You can check the project the charges are coming from from the Usage Page

I need to zero in down more because it just says networking and I know thats not correct.

Follow the above to find the project the costs are associated with ^^

Once you've identified the project, you can identify the service by checking each service in that project and looking for excessive network usage

√suisdb7364s237646iw.gemach.io

is that the right thing

I don't know what that is

on this page

hit ctrl k

I'm on a mac

Is that the name of one of your services? I'm not a team member so I'm not able to see your private projects

Gemach Inrastrucutre

All I can do is guide you through answering your question for yourself. Looks like your Gemach Infrastructure project is the one costing you a ton, go into that project and look through all the services to find the service with unusual network usage

Once you've identified the service or services that have issues, I can provide some solutions that may help

Forgot you can also view the cost by service in the usage page, that will simplify the process

Looks like some type of attack or something

Oof yeah. Given that it's directly on your backend it's very likely an attack

If you're not routing your traffic through cloudflare, you definitely should be

We are

Who do we speak to about this

Monitoring and reducing the impact of an active threat on your service is your responsibility as a user. The most the Railway team can do is waive a portion of your bill. Given that it's Sunday, the team will not be open for discussion today.

In the meantime, look into the tools available to you for protecting your services from threats. Cloudflare's DDOS mitigation is a great place to start

Is your backend on a Railway provided URL or a custom one? If it's on a Railway provided URL, it's not routed through cloudflare.

@BlackJesus - are you connecting to Redis via the private network?

Should be let me get my main dev on that project in here

The extensive network on the backend as well as the redis made me assume the answer was yes

the excessive network on the backend could be from sending and receiving Redis data via the public network

Also true

so regardless of attack or not, Redis should have no network traffic if they used the private network

Alright thank you, will switch to private network

!s