Description
Protect the Axum server from DDoS, brute force, and abuse:
- Implement rate limiting middleware (e.g. using
tower-limit or Redis rate limiter).
- Setup CORS parameters strictly.
- Set secure HTTP headers (HSTS, CSP, X-Frame-Options) via
tower-http.
Acceptance Criteria
- Limit requests per IP address.
- Reject requests exceeding limits with 429 Too Many Requests.
- Tests to check that rate limits trigger under heavy mock traffic.
Description
Protect the Axum server from DDoS, brute force, and abuse:
tower-limitor Redis rate limiter).tower-http.Acceptance Criteria