We received a lot of requests on an Ajax call. It was likely a DDOS, indeed it saturated our infrastructure for more than 1 hour. We implemented the throttling on the API called by this Ajax call but we'd like to block the users doing this action.
Can the implementation of CSFR tokens limiting these requests? As far as I know, it could work but I know this is not the "best" solution to do that or the solution at all.
Do you have some advice? It's a normal website with some ajax calls in the backend.
Thanks
Aucun commentaire:
Enregistrer un commentaire