zll600 commented on issue #10845: URL: https://github.com/apache/apisix/issues/10845#issuecomment-1898009100
> > You can also use the [rate limiting plugin ](https://docs.api7.ai/apisix/getting-started/rate-limiting#:~:text=For%20example%2C%20you%20can%20configure,excessive%20requests%20from%20web%20crawlers.) to prevent potential DDOS attacks > > What about SQL injection prevention capabilities? Are there related plugins available? maybe you can try coraza. Coraza support the `SQL Injection` prevention capabilities refer: https://github.com/corazawaf/coraza > 🔥 Security - Coraza runs the [OWASP Core Rule Set (CRS)](https://coreruleset.org/) v4 to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Note that older versions of the CRS are not compatible. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
