Closed timendez closed 10 months ago
francislavoie
commented
10 months ago Websockets are an HTTP connection first, which gets "upgraded" to a TCP pipe. Any HTTP middleware like this plugin will also apply to websockets.
You can multiplex websockets on the same port as your regular HTTP traffic by using request matchers to proxy the websockets connections to your websockets server.
mholt
commented
10 months ago To clarify, if you're trying to rate limit things that happen within an established WebSocket connection, this module can't do that: it rate limits HTTP requests. Rate limiting within a websocket will be harder because whatever communication happens within the connection is your own custom protocol (or some arbitrary protocol).
But yeah, if your application triggers HTTP requests to Caddy each time something happens from within a WS connection, you could rate limit those requests and act accordingly. That could work.
timendez
commented
10 months ago That all makes sense to me, thank you guys! ❤️
I have an application that does authentication steps over HTTP to establish a websocket, and then everything else is over the websocket.
I plan on using this rate limiter for auth, but by virtue of a websocket being a direct connection, there's no way for this to work with it, and I'd have to roll my own application-level rate limiting, correct?
Or would Caddy be able to tell if a user's origin is sending too many requests?
I can foresee an architecture with a sidecar posting websocket info back to Caddy asynchronously, but seems like a niche use case.
Let me know if I'm way off base here, thank you!