Anonymous
a year ago
implement a security system to protect against common owasp attacks against each of the servers that we have exposed on the network, where you can have a firewall with a set of rules, black and white lists, etc.
7 Replies
☝️ Bump +1
Although, I think an easy win solution would be allowing us to lock to Cloudflare's IP addresses, which will allow us to proxy from Cloudflare, then use their WAF, DDoS, Rate Limiting, etc
Simple to implement from your guys end, no need to build out complex UIs, or networking infrastructure.
9 months ago
Bump!
I think Railway need to implement their own WAF & DDOS Protection, in my case, Cloudflare DDOS protection need some times to active, at that interval, the incoming attack will get through the origin server, and if Railway didn't have the internal protection to such attacks, the attacks then will be charged to our own account, and it seems not fair for the user to pay any amount for unexpected/unwanted request.
I agree with the Cloudflare IP lock solution for at least for now, but in the future I hope that Railway has it's own protection like Vercel/OVH did
3 months ago
Bump x2
We just got attacked and I would love a Railway Native WAF! In the meantime I will have to look at Cloudflare WAF, does that work with Railway or not
?
25 days ago
Same here. Railway should provide a standard WAF component. Cybercrime is all too common.
a day ago
Bump +1.
I just put service up and started getting flooding with spam requests
thethrivingvillage
Bump +1. I just put service up and started getting flooding with spam requests
20 hours ago
say wallah im not tryna pay money for ppl spamming requests ; - ;
I think this is something we wanna keep our eye on. We tend to be pretty tight lipped about our ability to mitigate DDoS attacks, as it’s not a true WAF, but it’s something to be mindful of.