we run a couple of sites on the same strapi backend where users can login. we encountered an issue that when too many users login at the same time the rate limiting kicks in. this also occurs when person 1 spams the login with wrong credentials - this leads to the error with the status code 429 which prevents everyone else from logging in.
is this standard behaviour? someone else who left the company built this project and i just recently joined.
If that is standard behaviour could anyone recommend something on how to deal with it? i was thinking about ip based rate limiting for the auth/local endpoint instead of this (standard?) behaviour
This topic has been created from a Discord post (1232677112440295456) to give it more visibility.
It will be on Read-Only mode here.
Join the conversation on Discord