Password gate
Lock the link behind a password
Set a passphrase and a max-attempt ceiling. After too many wrong guesses the link locks the visitor out completely — no server code required. Every label and the page style are fully customizable.
Free · No account required
Redirect links with real control over who gets through.
Add password gates, geolocation filters, bot challenges, and consent steps before any link forwards a visitor. Track every session in real time. No account, no cost.
FreeNo signup6 gate typesEdge-deployed
Gate types
Everything that happens before the redirect
Combine multiple gates into one redirect flow. Each step is independent, configurable, and tracked separately in the session timeline.
Geolocation filter
Allow or block by country
The browser requests GPS permission from the visitor. Coordinates determine their country against your allowlist. Denied regions see a block page with per-browser recovery instructions. A consent step can be required before the location check runs.
Bot challenge
Stop automated traffic at the gate
Cloudflare Turnstile runs a CAPTCHA-style challenge before the visitor moves forward. Real visitors barely notice it. Automated scripts consistently fail.
Consent gate
Record explicit visitor approval
A consent form stops the visitor before anything else in the pipeline runs. Their decision — approve or deny — is logged in the session record with a timestamp. Designed to be GDPR-compatible.
IP capture
Record the visitor's IP address
Add an IP capture step anywhere in the pipeline. The address is stored against the session and visible in the visitor detail view on your dashboard. Consent can be required before the address is recorded.
Device capture
Fingerprint the visitor's device
Capture browser, OS, device type, preferred language, and viewport width in a single step. All visible on your dashboard alongside the full session timeline. Consent can be required before the fingerprint is recorded.
6
Gate types available
23+
Tracked event types
15+
Translatable fields per step
0
Accounts required to start
Visitor data
Know exactly who came through
Every session generates a complete event timeline - password attempts, consent decisions, geolocation checks, bot challenge results, and the final redirect. You can see exactly what happened to each visitor and when.
- Daily visitor counts with bot vs. human breakdown
- Consent grant rates and bot challenge pass rates
- Per-visitor event timeline with precise timestamps
- IP address and full device fingerprint on captured sessions
- Interactive geolocation heatmap with up to 2,000 GPS points
- Average session duration per day
Today at a glance
147
Visitors
+12 vs yesterday
94%
Consent rate
138 granted
3.4%
Bot rate
5 challenged
0
Blocked
All limits OK
Last 7 days
MonTueWedThuFriSatToday
Recent sessions
ID · Status · Timevis_1k3mCompleted2m ago
vis_7p2nBlocked8m ago
vis_4q8rCompleted14m ago
vis_2x5jIn progress19m ago
Geolocation heatmap
Up to 2,000 GPS data points plotted on an interactive map with cluster support and accuracy indicators.
2k
points
Setup
A protected redirect, ready in under a minute
No configuration files. No infrastructure. Pick a domain, choose your gates, and your link is live on a global edge network immediately.
01
Pick a path and set your destination
Choose a domain from the list and define your redirect path. Add a name and the destination URL. The link is created and live right away.
02
Choose which gates apply
Toggle on password, geolocation, bot challenge, consent, IP capture, or device fingerprinting. Optionally set page style and text. Review the supported step sequence in the builder before you publish.
03
Share the link and watch the dashboard
Your redirect URL is ready to share. Every visit appears in the dashboard in real time with a full event timeline and session log.
Customization
Your pages -- your style
Every step in the pipeline has its own translation fields and custom CSS slot. The password form, geolocation page, consent screen, and bot challenge are all fully editable - without touching a stylesheet or deployment pipeline.
Per-step translations
15+ editable text fields per step
Titles, body text, button labels, error messages, and block screens. All overridable per step with no character limits beyond a sensible max.
Custom CSS
Style each gate page independently
Paste raw CSS into each step's style slot. You control the visual presentation.
Query forwarding
Original parameters pass through
Enable query parameter forwarding on a route and every visitor's original query string arrives intact at the destination. Campaign tracking survives the redirect.
Draft sharing
Share a configuration as link
Save a route builder draft as a shareable URL. Recipients open the builder with your full configuration pre-loaded, ready to review or publish as their own.
Philosophy
Free. Open. Private.
Route Entry exists because this kind of tool should not require a subscription. No ads, no usage-based billing, and no third-party analytics running on your visitor data.
Free, not freemium
All gate types and the full analytics dashboard are available at no cost. There are no feature-locked tiers and no upgrade prompts.
No account required
Create a redirect without an email address. Management access uses a one-time token link generated at creation - no login system, no password manager needed.
Your data, your window
Sessions delete automatically after 30 days. Routes that go quiet for 90 days are removed. No data lingers beyond what you need for active links.
Edge-deployed globally
The redirect worker runs on a global edge network, so visitors get a response from the nearest region rather than a distant server adding overhead to every hop.
FAQ
Common questions
Straight answers on setup, privacy, and how Route Entry behaves when a link starts getting real traffic.
Is Route Entry really free?
Yes. No paid plans, no feature limits, no upgrade prompts. All gate types and the analytics dashboard are available at no cost.
Do I need an account to create a redirect?
No. Paste in a destination URL, pick your gates, and your redirect URL is ready immediately. Management access uses a one-time token link - no login system, no email address required.
What is a password-protected redirect?
A URL that shows a password form before forwarding the visitor. The destination stays hidden until the correct passphrase is entered. You set a max-attempt limit; after that, the link locks out the visitor entirely.
How does the geolocation gate work?
The visitor's browser is asked for location permission. If granted, GPS coordinates determine their country. You specify which countries can proceed; visitors from anywhere else see a denial page. If they block location access, the gate shows step-by-step recovery instructions matched to their specific browser.
What is a bot challenge?
Route Entry integrates Cloudflare Turnstile - a verification widget that runs before the visitor moves to the next gate. Legitimate visitors barely notice it. Automated scripts fail consistently.
Who can see my visitor data?
Only you. Access to the management dashboard requires the token issued when the redirect was created. There are no team accounts or shared dashboards - the token is the only key. Keep the management link private to keep your data secure.
What happens to old visitor data?
Sessions are deleted automatically after 30 days. Routes that accumulate more than 10,000 sessions have the oldest records trimmed first. Routes with no activity for 90 days are removed entirely.
Have a different question? Get in touch
Browse the full FAQ →Start now
Create your first protected redirect.
Takes about 30 seconds. No account, no credit card, no plan selection - just a link with the gates you actually need.