Nostr Web Client

Replying to

bumi

what do you use to deal with DDoS and similar?

semisol 1mo ago 💬 2

application level protection, AUTH, and my hosting provider.

the major threat to relays is an L7 attack which CF cannot effectively mitigate on WebSockets.

Reply to this note

Please Login to reply.

Discussion

bumi 1mo ago

interesting.

my experience is different there actually.

ChipTuner 1mo ago

Yeah but even worse than generic L7 (usually being http). The mitigation *has* to be deferred to the application server (or custom mitm proxies). The old school forms of http-level protections are mostly useless.