You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I've recently been reading about how a DDOS might be Meteor's Achilles Heel. The built-in ddp-rate limiter can be of limited use by protecting from abusive clients who are already connected, but doesn't prevent other DOS means such as requesting pages or opening ddp connections in the first place.
This is better done at the web-server level, which for us using meteor-up is nginx.
Does anyone have specific experience setting up nginx for DDOS protection, specifically with Meteor?
Is this something we can set & forget via our mup.js? If not, would this make a good addition or plugin?
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I've recently been reading about how a DDOS might be Meteor's Achilles Heel. The built-in ddp-rate limiter can be of limited use by protecting from abusive clients who are already connected, but doesn't prevent other DOS means such as requesting pages or opening ddp connections in the first place.
This is better done at the web-server level, which for us using meteor-up is nginx.
Does anyone have specific experience setting up nginx for DDOS protection, specifically with Meteor?
Is this something we can set & forget via our mup.js? If not, would this make a good addition or plugin?
ping @zodern
Beta Was this translation helpful? Give feedback.
All reactions