Hacker News new | past | comments | ask | show | jobs | submit login

How did you mitigate the attack?



- Moved DNS to Cloudflare, which handled the brunt of it.

- IP and CIDR blocks

- A few trivial heuristics to catch certain behaviors they were using

- In-app query caching for read-only endpoints that serve the same data to all users

- Redis TTL caching for read-only endpoints that take view arguments. A means to manually expire on writes.

- Runtime control plane additions to dynamically block IPs/CIDRs, user accounts, and endpoints (if they find another hole to exploit, we can just block a few endpoints rather than the whole service)

- A tool to inject bad responses (we found another, probably different actor consuming and reselling our service)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: