FFakeMCP

Cloudflare Hardening

Configure WAF and rate-limits for public reliability APIs.

Cloudflare Hardening Checklist

FakeMCP manages edge protections through infra automation.

Primary commands:

bash
pnpm infra:bootstrap
pnpm infra:deploy
pnpm infra:check

Long press or right-click snippet for quick actions

Managed protections (idempotent upserts)

  • WAF managed ruleset execution for the production zone.
  • Zone rate-limit rules for:
    • /mcp
    • /scenario
    • /v1/scenario
    • /v1/suites
    • /v1/runs
    • /v1/replays
    • /v1/conformance

Default thresholds in config:

  • /mcp*: 300 req / 60s
  • /scenario*: 120 req / 60s
  • Reliability routes: 90 req / 60s
  • Mitigation timeout: 60s

All rule ownership is tagged with fakemcp:auto metadata for safe repeat upserts.

Route ownership enforcement

infra:deploy and infra:check enforce:

  • API routes -> fakemcp-mcp
  • fakemcp.com/* fallback -> fakemcp-web

Notes

  • App-level token-bucket limits remain enabled in @fakemcp/mcp.
  • No staging profile is defined in this launch track.

Related Guides

View all