I guess you could simply rate-limit your login/signup if your not worried about ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

Xeoncross on Nov 4, 2017 | parent | context | favorite | on: Show HN: Server.js – A modern Express alternative

I guess you could simply rate-limit your login/signup if your not worried about a DoS and just want to keep people from brute-forcing a password.

On the other hand, it's not simply "a performance optimization" as there is no way for node to handle a DDoS without crazy amounts of hardware relative to what iptables|nginx can handle.

always_good on Nov 4, 2017 [–]

You're the one talking about DoS.

Notice how "rate-limiting" is a much more generic concept.

For example, Hacker News rate-limits the amount of posts you can make in a window of time. That's not because they think you're trying to DoS them.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact