Attacks Stopped at the Edge

Send SQL injection, XSS, and bots — watch them die at the edge before any origin is touched.

1 · WAF signature blocking

Submit a payload and watch the edge classify it. Try the presets - real attack signatures get blocked.

1' OR 1=1 -- <script>alert(1)</script> ../../etc/passwd blue running shoes

Cloudflare scores every request 1 (definitely bot) to 99 (definitely human). Here is yours, live.

This endpoint allows 5 requests / 10s per IP. Click rapidly and watch request #6 get a 429.