|
|
|
|
|
|
by wmf
1247 days ago
|
|
|
I think the best practice is to rate limit by /24 in IPv4 and by /48 in IPv6. That way all the attacker's IPs are treated as a single user. These have corner cases like if the attack is coming from inside the house but they're decent defaults. |
|
|