R
RIVET
SECURITY
Features Pricing Docs Login →
86 ATTACKS BLOCKED IN THE LAST HOUR

Your server is under
attack right now.

RIVET is a self-hosted security agent that watches SSH, Nginx and Apache, and blocks attackers in real time with nftables — before they get in. One binary. One command. No SaaS, no telemetry, your data never leaves your box.

$ curl -fsSL https://get.rivet-security.com | sh
COPY
rivet — node-7a — live
22:37:15 BLOCK SSH brute-force from 185.220.101.34 — banned 24h
22:37:15 BLOCK SQLi UNION SELECT from 45.9.148.99 — dropped
22:37:15 OK Accepted publickey for deploy from 10.0.4.2
22:37:15 BLOCK Path traversal /etc/shadow from 193.142.146.212
22:37:15 WARN 404 burst on /wp-admin from 92.118.39.0/24
22:37:15 BLOCK Geo policy — connection from CN refused
22:37:15 BLOCK XSS payload in ?q= from 159.65.211.9 — dropped
22:37:15 OK nftables ruleset reloaded — 1,284 entries
rivet ▸
// WHAT IT DOES

Every request, inspected. Every attacker, dropped.

No dashboards to babysit. RIVET runs as a Docker container, reads your logs, and acts. These are real capabilities — not buzzwords.

Real-time IP blocking
Attackers hit a threshold and nftables drops them instantly. No cron, no delay.
SSH · Nginx · Apache
Reads auth and access logs as they are written and correlates across sources.
Geo-blocking
Refuse entire countries at the firewall with a single toggle. GeoIP2 backed.
Alerts everywhere
Telegram, Slack, Discord and email — get pinged the moment something matters.
PRO
Web App Firewall
OWASP core ruleset drops SQLi, XSS, RCE, SSRF and traversal at the edge.
PRO
Security Score
CIS-benchmark hardening audit with a 0–100 score and copy-paste fixes.
PRO
Threat Intel
Cross-reference traffic against curated reputation and botnet feeds.
PRO
Attack Origins
Live global heatmap of where your attacks come from, ranked by volume.
// HOW IT WORKS

Install → Configure → Forget.

01
Install
One curl command pulls the Docker image and starts the agent. Needs Docker + a Linux host.
$ curl -fsSL https://get.rivet-security.com | sh
02
Configure
Point RIVET at your log paths and drop in your alert webhooks. Sensible defaults included.
$ nano /opt/rivet/.env
03
Forget
RIVET watches, blocks and reports 24/7. Check the dashboard when you feel like it.
$ docker compose up -d
// PRICING

One-time payment. No subscription.

Buy once, run forever, on one server. 30-day money-back guarantee. Pay securely via Lemon Squeezy.

SOLO
€49/ one-time
Everything you need to lock down one server.
SSH / Nginx / Apache monitoring
Real-time IP blocking
Country geo-blocking
Live log streaming
Security alerts
BUY SOLO →
RECOMMENDED
PRO
€99/ one-time
The full arsenal — WAF, scoring, intel, origins.
Everything in SOLO, plus:
Web Application Firewall
Security Score
Threat Intelligence
Attack Origins heatmap
Data export
BUY PRO →
R
RIVET
SECURITY
Self-hosted Linux server
security agent.
Made by ZYNTHECK · Netherlands.
CONTACT
lukas@rivet-security.com rivet-security.com
© 2026 RIVET by ZYNTHECK v1.0.0