Does Dgraph in some way offer protection against replay attacks?

tintin10q · October 29, 2021, 5:32pm

Does Dgraph in some way offer protection against replay attacks? Is this a valid question to ask?

MichelDiz · October 29, 2021, 6:03pm

Do you mean the cloud? I never heard this feature in Dgraph Cloud.

In general, you should build your own strategy to protect your Server/Services and applications. In the case of Replay Attacks, a simple timestamp and rejection for a second attempt should be fine. and in addition you can add OTP request on every new attempt. There are several ways. But a timestamp strategy might work pretty well for this case.

Cheers.

tintin10q · October 30, 2021, 11:14am

Yeah I meant dgraph cloud. The graphql endpoints.

tintin10q · January 1, 2022, 1:59pm

@MichelDiz could you respond to me? I would like to know how I could deal with replay attacks in dgraph cloud.

MichelDiz · January 1, 2022, 4:23pm

I did, in short is “no” as far as I know, the long I have wrote above. This type of attack is unique to your application. We have no management over it.

Cheers.

awsl-dbq · January 12, 2022, 9:41am

you may need crsf token.
you can setup a protect server to do security-check and then proxy the request to dgraph server or reject it.

Topic		Replies	Views
Returning to explore dgraph, a few questions Dgraph	1	732	July 29, 2020
Feature Request: Realtime datafetching via elixir websocket - Live Graph Dgraph dgraph	1	714	September 2, 2022
Walkaraund for common database features in the doc Documentation	4	1119	December 30, 2021
Protect GQL endpoint Dgraph Cloud kind:question , dgraph	1	491	September 21, 2020
Couple of Slash GraphQL questions :) Dgraph Cloud	4	522	January 12, 2021

Does Dgraph in some way offer protection against replay attacks?

Related Topics