Tips to secure your nuxt Application.
Hi All,
I am currently having lots of triggers on my production build of people triggering routes that dont exist like.env and the likes, is there any way to time these people out or block them if they hit to many wrong routes?
16 Replies
Easiest solution is to use a firewall service in front of your site
such as https://aws.amazon.com/waf/
Amazon Web Services, Inc.
Web Application Firewall, Web API Protection - AWS WAF - AWS
AWS WAF helps you protect against common web exploits and bots that can affect availability, compromise security, or consume excessive resources.
What rules specifically? on cloudflare I block all countries but my own
but on the VM I can do some extra ones
Thanks for the suggestion
WAF comes with a best practices rule set
i'm sure cloudflare has something equivlaent
We are running in azure but I assume it has similar. I will have a look
Cloud-Based WAF Security | Web Application Firewall | Cloudflare
Cloudflare's WAF security service offers industry leading protection. See how our cloud-based WAF service can keep your applications secure.
ye azure would as well
Thanks for your help!
I have tried securing it with WAF
But I am getting the following
people hitting your website is part of the internet i reckon.
Yeah, I figured as much. Wasn't sure if there is a common thing I was missing to help protect it
just feel the satisfaction when they can't get through π
Configure an mTLS certificate between your App and Cloudflare endpoints within WAF. I received a lot of requests and putting this has blocked everyone who isn't authorized
Are you sure it's '/logind' and not '/login' into your backend π
???
Good idea, I will look into this
What do you mean?
This wasnt by me, my routes are login