Can do so as middleware in the server directly, but might be useful to instead consider it as a broader set of guards against malicious users off this non-profit initiative and do so at a higher layer in the infrastructure. Our provider of choice seems to have a set of tools available for it. To be considered later.
This would be a global limit. However I do think it might make sense to add a rate limiter for all requests which insert data into the DB (e.g. submit posts, make comments, modify configs) as this doesn't only put load on the system but could also cause spam if abused. E.g. does it really make sense to allow 10 comments per second for a user? :) How much comments/submissions does a user really require?
Can do so as middleware in the server directly, but might be useful to instead consider it as a broader set of guards against malicious users off this non-profit initiative and do so at a higher layer in the infrastructure. Our provider of choice seems to have a set of tools available for it. To be considered later.
This would be a global limit. However I do think it might make sense to add a rate limiter for all requests which insert data into the DB (e.g. submit posts, make comments, modify configs) as this doesn't only put load on the system but could also cause spam if abused. E.g. does it really make sense to allow 10 comments per second for a user? :) How much comments/submissions does a user really require?