gamemann
commented
1 month ago I believe it'd be better to use CloudFlare or NGINX for rate-limiting since implementing rate limiting into the code itself will require utilizing something like Redis to store connection info such as requests per second, etc. which will result in more load on the server.
With that said, I'd prefer rate-limiting with CloudFlare since that'd be on the edge of the network.
Before initial release, I want to implement rate limiting for tRPC endpoints so attackers cannot use (D)DoS attacks resulting in the web server being overloaded.