prime
1
See this video:
I consoled log every method with the name of method and parameter when they being called.
2 methods (AVCount and Hilo) constantly being called
Hilo royal-crown-hotels-siem-reap-books.html
AVCount royal-crown-hotels-siem-reap-books.html profile
royal-crown-hotels-siem-reap-books.html is a parameter that I don’t have even one in my code. So I’m 100% sure this is from bad guy
Any idea how to prevent this?
Thank you
prime
2
Changing method name work. But I guess this is temporary solution. Meteor should have an elegant solution to prevent this condition.
This is method call that being abused. What if that bad guy choose to abuse an expensive one like pub/sub?
Have you looked into Meteor’s Method rate limiting feature?
Maybe this also can help you out?
prime
5
Thank @hwillson @tcastelli, I’ll try them out