Reading your comment, it seems to me that you expose Dgraph directly to the public. This is not recommended. You should create an API between your application and your cluster and create an Auth. Or use GraphQL with Auth(free).
With that in mind, you should put Dgraph behind a firewall or use options like a reverse proxy that is able to isolate and allow access via a simple login. But in general, a total barrier is the ideal. And then you create a VPN between your machine and your cluster. That way you can access the cluster directly. A simple ngrok shall fit the case.
PS. We have plans to support Poor man’s auth soon(in endpoints like query, mutate). That will be integrated with Ratel too.