The following product release is planned for February 5th, 2025
We have been working with improving the back-office. Specifically, we’ve worked on improving the speed within multiple areas in the back-office.
Recently we have had some hacking attempts on our platform.
Quick overview of the hacking attempts: hacker mainly tries to exploit publicly available endpoints by querying them with a moderate number of requests. Typically, from a couple of minutes to an hour.
We have created an action plan to mitigate these attempts:
Change the request signature algorithm
Explore the possibility to obfuscate the request signature algorithm
Review hacking attempts logs to assess the impact
Implement a rate limiter (per IP per endpoint per API key) to prevent brute force attacks
Implement a WAF (Web Application Firewall) to filter out malicious requests – ModSecurity for nginx is a good choice
Revise a Content Security Policy (CSP) to prevent XSS attacks
Revise a public endpoints code to prevent SQL injection
Make the input validation for elastic search queries more strict to prevent garbage input
Add ModSecurity metrics to the monitoring system and setup alerts
Explore the possibility to implement a honeypot to distract hackers
Discuss the possibility to block / grey-list IPs that show suspicious activity