DoS attack
Someone found a vulnerability that leads to a DoS attack on my api, but I suspect it's Railway related. Can someone contact on DM? Or is there a better place to disclose this?
17 Replies
may i ask what makes you think this is railway related?
Application still runs, doesn't crash and doesn't appear to use all available resources, but requests fail with CORS error, while the malicious requests are running
what status code though?
works fine when we dont run the reqs
may you tell me the status code please
the connection times out
so no status code
seems like your app has soft locked with all this traffic
at this time, im not seeing any issues with railway itself
mb
503
app still running tho
that was what i thought, seems like a softlock
what kind of app is this
it's a rest api
do you have cloudflare in front?
no, do you think it would solve this?
thats what cloudflare's main selling point is
If you’re concerned this is a platform issue please provide as much info as possible to security@railway.app for triage