Auth rate limits not working on a VPS Deployment (Coolify/Dokploy)
I am facing an issue where auth rate limits work perfectly in both dev and prod builds, but once deployed on a VPS using Coolify/Dokploy, they stop functioning.
Users can bypass the rate limits entirely. I would appreciate any help on what might be causing this. @bekacru
8 Replies
I can't tell without more context but most likely it's due to storage. If you need a proper rate limiting I suggest providing a secondary storage instead of relying on memory.
I was now going to add secondary storage. Is there a way to somehow log the rate limits yet?
you can provide custom storage directly in the rateLimit config. Which you can use to log what is being stored.
thanks so much!
@bekacru the rate limit doesnt work on the server even after I use database as storage.
On Serverless its fine. But on a VPS it adds the APP_URL as https://localhost:3000 after the IP in key for some reason. and it doesnt ratelimit and the count can just keep increasing. I have shared the screenshot above for reference.
will be fixed on the next release. the issue is interally on vps
req.url is set to localhostThanks for all the hardwork!