Adam Fortuna on Nostr: A 3-year old tech decision finally bit me yesterday: making Hardcovers book cover ...
A 3-year old tech decision finally bit me yesterday: making Hardcovers book cover images public in our Google Cloud Bucket.
Someone used this opening to download up to 10k covers a second… for 8 hours. We don’t even have that many images!
Luckily it was only a $300 mistake. Yesterday I quickly made all images private, switched to using signed URL, and created a way for API users to get access.
This is your periodic reminder to use signed URLs for all assets on GCP/S3. 😅
Published at
2024-08-14 14:09:45Event JSON
{
"id": "1e5f1d6c287aebe702d510f9718e3ae10ae683b91acfc3fe6fdf427277c075cd",
"pubkey": "5cf7f55d7d3955906288adf648774f6456ca2ef8e2248cfb05cbc86b5715bbd0",
"created_at": 1723644585,
"kind": 1,
"tags": [
[
"proxy",
"https://ruby.social/users/adam/statuses/112960771561999177",
"activitypub"
]
],
"content": "A 3-year old tech decision finally bit me yesterday: making Hardcovers book cover images public in our Google Cloud Bucket.\n\nSomeone used this opening to download up to 10k covers a second… for 8 hours. We don’t even have that many images!\n\nLuckily it was only a $300 mistake. Yesterday I quickly made all images private, switched to using signed URL, and created a way for API users to get access.\n\nThis is your periodic reminder to use signed URLs for all assets on GCP/S3. 😅",
"sig": "118b69d4ae62d5fcd57416f5ac0cb531527e1cb86e7264cb8486c9e2a416f9cda17f91dc8cfe943a69b3b442cf00f118d9a1ea37b0345f2bc375054aa7299d09"
}
