial |
| Manage by AI agent | Native | API |
From public docs, 2026. v1 is a rule engine + a decision endpoint your edge/middleware calls. Transparent enforcement at koigrid’s own edge is on the roadmap.
Rules that take effect now
Block by anything
IP, CIDR range, country, path prefix, HTTP method or user-agent substring.
First match wins
Order rules by priority — an allow-rule can whitelist before a broad block.
One decision call
Your edge/middleware POSTs the request details and gets allow/block back.
Instant
Add or remove a rule and it applies on the next request — no deploy.
Agent-native
An agent can add a block rule the moment it detects abuse.
Flat rate
One price — no per-request WAF bill.