nrtnio
CDCloudflare Developers
•Created by nrtnio on 8/14/2024 in #workers-help
Protecting worker at *.workers.dev from denial of wallet attacks?
Howdy
As far as i investigated, there are two recommended ways I found for protecting the worker... one is WAF rules, i assume this works only on the worker coming through custom domain endpoint, while *.worker.dev endpoint stays unprotected
Another being rate limiter, which is kinda not solving the point of not running the worker, as ratelimit is evaluated within the worker
My understanding of above may be incomplete also.. But is there any recommended way to have "private worker" or some recommended way to not expose the worker to curious and intentionally malicious folk?
Ty
5 replies