Attacking by DDoS in my express/api application
We're experience a high amount of request and our application is down. We're trying a bunch of middlewares, but, nothing is working right now.
11 Replies
Project ID:
45918766-340c-4a98-9d7a-5a8871ce694a45918766-340c-4a98-9d7a-5a8871ce694a
Do you still have Under Attack Mode on in Cloudflare? That would explain why your app is down.
Hello, yeah but, how can we mitigate this Attack without using the attack mode?
Is the high amount of requests targeted or are they just bots? How is the attack negatively affecting your service?
yeah, is targeted request, yesterday i was consoling all the logs and like a thoused of thousend of request was entering in a second in the service, and then, the service was unavailable because was saturated
we're right now testing a lot of things with cloudflare
That would be the way to go. Railway does not provide any native protection
Cloudflare should be more than enough
right now we put this two rules, we're monitoring:
Are both your frontend and backend hosted on Railway? If they are, they can communicate with each other using private networking so your backend doesn't have to be exposed to the internet
oh.. i see, our front is hosted in Vercel
but, dunno if u can recommend us some rules/config we can put in cloudflare with our current setup
that's not always true, it would only be true for ssr apps, apps that are csr would need to use the public network