How to protect your Vercel site from attackers
HTML-код
- Опубликовано: 19 июн 2024
- Learn how you can quickly lock down traffic and further protect against DDoS attacks by challenging requests, minimizing the chance that malicious bots get through, with Vercel's Attack Challenge Mode.
0:00 - Introduction
0:17 - Attack Challenge Mode
0:49 - Demo
1:47 - Rate Limiting
2:05 - Spend Management
2:35 - Conclusion
◆ Learn more: vercel.com/changelog/prevent-...
◆ Firewall: vercel.com/docs/security/verc...
◆ Rate Limiting: vercel.com/guides/rate-limiti...
#vercel 
Наука
Vercel's answer to $104,000 Netlify bill on serveless horrors
To be able to set a budget and pause production deployments is very helpful for me. And I think others will like it too! :D
This is great to see, youre always listening to your costumers and iterating
thats awesome! really cool to see this come up so soon after that other vid where you mentioned vercel was cooking up something for this
As always amazing content! Thanks Lee!
This is why I love you guys. Making WebDev so simple
Would be nice to add a toggle so that you can either let it turn on automatically (and off when spike usage dies down) and notify admin OR notify admin on usage spike and ask if mode should be enabled.
Vercel automatically serves challenges (same screen) when it can detect malicious traffic. Attack Challenge Mode is when you want to manually flip it on. For notifying admin, are you thinking an email to the Team owner?
really great work guys, always believed you would find a way to help with these horror stories on twitter.
Great feature!
If the rate limiting is in the middleware, Vercel charges per-middleware invocation so you'd still incur a potential large bill if the rate limit is triggered a lot?
Nice
omg, love it
love it
It would be very interesting to have an option to automatically turn on this mode when the number of requests are over a certain limit or sth like that, maybe when the number of requests is greater than 3 times the avg for example, you get the drill
Will attack challenge mode block crawlers like googlebot? can it effect page rankings?
Great to have this! Quick question: Is there any way to turn it on without breaking uptime monitoring? Somehow?
Does attack challenge mode also protect api routes?
Yeah!
can vercel send notification when there's a vulnerability checked found?
midudev?
Just add a button restric bill thats it , is it to much to ask
What are the advantages of Attack Challenge Mode compared to Cloudflare "I'm under attack" mode?
@midudev sacaron este video gracias a ti ajajaja
Can we have proper CSP documentation? Nothing is working out of the box (fresh install + documentation followed)
Support Palestine
Using Vercel in 2024 in the era of cheap VPS is simply dumb.
explain