Skip to content
This repository has been archived by the owner on Nov 16, 2020. It is now read-only.

Rate limiting #4

Open
kreativmonkey opened this issue Apr 19, 2020 · 1 comment
Open

Rate limiting #4

kreativmonkey opened this issue Apr 19, 2020 · 1 comment
Labels
devops Developer operations: CI, deployment etc. security Potential security issue

Comments

@kreativmonkey
Copy link
Member

Currently, there's no validation and no rate limiting on the server.

@haveyaseen haveyaseen added the security Potential security issue label Apr 19, 2020
@Addono
Copy link
Contributor

Addono commented Apr 20, 2020

I would recommend that the application is not aware of this, leaving this logic to another proxy.

For example, if you're deploying the application onto Kubernetes, then you can set rate limiting at the Ingress level:
https://medium.com/titansoft-engineering/rate-limiting-for-your-kubernetes-applications-with-nginx-ingress-2e32721f7f57

Like this, you do not introduce additional state in your backend logic (making it easier to horizontally scale) and prevent strict coupling between your application and the rate limiting implementation.

@Addono Addono mentioned this issue Apr 20, 2020
4 tasks
@haveyaseen haveyaseen added the devops Developer operations: CI, deployment etc. label Apr 22, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
devops Developer operations: CI, deployment etc. security Potential security issue
Projects
None yet
Development

No branches or pull requests

3 participants