application level protection, AUTH, and my hosting provider.
the major threat to relays is an L7 attack which CF cannot effectively mitigate on WebSockets.
Login to reply
Replies (2)
interesting.
my experience is different there actually.
Yeah but even worse than generic L7 (usually being http). The mitigation *has* to be deferred to the application server (or custom mitm proxies). The old school forms of http-level protections are mostly useless.