[echelon]

I self-funded my startup to the tune of half a million dollars.

I've had what I can only assume to be a VC-funded competitor study my endpoints for high latency / expensive queries, then saturate them with millions of requests a second across thousands of simultaneous IP addresses.

Business is survival of the fittest. Pressures and growth gradients come in all shapes and sizes.

[tester457]

How did you mitigate the attack?

[echelon]

- Moved DNS to Cloudflare, which handled the brunt of it.

- IP and CIDR blocks

- A few trivial heuristics to catch certain behaviors they were using

- In-app query caching for read-only endpoints that serve the same data to all users

- Redis TTL caching for read-only endpoints that take view arguments. A means to manually expire on writes.

- Runtime control plane additions to dynamically block IPs/CIDRs, user accounts, and endpoints (if they find another hole to exploit, we can just block a few endpoints rather than the whole service)

- A tool to inject bad responses (we found another, probably different actor consuming and reselling our service)

[t0mas88]

Why would that be a VC funded competitor specifically?

[dazc]

Money to burn?