|
|
|
|
|
|
by echelon
1071 days ago
|
|
|
- Moved DNS to Cloudflare, which handled the brunt of it. - IP and CIDR blocks - A few trivial heuristics to catch certain behaviors they were using - In-app query caching for read-only endpoints that serve the same data to all users - Redis TTL caching for read-only endpoints that take view arguments. A means to manually expire on writes. - Runtime control plane additions to dynamically block IPs/CIDRs, user accounts, and endpoints (if they find another hole to exploit, we can just block a few endpoints rather than the whole service) - A tool to inject bad responses (we found another, probably different actor consuming and reselling our service) |
|
|