Implement brute force protection #49
Assignees
Labels
feature
Brand new features to Sapling
low priority
Issues which should only be considered after everything else is done
Milestone
Comments
groenroos
added
feature
groenroos
added a commit
that referenced
this issue
Sep 2, 2020
|
Seems like the brute package listed above is a bit outdated/abandoned. However, it seems like it and all alternative packages require persistent storage (as would make sense), so it'll be a challenge to make sure the rate limiter works together with whatever db driver is applied. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use a package like express-brute to introduce a rate limiter and protect from DDoS. The legacy code had a homebrew rate limiter, but this was removed as a temporary scope reduction - in any case, this sort of thing is best deferred to dependencies that can handle it better and more robustly.
The text was updated successfully, but these errors were encountered: