Monthly Cloud Product Billing and Usage Concerns
TLDR gab asked about monthly billing, usage restrictions, and potential security for the Typesense Cloud product. Kishore Nallan and Jason addressed these concerns, detailing how to control usage limits, avoid potential overcharges and suggested using Cloudflare DNS CNAMEs for DDOS protection. Bruno advised to use paging.
Aug 03, 2021 (30 months ago)
how can I be charged periodically monthly for the cloud product?
Kishore Nallan06:45 AM
I would like to avoid any undesirable usage.
Kishore Nallan07:10 AM
I'm not sure we can restrict api keys to some dedicated referers, isn't it ?
I'm currently attacking directly my Typesense api from the front application. It seems now a must to proxy those call from my server if I need to apply some basics restrictions like ensuring requests comes from my application.
It seems also I have to work on
maxQueryby api keys or something like that.
Even if it highly depends on the Typesense integration and use cases it seems like basic security aspects concerning the api usage. Not sure how other are handling it.
Would you have any suggestions about those concerns?
Kishore Nallan08:51 AM
That said, one easy way to get DDOS protection currently is to setup Cloudflare DNS CNAMEs for each of the Typesense Cloud hostnames and proxy your requests via Cloudflare.
Indexed 3015 threads (79% resolved)
Protecting Typesense Queries from DOS Attacks
Juri sought advice on securing typesense queries. Jason suggested use of Cloudflare for DOS attack protection and explained how to create user-specific API keys for data authorization. Ricardo endorsed Cloudflare for protection.
DDoS Protection for Typesense Cloud using Cloudflare
Nikhil requested a feature to restrict Typesense Cloud hostname/IP access, with only Cloudflare access allowed. Jason acknowledged and stated that IP-based restriction is planned.
Validating Client Side Search Adapter Effectiveness and Tips
Keith asked Jason about enumeration attacks and IP blocking. Jason suggested using Cloudflare for IP-blocking, using limited API keys, and shared a method to proxy through Cloudflare to Typesense. Keith also shared a resource about Cloudflare workers.
Discussing Typesense Cloud's SSDs, NVMe, and Resources Needed
A asked about Typesense's storage type and configuration possibilities. Jason shared that they use SSDs and suggested NVMe SSDs for high-availability instances. They discussed server resources needed for specific user cases and briefly touched on DDoS protection via Cloudflare.
Legalities of Data Transfer for Typesense Cloud in EU
Viktor had concerns about data transfers outside of the EU when using Typesense Cloud. Jason explained that the Standard Contractual Clauses cover this use-case under GDPR or suggested purchasing an enterprise support plan or self-hosting Typesense.