a month ago
I recently deployed my FastAPI Backend, and when checking the logs, I see this:
What’s interesting is that each request contains identical JWT tokens. It seems that whatever is hitting the API is doing so directly, since in the case of an invalid token, the frontend redirects to the login page and does not retry. I would appreciate some help in determining what could be causing this problem (Railway or some external user) and what I can do to check.
example logs if useful:
Pinned Solution
a month ago
Make sure you have enabled Cloudflare Proxy in your DNS configs, as well as security rules that fight bots, such as "Bot fight mode," "Browser integrity check," etc.
6 Replies
Status changed to Open Railway • 28 days ago
a month ago
If you have a custom domain, I'd recommend using Cloudflare's DNS, as they have the ability to block bots.
Railway only provides DDoS protection.
0x5b62656e5d
If you have a custom domain, I'd recommend using Cloudflare's DNS, as they have the ability to block bots. Railway only provides DDoS protection.
a month ago
Is this possible using Railways custom domains? Or would I have to use some other provider?
adriang0954
Is this possible using Railways custom domains? Or would I have to use some other provider?
a month ago
If you purchase a domain from Railway, no, since they currently do not have the ability to allow users to switch nameservers.
0x5b62656e5d
If you purchase a domain from Railway, no, since they currently do not have the ability to allow users to switch nameservers.
a month ago
I ended up getting a custom domain and connected that to cloud flares DNS, and while this seemed to help for a while, the spam requests have returned.
adriang0954
I ended up getting a custom domain and connected that to cloud flares DNS, and while this seemed to help for a while, the spam requests have returned.
a month ago
Make sure you have enabled Cloudflare Proxy in your DNS configs, as well as security rules that fight bots, such as "Bot fight mode," "Browser integrity check," etc.
0x5b62656e5d
Make sure you have enabled Cloudflare Proxy in your DNS configs, as well as security rules that fight bots, such as "Bot fight mode," "Browser integrity check," etc.
a month ago
I ended up fixing the issue by taking your advice and defining some rate limiting rules. Thank you for the help!
Status changed to Solved 0x5b62656e5d • 27 days ago