

Introducing Sikka: A Firewall for Meteor Apps - arunoda
https://meteorhacks.com/introducing-sikka-a-firewall-for-meteor-apps.html

======
pmalynin
I don't know how to feel about this. Any production app should already use a
reverse-proxy (e.g. NGinx or Varnish), and blocking and similar logic can
already be done there. I think that the problem does not warrant its own
solution at this level.

~~~
arunoda
This attack can't solves with Reverse proxies or similar. For proxies, this is
just a simple WebSocket message.

So, it's hard (or can't) detect in the proxy layer or with something like
Cloudflare. That's why we need a something like Sikka, which understand DDP,
the protocol behind Meteor.

Anyway, only we detect bad IPs. It's a good idea to ban them from the network
layer.

------
sgdesign
Very cool! Thanks for yet another great contribution to the Meteor open-source
ecosystem.

