Firewall (WAF)

Block the bad traffic,
with a rule.

Allow or block requests by IP, CIDR, country, path, method or user-agent. A tiny, fast rule engine your edge, middleware or agent calls to decide. The flat-rate alternative to Cloudflare WAF and Vercel Firewall.

One abusive IP or a bot flood shouldn’t need a new deploy to stop

When a scraper hammers /api or traffic from a country you don’t serve spikes, you want to block it now — not ship code. koigrid Firewall lets you add allow/block rules (by IP, CIDR, country, path, method or user-agent) that take effect immediately. Your edge or middleware calls one endpoint to get an allow/block decision; the first matching rule wins, and allow-rules let you carve out your office IP before a broad block.

How koigrid compares

koigridCloudflare WAF
PricingFlat ratePer plan / request
IP / CIDR / country rulesYesYes
Path / method / UA rulesYesYes
Allow-list overridesYes (priority)Yes
Decision API for your edgeYesPartial
Manage by AI agentNativeAPI

From public docs, 2026. v1 is a rule engine + a decision endpoint your edge/middleware calls. Transparent enforcement at koigrid’s own edge is on the roadmap.

Rules that take effect now

Block by anything

IP, CIDR range, country, path prefix, HTTP method or user-agent substring.

First match wins

Order rules by priority — an allow-rule can whitelist before a broad block.

One decision call

Your edge/middleware POSTs the request details and gets allow/block back.

Instant

Add or remove a rule and it applies on the next request — no deploy.

Agent-native

An agent can add a block rule the moment it detects abuse.

Flat rate

One price — no per-request WAF bill.