npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@rankshield/emdash-security

v1.1.0

Published

RankShield — AI-powered behavioral threat defense for EmDash. The first and only security plugin built on hardware fingerprinting, not IP blocking.

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

rankshieldrankshield

Keywords

emdashemdash-pluginsecuritybot-detectionctr-manipulationblack-hat-seobehavioral-fingerprintingrankshield

Readme

RankShield for EmDash

The first and only security plugin built for EmDash CMS.

Protect your site from black-hat SEO attacks, bot traffic, NavBoost manipulation, and CTR fraud using behavioral fingerprinting — not IP blocking.

EmDash Compatible License: MIT Powered by RankShield

Why RankShield?

Every other security plugin blocks IPs. IP blocking is broken.

Modern bots rotate through residential proxies and VPNs. Block one IP, the attacker has 50,000 more. RankShield fingerprints the attacker, not the IP.

We extract a hardware-level identity that persists across every IP rotation:

  • GPU Canvas Hash — Unique per graphics processor. Cannot be spoofed without physical hardware replacement.
  • WebGL Renderer Signature — GPU vendor + renderer parameters. Stable across every proxy change.
  • Audio Context Fingerprint — CPU audio processing characteristics. Hardware-specific.
  • Mouse Physics Analysis — Bots move differently than humans. Velocity curves, jitter, and Fitts's Law patterns identify automated tools in milliseconds.

Once fingerprinted, an attacker cannot escape by:

  • Rotating to a new IP ✗
  • Using a VPN or Tor ✗
  • Clearing cookies or cache ✗
  • Switching headless browser instances ✗
  • Using residential proxy networks ✗

Installation

1. Get your API key

Sign up at rankshield.seoeliteagency.com and get your free API key.

2. Install the plugin

npm install @rankshield/emdash-security

3. Add to your EmDash config

// astro.config.mjs
import { defineConfig } from "astro/config";
import emdash from "emdash/astro";
import { d1 } from "emdash/db";
import { rankShield } from "@rankshield/emdash-security";

export default defineConfig({
  integrations: [
    emdash({
      database: d1(),
      plugins: [
        rankShield({
          apiKey: import.meta.env.RANKSHIELD_API_KEY,
          mode: "protect",
          showBadge: true,
        }),
      ],
    }),
  ],
});

4. Set your environment variable

RANKSHIELD_API_KEY=your_api_key_here

5. Deploy

npm run deploy

That's it. RankShield starts protecting your site immediately.

Configuration

rankShield({
  apiKey:         "your_api_key",       // Required
  mode:           "protect",            // "monitor" | "protect" | "paranoid"
  blockThreshold: 75,                   // 0–100, lower = more aggressive
  showBadge:      true,                 // Show security badge on site
  alertWebhook:   "https://hooks.slack.com/...", // Optional
})

| Mode | Behavior | |---|---| | monitor | Log threats only — never block | | protect | Block confirmed threats (recommended) | | paranoid | Block all suspicious signals immediately |

Sandboxed Deployment (Cloudflare)

emdash({
  database:  d1(),
  sandboxed: [
    rankShield({ apiKey: import.meta.env.RANKSHIELD_API_KEY }),
  ],
})

In sandboxed mode the plugin runs in a completely isolated V8 isolate with zero access to your database, content, or other plugins. It can only reach sea-shield-production.up.railway.app — nothing else.

Admin Dashboard

Find RankShield in your EmDash admin sidebar under Security.

  • Overview — live threat status, blocked counts, 30-day trend chart, recent attack feed
  • Threat Intelligence — full attacker profile database with confidence scores and attack type breakdown
  • Settings — switch protection mode, adjust threshold, configure webhooks — no redeploy needed

How It Works

Visitor Request
      │
      ▼
[RankShield Sandbox — Cloudflare Worker Isolate]
      │
      ├── Check IP against threat database (<50ms)
      │   ├── Known attacker  → BLOCK immediately
      │   └── Unknown         → ALLOW and continue
      │
      ▼
[Page Loads — Fingerprint Script Activates]
      │
      ├── GPU canvas hash    (2ms)
      ├── WebGL renderer     (1ms)
      ├── Audio context      (100ms async)
      ├── Mouse physics      (2.5s window)
      └── POST to /fingerprint endpoint
                │
                ▼
      [RankShield API — Behavioral Analysis]
                │
                ├── score < 50   → ALLOW
                ├── score 50–75  → LOG
                └── score > 75   → BLOCK + evidence record

Capabilities

| Capability | Why needed | |---|---| | network:fetch | Call the RankShield API at sea-shield-production.up.railway.app |

Not requested: read:content, write:content, read:media, read:users, email:send

The plugin never touches your content, database, media, or user records.

Pricing

| Plan | Sites | Attacks/mo | Price | |---|---|---|---| | Free | 1 | 10,000 | $0 | | Starter | 3 | 100,000 | $97/mo | | Agency | 25 | Unlimited | $297/mo | | Enterprise | Unlimited | Unlimited | $497/mo |

Start for free at rankshield.seoeliteagency.com →

Patent Notice

The cross-channel persistent attacker identity system described in this plugin is covered by pending patent applications filed by SEO Elite Agency (April 5, 2026):

  • Patent App RS-001-PROV — Cross-Channel Persistent Attacker Identity via Hardware Behavioral Fingerprinting
  • Patent App RS-002-PROV — Behavioral Fingerprint Persistence Across IP Rotation and VPN Masking
  • Patent App RS-007-PROV — Sandboxed CMS Plugin Architecture for Real-Time Black Hat Defense

Commercial use of this software is permitted under the MIT license. Independent implementation of the described methods for commercial purposes may require a license. Contact [email protected].

Contributing

Issues and pull requests welcome.

For security disclosures, email [email protected].

License

MIT © SEO Elite Agency

RankShield is the first security plugin for EmDash CMS. Built by SEO Elite Agency — the team behind the RankShield behavioral threat defense platform.