0

We are currently evaluating if its ideal to add NGINX web server layer in front of firebase functions for the following reasons

  1. Handle DDoS attacks
  2. Rate Limiting
  3. OAuth token validation

We see firebase functions are very open for any kind of abuse attacks.

Does this kind of architecture adds any extra problems?

Ayyappa
  • 1,876
  • 1
  • 21
  • 41

1 Answers1

0

There are other ways you can handle DDos, Rate limiting and OAuth token validation, I would suggest you take a look at this other question were there is an explanation on your options to secure Firebase Functions.

Another resource you might want to check is the Firebase documentation, especifically here whare they suggest to use Express.js middleware to deal with DDoS and securing your functions.

Finally, you can use NGINX as a sort of reverse proxy if you are more familiar with this, the only extra problems would really be that you would add an extra layer that you would need to manage instead.

Hope you find this useful!

rsalinas
  • 1,507
  • 8
  • 9
  • "you can integrate popular Node.js middleware offerings to build additional security layers, like access management by IP or protection from denial-of-service (DDoS) attacks." - I saw this but wondering how we can do without the use of firestore as it gets way too costly. Please suggest. – Ayyappa Dec 17 '19 at 10:32
  • you can use express as in [this](https://codeburst.io/express-js-on-cloud-functions-for-firebase-f76b5506179) example, however, you would need to look for a node package that fills your necessities. – rsalinas Dec 23 '19 at 10:55
  • Hey can you please checkout this question https://stackoverflow.com/questions/68369180/flutter-firebase-services-protection-from-ddos – Noobdeveloper Jul 13 '21 at 21:02