Run the 60-second proof

This checks your NGINX/ModSecurity canary from inside the stack.

Current status
Checking…
Target: /api/proof

Steps

  1. Visit the canary: http://<YOUR_VM_PUBLIC_IP>:8081/.well-known/kev-canary → expect 200.
  2. Apply today’s KEV Shield rules.
  3. Visit again → expect 403 (blocked).