Look into DDOS Protection and / or rate limiting

[nutrina]

Next worst case scenario: we are being DDOSed during the next Grants Round.

We should prepare for this, by looking and setting up appropriate tools. Some options:

1. HAProxy -> we used that in the past, but I would not go that route (unless it comes as a service) difficult to set up and maintain
2. AWS Shield
3. Cloudfront

We should look into the pricing and features, and decide on what we want to go with.

[kammerdiener]

Just to capture some initial conversation

Front End is currently on Amplify and will be getting moved to Fleek Back End is the only concern.

[kammerdiener]

1 - HAProxy is a good option and something that we do have some experience with. I think that it is effective and provides the most amount of customization. 2 - This is an interesting one. This one could be useful, but it will require things to be an Application Load Balancer. 3 - This won't work for the API since it is only for serving static assets

Another option is switching to Cloudflare if we want to move some DNS records around.

Overall for the short term I would lean towards HAProxy or AWS Shield. I think HA Proxy could be faster, but Shield could have some tighter integration.

[kammerdiener]

We went with WAF and have implemented it.