Route profiles

Route profiles let Dhal apply different policies to different application surfaces.

{
  "mode": "monitor",
  "routes": {
    "/api/login": {
      "mode": "block",
      "tags": ["auth", "public"],
      "rateLimit": {
        "windowSeconds": 60,
        "max": 5,
        "keyBy": ["ip", "route"]
      },
      "rules": {
        "credentialStuffing": true,
        "bot": true
      },
      "response": {
        "message": "Request blocked"
      }
    },
    "/api/upload": {
      "mode": "block",
      "rules": {
        "largePayload": {
          "enabled": true,
          "maxBytes": 5242880
        }
      }
    }
  }
}

Recommended route types

Create explicit profiles for:

/api/login;
/api/auth/*;
/api/upload;
/api/admin/*;
webhook receivers;
payment or checkout routes;
tenant-scoped APIs.

Rollout strategy

Start global monitor, then move individual high-confidence routes to block.

Presets Rate limiting

⌘I

Documentation Index

​Route profiles

​Recommended route types

​Rollout strategy

Route profiles

Recommended route types

Rollout strategy