How to prevent ddos burning through function calls
right now rate limiter package counts rate limited calls as a function call. how do we prevent malicious actors or bad deployments from flooding function calls and accruing big bill?
4 Replies
Thanks for posting in <#1088161997662724167>.
Reminder: If you have a Convex Pro account, use the Convex Dashboard to file support tickets.
- Provide context: What are you trying to achieve, what is the end-user interaction, what are you seeing? (full error message, command output, etc.)
- Use search.convex.dev to search Docs, Stack, and Discord all at once.
- Additionally, you can post your questions in the Convex Community's <#1228095053885476985> channel to receive a response from AI.
- Avoid tagging staff unless specifically instructed.
Thank you!
Not super recent but still accurate: https://discord.com/channels/1019350475847499849/1209806276385706046/1210278148831182859
@erquhart what if we ddos ourselves with bad deployment haha. Overall i dont think a rate limiter should incur function calls generally. probably gonna putting an external rate limiter to get around this.
Rate limiters are stateful, that state has to go somewhere and has to be accessed, and Convex uses it's own primitives for this. But yeah if you prefer an external approach, go for it 👍