Developer-First Security

DarkAPI Firewall

Stop threats before they reach your app. Powered by 19+ real-time threat intelligence feeds.
The Arcjet alternative with actual security underneath.

View SDK on GitHubSee Pricing

Quick Start

import { createFirewall, presets } from '@darkapi/firewall'

const firewall = createFirewall({
  token: process.env.DARKAPI_TOKEN
})

// Use preset rule sets
const decision = await firewall.decide(
  { ip: req.ip, url: req.url },
  presets.signupProtection()
)

if (firewall.isDenied(decision)) {
  return res.status(403).json({
    error: decision.reason
  })
}
Install:npm install @darkapi/firewall

12+ Security Rules. One SDK.

IP Reputation

19+ threat intelligence feeds providing real-time IP risk scoring and classification

Rate Limiting

Sliding window rate limiting with Redis-backed counters for precise traffic control

Bot Detection

Malicious bot identification with verified bot allowlist (Googlebot, Bingbot)

Attack Shield

OWASP pattern detection: SQLi, XSS, SSRF, RCE, path traversal

Email Validation

Disposable email detection + breach data checking for signup protection

Geo & ASN Blocking

Country-level and ASN-level blocking with Tor/VPN/proxy detection

Works With Your Stack

Next.js
Express
💿Remix
🔥SvelteKit
🚀FastAPI
🎸Django

Edge Runtime compatible • No Node.js dependencies • TypeScript first

Pre-Configured Rule Sets

Signup Protection

  • Bot detection
  • Email validation
  • Rate limiting
  • IP reputation

Login Protection

  • Rate limiting
  • Bot detection
  • IP reputation
  • Challenge

API Protection

  • Rate limiting
  • Bot detection
  • Shield (OWASP)
  • IP reputation

Checkout Protection

  • Bot detection
  • IP reputation
  • Tor blocking
  • VPN challenge

Admin Protection

  • All rules
  • Strict IP reputation
  • Datacenter blocking

Why DarkAPI Firewall?

DarkAPI Firewall

  • 19+ threat intelligence feeds
  • Email breach data checking
  • Granular IP classification
  • ASN blocking support
  • Comprehensive OWASP shield

Arcjet

  • Basic IP reputation only
  • No breach data integration
  • Limited IP classification
  • No ASN blocking
  • Basic WAF patterns

Built for Performance

<1ms
Cached decisions
<50ms
API call latency (p50)
80%+
Cache hit rate

Ready to Secure Your App?

Start with 10,000 requests/month free. No credit card required.

Get Started FreeContact SalesRead Documentation