Yes, we're working on moving to Postgres.

We fixed the issue by queuing the request via RabbitMQ. 

The hacker tried to perform the same attack within minute of us coming back online but failed, gave us a real-time feedback that our fix worked.

We're back online! Thanks for your support and advice.



mega_dreamer

oracle

🚨 Important Announcement from Predyx 🚨

> But we also have rate-limit per user-id to mitigate the multiple IPs.

Ah, sounded like you rate-limit the combination

> Maybe we need to switch to a transactional db like MySQL or Postgres.

Sounds like the right move