Features
HEIMWALL is one platform for security, delivery and visibility at the edge. Here is what you actually get — no add-ons, no unlock fees.
Compose conditions across 29 request attributes — IP type, country/ASN, bot category, path, header, method and more — then block, challenge, redirect or log. No code required.
Every request gets a 0–100 bot score across 17 bot categories. Act on thresholds you set: let good bots through, challenge the gray zone, block the rest.
Automatic challenges verify suspicious clients, while brute-force protection (failban) bans abusive IPs automatically and lifts the ban when it expires.
During traffic spikes, hold visitors in a fair queue page and admit them at a steady rate — your origin stays healthy instead of falling over.
Serve your own branded block and error pages, so a stopped attack still looks like your product — not a generic gateway error.
Rule-based rate limits on any request attribute — IP, path or token — with a separate limit per rule. Abuse is cut at the edge before it ever loads your origin.
Control edge cache and browser cache with separate TTLs, and serve faster with HTTP/3 and automatic compression.
Issue and renew certificates automatically over ACME, or upload your own. TLS terminates at the edge and your origin IP stays hidden.
Run authoritative DNS with geo-routing that sends each visitor to the nearest PoP, plus health checks and automatic failover.
Run multiple origins Active-Active or Active-Passive. Health checks detect an origin going down and traffic fails over automatically.
Distribute requests across servers of different capacity with weighted balancing — add or remove origins from a single console.
Your origin IP stays fully hidden. The edge connects to your origin over the port and scheme (HTTP/HTTPS) you define, so attackers see only the wall.
Brotli compression, auto-minify, image optimization and HTTP/3 are applied automatically in transit.
When your CI/CD starts a deploy, the server is drained from traffic and visitors flow to another with no interruption. Once it finishes, HEIMWALL verifies health and returns it to traffic.
Set up several servers as separate load-balanced groups, and run different backends and upstream pools by rule and condition.
See visitor trends with a privacy-friendly, cookieless “estimated visitors” metric — insight without tracking, aligned with KVKK/GDPR.
Watch live access logs with advanced filtering, and pull usage reports by year, month or day with a per-region traffic breakdown.
Every change is recorded in an audit log, alongside a history of the e-mail notifications the platform has sent.
A highly detailed access log with fast filtering — by response time, country or carrier — so everything stays under control and you spot errors quickly.
Add cookies based on visitor consent via IAB TCF v2 (CMP consent string) and track consented visitors separately — and see every cookie HEIMWALL uses.
Watch all your origin servers from one screen and take them out or back in with the threshold rules you set. Every status change is reported to you.
Push attack and anomaly events to your systems with HMAC-signed webhooks, and get mobile push notifications on the iOS and Android apps.
Everything in the console is available over the API, with scoped API keys so each integration gets exactly the access it needs.
Resellers can create users across multiple platforms and track each separately, offering seamless support with per-user redirect URLs.
Request a demo
Book a guided demo and we'll walk the console through your own scenarios.