Quickstart

Install Dhal:

npm install @rokadhq/dhal

Initialize a reviewable config file:

npx dhal init

This creates dhal.json in the current directory.

Express

import express from "express";
import { dhal } from "@rokadhq/dhal/express";

const app = express();

app.use(express.json({ limit: "1mb" }));
app.use(dhal());

app.post("/api/login", (_req, res) => {
  res.status(401).json({ error: "bad credentials" });
});

app.listen(3000);

The Express adapter records response status codes after the request finishes. That allows credential-stuffing protection to learn from repeated 401 or 403 login failures.

Validate your config

npx dhal test-config
npx dhal doctor
npx dhal rules

Start safe

The recommended first mode is monitor:

{
  "mode": "monitor"
}

In monitor, Dhal logs decisions that would block, but does not block requests globally. Move high-confidence route profiles to block once you have reviewed real traffic.

Apply a preset

Presets are reviewable config overlays.

npx dhal presets
npx dhal presets show api-production
npx dhal presets apply api-production --output dhal.production.json

Review the generated file before using it in production.

Run a support report

npx dhal report --output dhal.report.json

The report is redacted by default and useful for debugging installation posture.

Express​

Validate your config​

Start safe​

Apply a preset​

Run a support report​

Express

Validate your config

Start safe

Apply a preset

Run a support report