Managed WAF
A dedicated reverse proxy with WAF rules, rate limiting, and bot filtering — deployed in front of your origin in 5 minutes.
Three steps.
Point DNS
Change your A or CNAME record to VoidFort. Takes 2 minutes. No code changes.
Shield activates
We provision your Shield node in the nearest datacenter region. Traffic flows through it. Your server is now unreachable directly.
Stay dark
Attackers hit VoidFort. Your server serves legitimate requests through the Shield.
Six protection layers.
IP Reputation
Incoming IPs checked against threat intelligence feeds updated every 15 minutes. Known bad actors blocked on connection.
Rate Limiting
Per-IP, per-route, and global request limits. Adaptive thresholds that tighten under volumetric attack.
WAF Rules
SQLi, XSS, path traversal, RCE, SSRF, and 200+ additional rule categories. Rules updated without deployment.
Bot Fingerprinting
Behavioral signals, header anomalies, and TLS fingerprint analysis separate automated traffic from real users.
DDoS Absorption
Layer 3/4 and Layer 7 floods absorbed at the Shield. Your origin's load stays flat regardless of inbound volume.
Origin Shield
Your server's IP never appears in DNS. VoidFort IPs are the only public-facing endpoints.
The goal they can't find.
Defense in the dark. No credit card. No footprint.