We take denial of service attacks and other security exploits very seriously at Ably and have thus designed our systems and processes to ensure we can deal with attacks.
Whilst many of our DOS protection measures are intentionally not publicly available, we can disclose the following systems we have in place:
- We have very low TTLs on our DNS routing and can thus route real users away from data centres that are under attack
- We rate limit requests by account, app, token, key and IP address
- We have sensible limits for requests and fail quickly to ensure resources are not used unnecessarily to respond to denial of service attacks
- We have near limitless scale and can very quickly scale up our service to respond to a huge increase in traffic. Whilst there are of course limits to this, there is a lot of scope to increase capacity very quickly