Doesn't actually rate limit? #11
-
|
This doesn't actually rate limit the request. It just prevents the action from being completed, posting a comment etc.... For example if I rate limit posting a comment it prevents the comment being posted, but it still has to make the request to the server to trigger the rate limit. Does this not leave this package irrelevant ? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
|
The whole point is that it prevents your application from being brute forced / spammed, not your server. For instance, it will stop an attacker trying to guess a password on your login form, or spamming your comments section. This was never advertised as DoS protection or anything, I would advise using Cloudflare or another service for that. |
Beta Was this translation helpful? Give feedback.
-
|
Ah ok thanks for clearing that up. 👍 |
Beta Was this translation helpful? Give feedback.
The whole point is that it prevents your application from being brute forced / spammed, not your server. For instance, it will stop an attacker trying to guess a password on your login form, or spamming your comments section.
This was never advertised as DoS protection or anything, I would advise using Cloudflare or another service for that.