DEV Community

Discussion on: My App was Under Attack!

Collapse
rubenwap profile image
Ruben Sanchez

So if I understand, this is not a case of your app having some kind of vulnerability, but the attack was to bomb it with legitimate requests? I am curious to know what the attacker's rows looked like, were they garbage data?

Collapse
harlessmark profile image
Mark Harless Author • Edited on

Yep, they were just random alphanumeric characters that passed my POST validations.

screenshot of tables

Collapse
binotaliu profile image
ビノタ

Using user input as actual filenames is still a terrible idea. Consider to use an internal key or hashed string as filenames.