Is there DDOS protection on Deploy?
Hi Denos 👋
I'm using Deno Deploy to host a tiny app using
oak. It shows a single button, when pressed it talks to Supabase to retrieve and present the user with a 5 digit code. It has been deployed since the beginning of July and running without any problems.
This morning I received an email, saying that I've used up half of my 100GB traffic allowance.. so I quickly logged into the Deno Deploy dashboard to see what's going on. There seem to be huge spikes of traffic throughout the week. Today alone has seen 16k requests. This does not match what I see on the Supabase end, so I am assuming malicious intent? As I said, the app itself is small and so is the data it spits out.
This brings me to my two questions:
1) Is there any protection in place on Deno Deploy to prevent Denial-of-Service attacks?
While the amount of requests seems to go up, I don't see anything in the logs about a node crashing.
2) Is there a way to see more detailed analytics on the Deploy Dashboard? Maybe on the Pro plan?
I'd like to know what is being requested and from where.
Thanks in advance,
Flo
2 Replies
Hide dude, sorry for the latest response.
Before to respond you I'm not deno team member.
Your problem is special. you shoud try to make rate-limiter in order to limit the traffic on your server.
I disagree that it's a special case. DDoS protection is included with any node.js app hosting platform by default, even on a free plan.
The app in question wasn't advertised online, it was only running on three kiosked tablets in a gallery over the course of three months. I ended up paying for Deno Deploy Pro for that time span, moved all of my assets to a CDN, so that every request could only be 16kb in total and crossed my fingers.
The only "support" I could find was this very forum and as you just posted the first response in a year. I love Deno, but Deno Deploy has lost me as a customer.