a month ago
Hi everyone ,
recently I deployed an ecommerce app with the Django framework on railway.
the includes sending a message to the telegram account of the seller when a purchase is made and there are no monetary transactions at all.
and I'm afraid that some users can make spammy actions like multiple purchase activities in short period.
so what are the available options to prevent such activities , for example to configure railway to refuse to accept certain requests when done in consequence in short time , or any other options.
2 Replies
a month ago
Hey there! We've found the following might help you get unblocked faster:
If you find the answer from one of these, please let us know by solving the thread!
a month ago
Railway doesn't natively provide any protection against spam but you can easily build this into your app by building ratelimits into certain endpoints. I imagine there probably is a Django middleware library that can help with this. Essentially how this would normally work is if a user from a specific device and IP calls the same action too many times in a certain timeframe the endpoint becomes unavailable to the user.
I found this that might help:
Although you can also build it in-house in your app, it's not super hard to build
If you want additional layer of protection above that then you can also proxy your app behind cloudflare for DOS protection. Although ratelimiting is likely enough for what you need.
Status changed to Solved dev โข about 1 month ago