We are facing a bot attack on our NodeJs Webservice. There is a specific IP address that keeps making a request and Cloud Instance usage keeps increasing. Please help/suggest a solution.
We are using CloudFlare CDN, which takes care of root domain bot attacks. But Custom domain requests are reaching the render instance directly. That’s why we are facing an issue.
Is there any bot detection service or IP block feature is there in Render.com?
We’ll address your specific case in your open support ticket.
In general, services hosted on Render have some automatic protections against various attacks. Typically, if you need extremely fine-grained control, the best approach today would be to add a proxy you manage in front of your render service.
I’d also encourage you to take a look at https://feedback.render.com/features/p/web-application-firewall and give it an upvote if it’s something you’d be interested in. It helps to include as much context as possible about your use case, the problem you’re looking to solve, and how you’re getting around it today to help us develop the best possible solution.
We rely heavily on customer feedback as a part of our planning and product roadmap process, so capturing interest on the feature request page is very helpful.