Zerz - Does BuildShip offer DDoS protection or ...
Does BuildShip offer DDoS protection or do I have to use Cloudflare or similar myself?
If there is DDoS protection, what does it look like or how are my credits affected/not affected?
@Gaurav Chadha
5 Replies
Hi @Zerz you can use Authorization header and
rate limiting
to avoid DDos attacks, so the APIs you build with BuildShip only gets triggerd from a valid request, here's a blog you can refer to - https://buildship.com/blog/secure-api-point-with-low-code.Hi Gaurav, thanks for the link to the blog article.
Securing the endpoint is one thing, that's clear to me and should always be done.
But I'm mainly concerned with the costs incurred. In your example, I still pay a coin for each call, even if I secure it with an Authorization header. Is that correct?
In the event of a major DDoS attack, this can very quickly result in large sums of money. With Cloudflare, I would pay a fraction of that.
Hi @Zerz nope. You'll only pay for node executions on a workflow run, credits will only be used when the node is executed.
Since by adding an authorization header, your request will terminate at the trigger initial step, which won't deduct any credit.
Hi @Gaurav Chadha , thanks for the explanation. That means if I use a branch node in the first step and then run into an output, it won't cost me any credit? Like in the blog post, right?
Normally I transfer my Supabase JWT in the Authorization Header, which I first verify with my JWT Secret. So I have a node execution. Can you please explain how I can solve this with BuildShip without spending a credit when the user is unauthorized? Thanks!
pass it in the REST API's authorization header, so no node execution is counted, and the api fails at trigger level.