Rate-limit and mitigate WebSockets DDoS attacks with Cloudflare API
Published on June 8, 2024   •   6 min read

Rate-limit and mitigate WebSockets DDoS attacks with Cloudflare API

Jarek CeborskiJarek Ceborski

In this post, we will dive into protecting your WebSocket server from attacks. I will share my learnings from mitigating attacks on Webhook.cool, a free online webhook tester that is #3 on Google with lots of traffic and is open to use for everyone without a sign-up.

WebSockets allow for real-time communication between a server and clients, improving the usability and UX of many web applications. However, they can be a vector for attacks that are not easy to spot. Imagine this: server logs look ...

Self-signed certificate for local development (OpenSSL, JavaScript)
Published on May 12, 2024   •   4 min read

Self-signed certificate for local development (OpenSSL, JavaScript)

Jarek CeborskiJarek Ceborski

When developing web apps, it's essential to mirror the production environment as closely as possible. This includes using HTTPS, which allows testing of critical features like authentication, secure cookies, service workers, PWAs, and the Geolocation API to name a few. These features are often restricted to secure contexts, thereby reducing the likelihood of encountering unexpected issues when deploying to production.

In this post, we'll explore how to create a self-signed certificate for local ...