Encrypting Data from Typesense Cloud
TLDR Loic wanted to add additional encryption for data retrieved from Typesense Cloud. Jason suggested that any additional encryption must be handled by user's backend.
May 27, 2022 (19 months ago)
When I do an
exportrequest for example (called from flutter dart for phone app), there is no way that the user could read the data in clear when received and parsed as Json objects? :thinking_face:
I am wondering if there is a way for an advanced user to hack the flow and read the whole data in clear
I actually download this whole product catalog to the user device in order to refine and compute the search on the device and not on the typesense server
Or it would be great to actually have a way to encrypt data at the endpoint somehow
Indexed 3015 threads (79% resolved)
Protecting Typesense Queries from DOS Attacks
Juri sought advice on securing typesense queries. Jason suggested use of Cloudflare for DOS attack protection and explained how to create user-specific API keys for data authorization. Ricardo endorsed Cloudflare for protection.
Understanding and Implementing Typesense Dart Library with Flutter
Alexandro sought help with the Typesense Dart library. Jason explained that the library is in progress, discussed utilizing other HTTP libraries, and provided detailed instructions on utilizing Typesense with Flutter. Alexandro provided feedback on the Typesense UI and expressed interest in creating a tutorial video.
Troubleshooting Typesense Document Import Error
Christopher had trouble importing 2.1M documents into Typesense due to memory errors. Jason clarified the system requirements, explaining the correlation between RAM and dataset size, and ways to tackle the issue. They both also discussed database-like query options.
Discussing Typesense Cloud's SSDs, NVMe, and Resources Needed
A asked about Typesense's storage type and configuration possibilities. Jason shared that they use SSDs and suggested NVMe SSDs for high-availability instances. They discussed server resources needed for specific user cases and briefly touched on DDoS protection via Cloudflare.
Using Typesense Frontend and Protecting API Key
KARTHICK asked about using Typesense from frontend, Jason suggested both frontend and backend are possible but encourages frontend for performance. Marcos mentioned key exposure concerns, Kishore Nallan explained scoped API keys can provide protection.