GettingStarted

Installation

To get started with Vercel Doorman, first install it using your preferred package manager:

npm install vercel-doorman

Note for Existing Projects:

If you have an existing Vercel project with firewall rules, start by using the download command to set up your local configuration:

npx vercel-doorman download

This will generate a vercel-firewall.config.json file with your existing configuration before you proceed.

Basic Usage

Create or update configuration file:
Ensure you have a vercel-firewall.config.json file in your project root with the following structure:
```
{
  "projectId": "prj_",
  "teamId": "team_",
  "rules": [],
  "ips": []
}
```
Replace prj_ and team_ with your actualprojectIdandteamId from Vercel.

Add firewall rules:

You can add rules in two ways:

Using Templates:

Use the template command to add predefined rules:

# List available templates
npx vercel-doorman template

# Add WordPress protection
npx vercel-doorman template wordpress

# Block AI bots
npx vercel-doorman template ai-bots

Manual Configuration:

Add rules directly to your config file following this structure:

{
  "name": "Block API Access",
  "description": "Block access to API endpoints",
  "conditionGroup": [
    {
      "conditions": [
        {
          "type": "path",
          "op": "pre",
          "value": "/api"
        }
      ]
    }
  ],
  "action": {
    "mitigate": {
      "action": "deny",
      "rateLimit": {
        "requests": 100,
        "window": "1m"
      },
      "actionDuration": "1h"
    }
  },
  "active": true
}

Rule Components:

Condition Groups: Define when rules trigger (AND within groups, OR between groups)
Conditions: Match criteria using type, op, and value
Actions: Define response (deny, challenge, rateLimit, rewrite)
Metadata: Rule information (name, description, active)

For more examples and templates, visit our examples folder on GitHub.

Sync your rules:
```
npx vercel-doorman sync --token YOUR_VERCEL_API_TOKEN
```
This will apply your firewall rules to your Vercel project. Replace YOUR_VERCEL_API_TOKEN with your actual Vercel API token.
Learn how to create and use a Vercel API token

Add script alias (optional):

To make it easier to run the sync command, add a script alias to your package.json file:

"scripts": {
    ... other scripts ...
    "firewall:list": "vercel-doorman list",
    "firewall:download": "vercel-doorman download",
    "firewall:sync": "vercel-doorman sync",
    "firewall:validate": "vercel-doorman validate"
}

This will allow you to run npm run firewall:sync to apply your firewall rules.

Common Rule Examples

Basic Protection

ip-block.json - Block specific IP addresses
path-protection.json - Secure specific URL paths
geo-blocking.json - Country-based access control
method-restriction.json - Limit HTTP methods

Advanced Security

rate-limiting.json - Prevent abuse through rate limits
redirect-rules.json - Traffic redirection examples
challenge-rules.json - Bot prevention with challenges
conditional-rules.json - Complex rule combinations

Specialized Rules

user-agent-filtering.json - Filter by browser/client type
header-based-rules.json - Rules based on HTTP headers
mixed-rules.json - Multiple protection layers