🛡️ How I Leveled-Up API Security with Cloudflare Worker: A Game-Changer for PH launches!

1yr ago

10 replies

While setting up Cloudflare's turnstile for my soon-to-launch CompanyGPT, I stumbled upon a golden nugget: Cloudflare Worker as an API guardian! Instead of directly exposing my API, I route requests through the worker. This not only keeps my CompanyGPT's API under wraps but fortifies it against potential threats. For all my fellow makers, especially those eyeing a Producthunt launch, this is a game-changer. Level up your API security! 👉Stay tuned for CompanyGPT: https://www.producthunt.com/products/companygpt

Replies

Nerijus @nerijuso

OpenQR - QR Generator

Cloudflare Workers are great, but I am afraid of the bill which can be if somebody will try to run automated scripts to get data from your API or even DDoS your API. Do you have ideas on how this unexpected situation can be handled?

Aug 17, 2023

Manmohit Grewal @manmohit

CompanyGPT

@nerijuso Correct, billing is an issue. However, you can use rate limiting by setting limits on how frequently an IP can call your worker. Also, you can restrict access based on certain criteria like IP reputation.

Aug 17, 2023

Nerijus @nerijuso

OpenQR - QR Generator

@manmohit I assume need to be careful with IP restrictions, because if an IP is shared and used by a big audience, the limits can be easily reached. I agree with you, the Cloudflare is great and helps a lot (pages, workers, r2). I use myself the Cloudflare

Aug 17, 2023

Manmohit Grewal @manmohit

CompanyGPT

@nerijuso just curious, how was your experience with Cloudflare's documentation?

Aug 17, 2023

Nerijus @nerijuso

OpenQR - QR Generator

@manmohit I only use a few services :) I had a couple of ambiguities when started reading the documentation, but some searching on the support forum helped me understand the gist.

Aug 17, 2023

Manmohit Grewal @manmohit

CompanyGPT

@nerijuso I completely understand your point, one should be careful when using Cloudflare.

Aug 17, 2023