Answer the question
In order to leave comments, you need to log in
Can I set up DDOS protection for frequent ajax requests?
In general, is it worth installing some kind of DDOS protection on the server if I often load data via AJAX so as not to load the client side? Let's say I have requests that a person can perform with a frequency of 0.1-0.2 seconds and the weight of the entire page in compressed form to get csrf can reach 100-200kb with all scripts and styles. Does this somehow affect DDOS protection? I'm just presenting DDOS as a spam attack with various methods, am I right? Considering that he himself wrote parsers - copying csrf is a pretty quick thing.
Answer the question
In order to leave comments, you need to log in
You need to separate two things: the page itself with statics (100-200kb) and ajax requests to the API.
Static can be easily cached, but at least by the same Nginx.
Ajax requests should go to other servers that are resistant to loads. Nginx will also help here, but already as a load balancer between servers. Then you can not be afraid of the load on the API up to thousands of requests per second, or even more.
There are also third-party services, such as Cloudflare.
https://www.cloudflare.com/ddos/
For api, enter frequency limits, like here.
https://vk.com/dev/api_requests?f=3.1.%20%D0%A7%D0...
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question