how to prevent ddos attack on nodejs server
Shubham khapra
7 replies
I used to rate limit but that did not work for me to stop the DDoS attack anybody can help me to find another way to stop this attack?
Replies
Arthur Kay@arthurakay
If you’re hosting your Node app in AWS, put a load balancer and WAF in front of it — AWS will mitigate the vast majority of DDoS attacks for you.
Share
@arthurakay Thanks .I hosting on aws and make two different instance and put into load balancer but they not handle to DDOS attack
@shubham_khapra turn on AWS Shield: https://aws.amazon.com/shield/
You can avoid DDOS attacks in Node.js by:
- limiting the maximum number of open connections from a single IP
- imposing a minimum transfer speed
- imposing a maximum time a connection can stay open, which means setting a timeout for the connection.
And I want to add that performance must sometimes be sacrificed in order to avoid incorporating ineffective defenses.
Npm helmet used.