Best practices for preventing Denial of Service Attack in Django [closed]

Closed. This question is opinion-based. It is not currently accepting answers.

---

Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.

Closed 2 years ago.

Improve this question

What are the best practices in Django to detect and prevent DoS attacks... Are there any ready to use apps or middleware available which prevents website access a开发者_StackOverflownd scan through bots?

---

You might want to read the following 3 questions over on Security Stack Exchange.

A quick description of the problem:

• How does DoS/DDoS attack work?

Possible solutions and limitations of attempting mitigation in software:

• How can a software application defend against DoS/DDoS?

And a bit of discussion around commonly used anti-DDoS techniques at the perimeter, rather than the application:

• What techniques do advanced firewalls use to protect against DoS/DDoS?

It is really difficult to do at the application level - the earlier in the path you can drop the attack, the better.

---

I'd probably aim to deal with DoS at a higher level in the stack. If you're using Apache, take a look at mod_security. Or maybe a nice set of firewall rules.

Edit: Depending on your situation, you also might want to take a look at a caching server like Varnish. It's a lot harder to DoS you, if the vast majority of hits are served by the lightning quick Varnish before they even reach your regular web server.

---

The solution is simple, limit API with throttling and auth

The default throttling policy may be set globally, using the DEFAULT_THROTTLE_CLASSES and DEFAULT_THROTTLE_RATES settings.

The quote is from https://www.django-rest-framework.org/api-guide/throttling/#setting-the-throttling-policy