Skip to content

Lockdown Mode

New

Lockdown mode forces the scrape endpoint to read from Firecrawl's existing cache only — it never makes an outbound request to the target URL. Designed for compliance-constrained and regulated environments where the request itself (URL, headers, body) could leak sensitive information over the network.

Overview

How It Works

When lockdown: true is set on a /v2/scrape request:

  • No outbound traffic — Firecrawl never connects to the target URL. All outbound paths (HTTP engines, robots.txt, search-index writes) are blocked.
  • Cache-only reads — served from Firecrawl's index if a matching entry exists. Default maxAge is bumped to 2 years so previously-scraped pages qualify regardless of age.
  • Cache miss = error — returns SCRAPE_LOCKDOWN_CACHE_MISS. The URL is never logged on miss.
  • Zero data retention — no URL is persisted, no response blob is written to long-term storage. ZDR is automatic and does not incur the standard ZDR surcharge.

When to Use

Use ThisSkip This
Regulated industries (healthcare, finance, legal) where outbound requests need audit/approvalContent never previously scraped — returns error
Air-gapped environments where the URL itself is sensitiveReal-time or time-sensitive data requirements
Replaying already-indexed pages without re-hitting origins

Usage

python
from firecrawl import Firecrawl

firecrawl = Firecrawl(api_key="fc-YOUR-API-KEY")

# Serve only cached results. No outbound request is ever made.
result = firecrawl.scrape(
    'https://firecrawl.dev',
    formats=['markdown'],
    lockdown=True,
)
print(result.markdown)
javascript
import Firecrawl from '@mendable/firecrawl-js';

const firecrawl = new Firecrawl({ apiKey: 'fc-YOUR-API-KEY' });

const result = await firecrawl.scrape('https://firecrawl.dev', {
  formats: ['markdown'],
  lockdown: true,
});
console.log(result.markdown);
bash
# cURL
curl -X POST 'https://api.firecrawl.dev/v2/scrape' \
  -H 'Authorization: Bearer fc-YOUR-API-KEY' \
  -H 'Content-Type: application/json' \
  -d '{"url": "https://firecrawl.dev", "formats": ["markdown"], "lockdown": true}'

# CLI
firecrawl scrape https://firecrawl.dev --lockdown

Cache Miss Response

json
{
  "success": false,
  "code": "SCRAPE_LOCKDOWN_CACHE_MISS",
  "error": "No cached data is available for this request in lockdown mode. Lockdown mode only serves previously cached responses and never makes outbound requests. To resolve this, either disable lockdown mode to allow a fresh scrape, or try again after the URL has been scraped and cached."
}

To seed the cache: perform a normal (non-lockdown) scrape first, then enable lockdown for subsequent requests.

Cache Hit Matching

For a cache hit, the following parameters must match the cached entry:

ParameterMust Match
urlYes
mobileYes
locationYes
waitForYes
blockAdsYes
screenshot (enabled + full-page flag)Yes
Enhanced proxy modeYes

Verify via metadata.cacheState in the response — "hit" confirms a served cached result.

Billing

OutcomeCredits
Cache hit5 credits
Cache miss (SCRAPE_LOCKDOWN_CACHE_MISS)1 credit

ZDR included free

Zero Data Retention does not incur an additional charge on lockdown requests — ZDR cost is waived because lockdown mode is already ZDR by default.

Availability

Lockdown mode is supported via lockdown: true on the /v2/scrape endpoint across all surfaces:

SurfaceHow to Enable
Python SDKfirecrawl.scrape(url, lockdown=True)
Node.js SDKfirecrawl.scrape(url, { lockdown: true })
Go, Rust, Java, .NET, Ruby, PHP, Elixir SDKslockdown: true on scrape options
CLIfirecrawl scrape <url> --lockdown
MCP Server"lockdown": true in firecrawl_scrape tool arguments

Endpoint scope

Not available on crawl, map, extract, or search — only /v2/scrape.


Next: Proxies →