RE: Protection with WAF

Very useful answers. Thank you!

@jbenguira Oh, thank you. I'm already using CloudFlare to serve my frontend and protect it from DDoS while using AppDrag's Cloud Backend for my API. Does that mean my API already has proper protection against abuse without being connected to CloudFlare's WAF? Any documentation on the subject?

Hello,
It's mentioned here:
https://appdrag.com/docs/AppDrag_White_Paper_v1.3.pdf

"AppDrag leverages AWS’s security infrastructure ​ (CloudFront,
LoadBalancer, WAF, DDOS protection, VPN, IAM, security groups,
replication on multiples regions, versioning and Cloudwatch alerts) "

Does that mean that Cloud Backend comes bundled with WAF protection? As in, if someone spams my API endpoints, do I have protection against that? If not, is it possible for me to leverage WAF to protect my API against common attacks?

@jbenguira Thank you very much! I'll do that then.

Hello,
First of all, great product! It's definitely what I needed for my project.

I've seen mentions of protection against DoS and DDoS attacks through your product, but I'm not sure if that's built in? I use Firebase for some features currently and it'd be a big issue for my billing if someone launched a DoS attack and flooded my cloud functions there (some of which I call through your backend for security).

Any resources on the topic or the steps I should take? Is it implemented in the platform at a low level?

Trying to know what happens if someone tried to flood my Cloud Backend API requests without testing it for myself.